Beta

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

NYT Security Tip - Choose Non-Microsoft Products

Zonk posted more than 7 years ago | from the wise-people-over-there dept.

Security 298

Giorgio Maone writes "The New York Times article 'Tips for Protecting the Home Computer' follows a story we recently discussed about the proliferation of botnets, and contains some statements which may sound quite unusual from mainstream press, especially if targeted to home users: 'Using a non-Windows-based PC may be one defense against these programs, known as malware ... Alternative browsers, like Firefox and Opera, may insulate users ... NoScript, a plug-in utility, can limit the ability of remote programs to run potentially damaging programs on your PC'."

cancel ×

298 comments

Sorry! There are no comments related to the filter you selected.

ah yes... (-1, Flamebait)

macadamia_harold (947445) | more than 7 years ago | (#17502050)

Using a non-Windows-based PC may be one defense against these programs, known as malware

The old "security through obscurity" solution rears its head yet again...

Re:ah yes... (5, Insightful)

Aurisor (932566) | more than 7 years ago | (#17502104)

Funny, where I come from, we call that the "don't use insecure products" solution.

Re:ah yes... (4, Insightful)

cryocide (947909) | more than 7 years ago | (#17502850)

The product is only as secure as its users. If the mainstream Windows userbase switched to Linux, they'd take their bad habits (neglecting security hole patches, installing supposedly-required software to view web pages, logging in as root by default, etc.) with them. Linux would be the new hot target for malware. The same goes for OSX or any other operating system. Sure, there would be fewer holes, assuming that people made sure to apply the appropriate security patches, but we're assuming again that they wouldn't take their bad habits with them again, aren't we?

These are the people who click OK just to get the box to go away. No operating system is going to save them from themselves without removing the luxury of convenience they insist on keeping.

Re:ah yes... (4, Insightful)

someone300 (891284) | more than 7 years ago | (#17502144)

This isn't security through obscurity. Security through obscurity would be saying "I'm safe because I run Windows and it's closed source". This is the claim that uncommon software is more secure because there are less exploits. While untrue mathematically, the reality is that you are still currently less likely to be exploited when running Mac OS X or Linux since script kiddies don't really care about you so much (for the same reason game developers don't, incidentally).

Same is true for biological systems - diversity is a good thing as it is less likely to be infected with a disease. Genetic diversity implies a more robust "operating system" species that's harder to destroy. Remember all the hell around the blaster worm. Imagine that MS, Apple, RedHat, Ubuntu... only had 10% marketshare each... it'd be bad, but not nearly as bad as it was.

If you're talking about a focussed professional attack on a specific system: to be honest, the OS you're running is probably pretty insignificant; the chances are there's a simple admin error somewhere along the line.

Re:ah yes... (4, Insightful)

spykemail (983593) | more than 7 years ago | (#17502316)

It's all about diversity! If everyone has the same exact program running under the same exact OS with the same exact security flaw one blackhat can ruin millions of people's day with one little hack. Nature knows how important diversity is, hell, economic systems are supposed to know it too. It's unfortunate that Microsoft continues to be allowed to operate as an illegal monopoly based in the United States.

Re:ah yes... (3, Interesting)

Progman3K (515744) | more than 7 years ago | (#17502822)

>>This isn't security through obscurity. Security through obscurity would be saying "I'm safe because I run Windows and it's closed source". This is the claim that uncommon software is more secure because there are less exploits. While untrue mathematically, the reality is that you are still currently less likely to be exploited when running Mac OS X or Linux since script kiddies don't really care about you so much (for the same reason game developers don't, incidentally).

I don't agree: I run Gentoo; since every app I run is compiled from source for the processor architecture I am running, some classes of exploits cannot target me because even if they knew which version of a given app I am running, they can't know precisely the layout of the binary because of the personalized compilation flags I use.

It doesn't rule out exploits, but it does make it a bit harder on them.
With Windows, most of the code you have running is the exact same binary for every x86 machine.

I guess that that is a situation where LINUX is making use of "security through obscurity" and Windows is incapable of doing the same.

Ironic, isn't it?

Re:ah yes... (2, Insightful)

nolife (233813) | more than 7 years ago | (#17502212)

I think it is more the monoculture angle then it is security through obscurity. Any slight change from the default and you may not become a victim.

Re:ah yes... (2, Informative)

a.d.trick (894813) | more than 7 years ago | (#17502294)

Actually, it's more than just "security through obscurity". There are some nasty things that Microsoft products do that tend to get them into trouble (executing '.exe' files, ActiveX, etc) and makes their products more vulnerable.

Also "security through obscurity" is a valid practice, but it is not sufficient for good security. I don't tell strangers my computer's IP address (although, I'm pretty certain it would be useless to them and there are many ways to figure it out). The problem is when people are suckered into thinking that if they can't see something, nobody else can. Obscurity can be pretty effective when defending agains automated attacks too.

Re:ah yes... (3, Funny)

maxwell demon (590494) | more than 7 years ago | (#17502540)

I don't tell strangers my computer's IP address (although, I'm pretty certain it would be useless to them and there are many ways to figure it out).

Well, I'm quite open to everyone about my computer's IP address: it's 127.0.0.1 :-)

Re:ah yes... (2, Funny)

Anonymous Coward | more than 7 years ago | (#17502812)

I have dispatched a trojan to your computer, and it is deleting your hard drive as I speak. Wow, my hard drive is certainly working hard. That's funny.

Re:ah yes... (0)

Anonymous Coward | more than 7 years ago | (#17502336)

I'll bet that you have a treasure trove of Ford Pinto's and a bunch of hallogen torche lamps.

obscure, like published source code? (2, Insightful)

twitter (104583) | more than 7 years ago | (#17502538)

The old "security through obscurity" solution rears its head yet again..

Sounds like you bought the popularity lie [slashdot.org] .

Re:obscure, like published source code? (3, Insightful)

WilliamSChips (793741) | more than 7 years ago | (#17502666)

I'd say that post wasn't very eloquent but it's true [linuxmafia.com] . If you're not smart enough to realize that modern Unices are more secure by design you haven't actually looked into things. They're not optimal(a capability system would be better) but they're better than that of any Microsoft solution. Nimda attacked Microsoft Windows servers. There is no equivalent to Nimda for Apache/Unix servers even though Apache/Unix servers are more common than Windows servers.

So Markoff Doesn't Care for Microsoft (5, Interesting)

eldavojohn (898314) | more than 7 years ago | (#17502056)

... some statements which may sound quite unusual from mainstream press, especially if targeted to home users: 'Using a non-Windows-based PC may be one defense against these programs, known as malware ...
I don't find it that unusual. I mean, I recall a bunch of articles in other newspapers talking about and recommending Firefox. I've also read many magazines & seen television news on the lack of viruses on an Apple.

I must admit that initially I was a bit humored by the idea that a New York Times author had a right to caution me about computer usage. But when I looked up his credentials [wikipedia.org] , he seems to be a qualified and experienced tech writer who probably has good advice for the general public. Granted, his last recommendation: "Don't click if someone offers you something too good to be true. It is." worries me that people may be wary of certain open source projects but in the end, I'd agree that I'd tell my sister and friends just not to install anything and to ask me for specific links to programs that solve problems or fill needs.

In the end, it's a very short article and doesn't provide a very comprehensive picture of security for a home user. You may think its news that Mr. Markoff decided to push people away from Microsoft but he's only telling you the facts about the numbers. You won't have as many problems with Linux but there's no way your daughter's iPod will work with iTunes Music Store on your computer anymore. If he wanted to make this a notable article, he should have delved into trade offs and better coverage of issues.

So Markoff doesn't like the benefits of running Microsoft software. So what?

Re:So Markoff Doesn't Care for Microsoft (4, Insightful)

DJ Rubbie (621940) | more than 7 years ago | (#17502218)

In the end, it's a very short article and doesn't provide a very comprehensive picture of security for a home user. You may think its news that Mr. Markoff decided to push people away from Microsoft but he's only telling you the facts about the numbers. You won't have as many problems with Linux but there's no way your daughter's iPod will work with iTunes Music Store on your computer anymore. If he wanted to make this a notable article, he should have delved into trade offs and better coverage of issues.

While we all want people to run Free Software (at least a Free OS) all the time, it's just not practical right now. His advice could mean, use a Mac, which is what I have been recommending to people I've fixed computers for, despite the fact that Linux/BSD/GNU may be better for the long run. iTunes works with Mac, so does quite some other programs (not talking about DirectX games). The common sentimental for people who switched from Windows XP to OS X is usually, why did I used that crap before? Especially when they went to a Windows based computer for whatever reason. I recently got my mother set up on a computer (who never used one before) and I installed Linux, and she thought it was easy enough to use. For a non-power user who just casually browse the web, email, maybe Skype for VoIP, Linux is good enough. For people who are used to proprietary software and not wanting to change, OS X might be a better choice.

Re:So Markoff Doesn't Care for Microsoft (1, Informative)

Anonymous Coward | more than 7 years ago | (#17502220)

"...the benefits of running Microsoft software." Like the benefit of beeing hacked ?
There are no real benefits any longer... you can do almost the same on any of the other OS'es (Linux, xBSD, Solaris)... the only real stronghold now are gaming... the few benefits left are next to nothing compared to the security issues.

Re:So Markoff Doesn't Care for Microsoft (5, Insightful)

fyngyrz (762201) | more than 7 years ago | (#17502342)

Let me put it to you this way: I sell Windows software for a living. Not Mac-ware. Not yet. . Still, I recommend to everyone I know that they get a Mac. I can't, in good conscience, recommend Windows. Malware, yes, that's certainly a huge problem. DRM issues in Vista are another (such as degrading audio if unsigned.) Ridiculous license terms are another (no virtualization for home? Change your hardware, lose your authorization? ridiculous!) Constant reboots and restarts are another. Incorrect configuration out of the box is another - not just privileges, but what is running and what is not, what is turned on and what is not. As near as I can tell, the key Microsoft OS policy is "Wreck the user's day. Every day."

Re:So Markoff Doesn't Care for Microsoft (3, Insightful)

RobertLTux (260313) | more than 7 years ago | (#17502352)

easy way to have the Luserbase understand how to tell if a free program is good/safe

1 GPL /uses Sourceforge as a mirror farm (+points)
2 not GPL but has a Linux version or has source downloadable (+half points)
3 site has massive ads and or flash based ads (- double points)
4 site mentions in a positive way Gator/Claria Bonzi buddy weatherbug or any of the KOS programs (warm up the BGF9000 and pick up a QD glyph)

Re:So Markoff Doesn't Care for Microsoft (1)

maxwell demon (590494) | more than 7 years ago | (#17502622)

So if I write a GPLed spambot and put it on Sourceforge, it will be a good program? Or will I have to insert positive mentions of Gator/Claria Bonzi buddy weatherbug into the spam mails sent by it? :-)

Re:So Markoff Doesn't Care for Microsoft (4, Insightful)

Helldesk Hound (981604) | more than 7 years ago | (#17502366)

> So Markoff doesn't like the benefits of running
> Microsoft software. So what?

What benefits?

I am not totally convinced that automated silent virus/malware installation is a "benefit".

Re:So Markoff Doesn't Care for Microsoft (5, Insightful)

Anonymous Coward | more than 7 years ago | (#17502426)

I am not totally convinced that automated silent virus/malware installation is a "benefit".
How about the benefit of being able to waltz into your local store (WalMart, Best Buy, whatever), pick up software or a peripheral device and see that it is supported and can run on your home machine?

For some people that's the only benefit they care about.

Noscript is one of the best reasons to run Firefox (4, Informative)

Beryllium Sphere(tm) (193358) | more than 7 years ago | (#17502062)

The only usable way to control Javascript is site by site, and turning it off by default slashes a whole army of exploits out of your life. Every browser should have this functionality built in.

Re:Noscript is one of the best reasons to run Fire (4, Insightful)

Nasarius (593729) | more than 7 years ago | (#17502152)

NoScript is nice, but it could use a large default whitelist, something like the AdBlock Plus subscription options. It gets pretty tedious to allow every site manually, especially when some only break in subtle ways.

Re:Noscript is one of the best reasons to run Fire (0)

Anonymous Coward | more than 7 years ago | (#17502420)

Maybe use a whitelist that's already out there? McAfee SiteAdvisor?

Re:Noscript is one of the best reasons to run Fire (4, Insightful)

Bob54321 (911744) | more than 7 years ago | (#17502602)

I use NoScript but my wife found it very annoying that all the sites she wanted to visit would not work without having to allow them first. I don't think recommending it to the average home PC user is very helpful because they will just think that it broke Firefox.

Re:Noscript is one of the best reasons to run Fire (4, Informative)

El Cubano (631386) | more than 7 years ago | (#17502928)

The only usable way to control Javascript is site by site, and turning it off by default slashes a whole army of exploits out of your life. Every browser should have this functionality built in.

Amen to that. I use noscript and I have lost count of how many sites fail completely or outright refuse to load if JS is disabled. The number of sites which degrade gracefully is sadly quite small. If every browser had this, maybe web developers would finally get it through their thick skulls that JavaScript is best utilized to enhance the user's experience. Obviously, there are some exceptions, like AJAX applications and the like. It bugs me so much that I have never developed a site that did not degrade gracefully in the absence of JS. In fact, the only way the user would notice something was different was if they had first seen the site with JS and then later without or vice versa. Some of the worst offenders are the "major" tech companies. Try logging into Yahoo webmail with JS turned off to see what I mean.

ding! (1)

Anonymous Coward | more than 7 years ago | (#17502064)

Does this mean the main stream is finally (slowly) catching on to the reality of choices? It would make my day if the world would wake up and realize that they have options when they sit down in front of a computer.

Re:ding! (4, Insightful)

MillionthMonkey (240664) | more than 7 years ago | (#17502138)

Does this mean the main stream is finally (slowly) catching on to the reality of choices? It would make my day if the world would wake up and realize that they have options when they sit down in front of a computer.

Users don't like having to make choices about the innards of their computer; they just want shit to work.

Re:ding! (1)

Der Reiseweltmeister (1048212) | more than 7 years ago | (#17502308)

If only I had realized this before Mr. Gates, I could be the multi-gazillionaire.

Re:ding! (2, Funny)

MillionthMonkey (240664) | more than 7 years ago | (#17502590)

If only I had realized this before Mr. Gates, I could be the multi-gazillionaire.
Actually, I think you still have some time!

Re:ding! (0)

Anonymous Coward | more than 7 years ago | (#17502340)

Then why isn't the world using a Mac?

Re:ding! (3, Insightful)

Divebus (860563) | more than 7 years ago | (#17502712)

Then why isn't the world using a Mac?

They're slowly catching on but consumer's brains don't move as fast as the market. They still think Macs are stupendously expensive (they aren't) and they think Macs aren't "compatible" (whatever that means) and they think they'll be viewed as an alien outsider (which is happening less and less) and they think there's no software for the Mac (yeah, right!) and they don't think they can learn a Mac (it takes 10 minutes) and they don't think there's an alternative to the PC (stupid consumers).

I know several of people who have told me these excuses recently and they won't even (literally) walk across the street to the Apple Store to see for themselves. They don't want to know. On the other hand, after introducing a few dozen Macs to my workplace of 80 people a few years ago, about half the company has drop kicked their home PCs and bought Macs for themselves. We have more Mac owners now than PC owners in the company and most had never touched a Mac before. The only element that will actually change people's minds is experience with the product and you can watch all the old excuses quickly disappear from their comments. The number one reason they switched to Macs turns out to be "it just works".

For the ones that yell "but you can't play games", I tell them "fine, then use a PC or buy fucking Xbox - see if I care". They're the ones who criticize my preference for a Mac while I'm helping them fix their PC.

Re:ding! (3, Insightful)

Babillon (928171) | more than 7 years ago | (#17502736)

Most likely because people are cheap? Macs are prohibitively expensive in comparison to an equivilent PC (equivilent according to the enduser walking down the aisles of your local FutureShop).

Your average user doesn't know what they need a computer for, they just know they need it. So they'll just look at what the salesmen point them at, try to find something cheaper, and get it. They won't care whether or not it runs Windows or Mac (though if they think they're savvy they might swing towards one or the other).

Re:ding! (2, Insightful)

HomelessInLaJolla (1026842) | more than 7 years ago | (#17502412)

> Users don't like having to make choices about the innards of their computer; they just want shit to work

Most users never really even wanted a computer as they were sufficiently happy with snail mail and sticky notes. Wall Street in the early nineties was pretty dull and the politicians of the day really wanted something to spark up life (and profits) so the computer industry went from the realm of scientists, mathemeticians, and hobbyists to a consumer necessity nearly overnight--and not because the population (as a whole) really wanted computers. If one thinks back to the dawn of the home computing windfall, at least from what I saw, it really was a case of nothing else being hyped as much as the computer was. From a business perspective I can see ulterior motives behind this and how those motives have played out over the years. Maybe you can as well.

Once people had computers (and had sunk the $1500 into their first home system), well, now it's just a necessary evil that played better solitaire than the kitchen table.

"Honey! We paid $1500 for that thing and it's too heavy to just throw away!"

So, yes, it follows logically that people don't really want to know about the innards of their computer because, truthfully, most people never really wanted the computer to begin with. Now they're like kudzu [alabamatv.org] --they're everywhere, and they're not going away, and there's so much money in the infrastructure around them that we have to take care of them.

Re:ding! (2, Interesting)

Divebus (860563) | more than 7 years ago | (#17502446)

..the main stream is finally (slowly) catching on to the reality of choices?

Consumers are relatively stupid that way, but I think it's true that consumers in general are creating a change in the wind. Ever notice how all the consumers demand "choices" in the market, yet whenever there are multiple competitors, consumers do their best to kill off all except one and accidentally create stagnating monopolies? (see 8-track/Cassette, VHS/Beta, PC/Mac etc). Very few people will embrace more than one technology (obviously) but everyone tries to convince everyone they know to also choose the same thing they've chosen. Funny, though.

Alternative browsers = more secure? (0, Flamebait)

Myria (562655) | more than 7 years ago | (#17502108)

We hear this suggestion all the time, but the reality is that the reason Firefox and Opera are "more secure" is that there are less people using them. Their market share isn't worthwhile to the commercial malware authors.

Every "dot" release of Firefox you'll see 5 more bugs colored red, indicating an exploitable bug. Opera fixes them in secret, but it still has them. All the browsers have security problems, and it's mostly due to the complexity of all the features that have to be supported.

I hope Firefox is at least compiled with /GS and /NXCOMPAT.

Melissa

Re:Alternative browsers = more secure? (4, Insightful)

Frosty Piss (770223) | more than 7 years ago | (#17502234)

We hear this suggestion all the time, but the reality is that the reason Firefox and Opera are "more secure" is that there are less people using them. Their market share isn't worthwhile to the commercial malware authors.

Is this really true? Anecdotal pronouncements like this never seem to come with any references. Everyone says the sky is firmly in place, but how many have looked up recently? It's falling at an amazing speed!

Think about it (4, Insightful)

WindBourne (631190) | more than 7 years ago | (#17502484)

The first part is simply google for crackers interviews and see what they say. They will always tell you that they go for what is easy. Why? Because a number of them are there to make money and time is money. If the systems were equally easy to attack, then yes, go after the most numerous. But when one has so many easy points, then you persue it rather than the ones that are difficult.

The 2'nd part is compare bank robberies to 7-11 robberies. Back in the 60's, banks were robbed. BWhy? because they were easy and had lots of money. But then in the 70',s the banks took actions and made it difficult. They still had the money, but it became very difficult to rob them. So the robbers turned to convinence stores who had say a thousand dollars (acceptable), and were easy. At first 7/11 ignored it, but then their ppl were being killed. So they made it very hard for robberies to get a thing. Now, banks and 711 are == difficult, so the robbers are back after banks. WHy? Because if you are going to risk it, then go for the big score. Interestingly, the banks now limit how much money is available to the tellers as well as every teller has a loaded stash.

So what does that mean for Windows vs. OSS. While Windows is easy to crack, everybody will hit it. If ever it becomes >= to *nix in terms of security, then *nix will be hit, because overall, there is much more money on the *nix systems. And if *nix and Windows become better than mainframes, then they will turn to there because there is REAL money.

Re:Think about it (4, Informative)

WilliamSChips (793741) | more than 7 years ago | (#17502742)

In addition, in server space the numbers are much more even, and Apache/Unix servers outnumber Windows/IIS servers. Yet all the server malware is for Windows NT-based servers and not Apache/Unix based servers.

Re:Alternative browsers = more secure? (1)

catbutt (469582) | more than 7 years ago | (#17502306)

Even if what you say is true, so? Does (or should) the typical computer user care whether they are are more secure due to the superiority of the software product they are using, or due to the fact that less people are using that product?

Re:Alternative browsers = more secure? (1)

BenoitRen (998927) | more than 7 years ago | (#17502360)

Not this "Firefox is just as insecure! It's safe now because not enough people use it!" shit again.

Wladamir Palant made an excellent article on this recently: http://adblockplus.org/blog/firefox-security-the-r eal-picture [adblockplus.org]

Re:Alternative browsers = more secure? (1)

Dracos (107777) | more than 7 years ago | (#17502448)

the reason Firefox and Opera are "more secure" is that there are less people using them

I'm sick of this argument that basically amounts to security by obscurity, which everyone knows doesn't work. It also insults the Mozilla and Opera developers, who don't have the advantage of dovetailing their browser with the underlying operating system, and the disadvantage of being steered by non-technical forces such as marketing.

Almopst every browser security related story on /. for the last 2.5 years has at least one anecdote that amounts to "I replaced IE with [browser] on my [personal relation]'s Windows PC, and now they have [a better experience]". Attack vectors have nothing to do with market share.

What was the story the other day, IE unpatched for 284 days last year compared to Firefox's 9? That right there catapults the marketshare security drivel right out the window.

The reason Firefox and Opera are more secure is the design and execution of their code.

Re:Alternative browsers = more secure? (3, Insightful)

maggard (5579) | more than 7 years ago | (#17502456)

... the reality is that the reason Firefox and Opera are "more secure" is that there are less people using them.

No, the reality is most non-MS products are more secure by design.

The fact is that years ago MS adopted an insecure architecture, at the time was roundly criticized for this, and has spent the years since being every malware's convenient bitch.

It's not "'cause that is where the money is", it's "'cause the front door is open".

Furthermore playing the numbers games is a fool's contest: MS doesn't publish their problems. Other folks have partial lists (we can assume MS knows of more) and every so often MS deigns to fix some of their problems and release patches, but that in no way is equivalent of maintaining a public bug tracker. Oh, and don't for a moment delude yourself MS's public documentation covers a tenth of their errata, not even MS pretends that.

So please, next time you post, let it not be burping up this old, well debunked, trope yet again. As sad has /. has gotten recently the standard still remains well above the old smaller-target argument.

Re:Alternative browsers = more secure? (2, Interesting)

grmarkam (555423) | more than 7 years ago | (#17502486)

The reason Firefox is more secure is because when an exploit is found it's fixed, with IE it takes a long time. Last year Firefox was vulnerable to exploits for 9 days while "Internet Explorer Unsafe for 284 Days in 2006." [washingtonpost.com] They also have a nice chart showing this: http://www.washingtonpost.com/wp-srv/technology/da ily/graphics/index20070104.html [washingtonpost.com]

Re:Alternative browsers = more secure? (1)

Chandon Seldon (43083) | more than 7 years ago | (#17502562)

It's also possible that Firefox and Opera really *are* more secure than Internet Explorer.

The "attackers go for the biggest target" effect is real, but it's not the whole story. Take webservers for example - Historically, Apache has been more popular than IIS, and yet IIS has had more major security issues. Another good example is Java applets vs. ActiveX controls.

Sure, there are security bugs in all the popular browsers. Realistically, running Firefox on a Unix-derived system (i.e. anything but Windows) is going to be more secure than IE on Windows XP.

Re:Alternative browsers = more secure? (1)

raddan (519638) | more than 7 years ago | (#17502638)

the reality is that the reason Firefox and Opera are "more secure" is that there are less people using them

I'm getting tired of people parroting this argument. Sure-- if you're in the business of building botnets, you're going to look for the most bang for your buck. Windows + IE has a large install base, and so this fits your needs.

But this argument implies that there aren't architectural differences between things like IE and Firefox, or Windows and Linux, and there most certainly are.

I suspect that the reality is that the problems plaguing the Windows platform are a combination of large installations and bad code. Having worked with a number of ex-Microsoft people, and hearing their development stories, I suspect there's a lot of bad code in there as the result of design-by-committee, bureaucracy, micromanagement, and so on...

IE really is a piece of shit. If Microsoft responded half as fast to critical bugs as the Firefox team, I might be more inclined to buy your argument.

The popularity argument is stupid and wrong. (1)

twitter (104583) | more than 7 years ago | (#17502718)

We hear this suggestion all the time, but the reality is that the reason Firefox and Opera are "more secure" is that there are less people using them. Their market share isn't worthwhile to the commercial malware authors.

Why not move to the zero cost option that works better, if that's true?

It's not true, of course. Just three days ago, you might have read this [slashdot.org] about IE being naked for more than 200 days last year where Firefox was only exploitable for nine days. You might also have read about exploits for Vista being for sale before it's available [slashdot.org] , while the market share is next to zero.

The next M$ line of defense is to blame the users. Mac, Linux, even Firefox users are "savvy" and M$ users, "the masses" are somehow stupid they will tell you. Somehow, ease of use, means ease of abuse to them. This really just tells you that M$ thinks you are stupid. Mac specifically markets itself to people who are computer phobic and want nothing to do with computers. Oh but now we are back to popularity and it never ends because it's a lie.

Free software is both easy to use and more secure and the two are not exclusive.

Re:Alternative browsers = more secure? (1)

Llywelyn (531070) | more than 7 years ago | (#17502724)

This is why Apache is less secure than IIS, right?

Oh wait...

NYT is out of touch. (3, Informative)

twitter (104583) | more than 7 years ago | (#17502110)

Not use Microsoft? That's unpossible! They must be Mac or Linux users and are completely out of touch because they don't have the problems in the first place.

Seriously, it's good to see the message getting out. Another widely read, "mainstream" source, the BBC, has said the same thing already, like this [slashdot.org] . Of course, everyone without a vested interest in M$'s welfare has been saying enjoying the same for years. Sooner or later, despite billions of advertising dollars and bullshit studies, people are going to get it and real OS choice will happen. Seeing this in the NYT makes me think this is sooner than later.

Re:NYT is out of touch. (1)

Stormx2 (1003260) | more than 7 years ago | (#17502170)

You say that, but I'd say the majority of computer users use them for one thing. Doing the same thing in an entirely different way (my friend just could not understand tabbed browsing) is a steep learning curve, and a lot of people think why bothered. The more clued up users, or companies, will often take alternatives into consideration, but will simply not know enough.

Re:NYT is out of touch. (2, Funny)

dotgain (630123) | more than 7 years ago | (#17502310)

(my friend just could not understand tabbed browsing)

For about four years, neither could the IE team. It just wasn't "innovative" enough for them until a few months ago.

One thing, that's easy. (2, Insightful)

twitter (104583) | more than 7 years ago | (#17502472)

[using anything but M$] is a steep learning curve, and a lot of people think why bothered [sic].

So M$ shoved IE 7 down their throats as a forced update. Borat voice, "Is nice!" If you want a consistent interface instead of, "change for change's sake" use free software.

Back in the real world, my five year old girl is happy with Firefox. I like that her system does not have to be replaced every two years and that it does not catch porn spam or American Express pop ups. Mepis took me all of 20 minutes to install and it works with all of her favorite PBS toy sites, and many more demanding A/V playthings. I'm sure, in time, she will master other tools and that they will be nice free ones that don't change all the time.

Re:One thing, that's easy. (1)

alisson (1040324) | more than 7 years ago | (#17502726)

I use OSX and XP regularly, as well as a bit of gentoo/gnome from time to time. It's not hard. The GUIs all operate in roughly the same way. But the little differences just drive people crazy. The real reason most people use MS is because... most people use MS. It's familiar and most don't see a need to branch out. But if you started on a Mac, the same is true; you're not likely to switch without a very good reason. My wife has a hard time with Macs, my mother can't use MS to save her life. Not that it's that hard, but learning to use the dock Vs the start menu confuses them both. As a gamer, I use PCs. As a student, I use Macs. As a nerd? I use Linux(read: instal over and over again. That's the fun part ^_^) But if I could, I never would have left Macs. Do I consider OSX a better OS? Yeah. Do I recognize the lack of viruses isn't thanks to Steve Jobbs great intellect? Of course. But the real reason I stick to macs is familiarity. So yes, you can tell people the virtues of non MS producs all day. But until you let them know that 1) The alternatives are just as easy, if not easier to use and 2) There's no reason the average(non-gamer) needs to stick to windows, they won't just leave.

Re:One thing, that's easy. (1)

Stormx2 (1003260) | more than 7 years ago | (#17502768)

I apologize for the typo. Its currently 1am and I have school tomorrow, so please excuse any typos in this post too.

Don't get me wrong. I'm all for free software. I'm typing this using Firefox on Ubuntu Edgy Eft. However, I think your argument of "It's so simple a 5 year old can do it" is flawed for one big reason: The five year old isn't used to using IE. Its the same sort of vendor lockin thing... Once you use something for a long time, you get dependent on it. I'm 15 currently, and its pretty apparent in my age group of beginner/casual computer uses up to myspace freaks. Just because you've been using a computer for a long time doesn't mean you look into new things. Personally, I do, but people I know will keep using MSN Messenger and Bebo. Myspace too, unfortunately.

If you think about it, if you asked a person who'd never tried noodles or spaghetti, and said "noodles are super yummy, go with anything, cost less and fill you up more" they're bound to go with noodles. If someone has been brought up eating spaghetti, there's an increased chance they won't eat noodles, because their fear em, and will stick with the familiar and, in their perception, safe.

I know thats a bit of a poor example, but I think in this case it's the intermediate computer user who's least likely to use FOSS, not the absolute beginner or the wiz kid.

"Using a non-Windows-based PC" (0)

Anonymous Coward | more than 7 years ago | (#17502128)

Is probibly the best advice one can ever get.

Re:"Using a non-Windows-based PC" (1)

nuclearpenguins (907128) | more than 7 years ago | (#17502156)

Unless you want to play games or own a LAN-gaming center like I do. In the world of games and professional gamers Windows is king.

Re:"Using a non-Windows-based PC" (0)

Anonymous Coward | more than 7 years ago | (#17502314)

I have found Linux to be a more stable and superiour platform for hosting server based games or LAN parties, as for windows games I can't be bothered with that solitare anymore. Quake like games have always been my tipple and they run fine on Linux.

Anything else? Use VMWare.

But there again, you "own a LAN-gaming center".

"Windows is king? I think not".

does not duck head!!!

Re:"Using a non-Windows-based PC" (1)

nuclearpenguins (907128) | more than 7 years ago | (#17502450)

The store is first and foremost a computer repair/sales shop but also ended up being the largest LAN-center in my state. Want to know why I love Windows so much? It pays my bills fixing the mistakes of the OS and the people that use it. It's a cash cow. Also Valve/EA require it. What is a LAN-center without Counterstrike and the Battlefield series? That having been said, the CS clan that we sponsor has a couple of servers and they are running on Linux.

Uh oh (3, Funny)

neuro.slug (628600) | more than 7 years ago | (#17502142)

I hear Steve Ballmer got the news while visiting a chair factory. Remember to duck and cover!

Re:Uh oh (1)

IANAAC (692242) | more than 7 years ago | (#17502404)

I hear Steve Ballmer got the news while visiting a chair factory. Remember to duck and cover!

That joke never gets old.

Thanks again.

While on the surface..... (1, Informative)

8127972 (73495) | more than 7 years ago | (#17502158)

.... This advice seems sound, the reality is that EVERYTHING is exploitable. OSX for example hasn't got a lot of exploits, but you can be assured that they are coming. FireFox has exploits (or at least bugs that are exploitable) and as their user base increases, exploits will appear. All that using non-M$ products gains you is time until exploits appear in the products you choose.

Perhaps the thinking should change to using products that are reasonably secure (regardless of vendor) and using some common sense? That may be much more effective.

Re:While on the surface..... (3, Interesting)

fyngyrz (762201) | more than 7 years ago | (#17502280)

Sure, everything is exploitable, but some things are a lot harder to exploit than others, and both linux and OSX are poster children for this. To imply that OSX is, or ever will be, as vulnerable to hacks as Windows is puts you well into the "disingenuous" category, I'm afraid.

Microsoft would love everyone to think that OSX is just as vulnerable as Windows is, but the fact is, it isn't. It's a lot better organized operating system code-wise, and patches come swiftly and surely from Apple whenever anyone finds anything. Which is quite a contrast to Microsoft's approach, even if they do have a harder time patching Windows.

Re:While on the surface..... (0)

Anonymous Coward | more than 7 years ago | (#17502510)

It's a lot better organized operating system code-wise
Quite a sweeping statement, what is your evidence for this? You've read every line of the source code? You understand all of the design decisions made against the various ones made in the NT kernel?
The NT kernel is pretty nice if you take a look at its internals, it's security model is much more advanced and ambitious than the Unix model and it fixes quite a few of Unixes problems.

It's also pretty fast and completely portable, however the same can't be said for the buggy crufty exploitable userland, but the kernel developers did get quite a few things right (NTFS being another one).

Re:While on the surface..... (1)

Chandon Seldon (43083) | more than 7 years ago | (#17502592)

the reality is that EVERYTHING is exploitable

Oh really? Is that why there's only been one remote hole in the default install of OpenBSD in more than 10 years?

Sure, software has bugs. That doesn't mean that good programmers can't write software with less bugs. Further, it doesn't mean that they can't write their software in such a way that any bugs are unlikely to be security holes.

Re:While on the surface..... (1)

leenks (906881) | more than 7 years ago | (#17502838)


If you wrote an operating system that did nothing out of the box by default I'm sure you could make it bug free too ;-)

Re:While on the surface..... (1)

TheRaven64 (641858) | more than 7 years ago | (#17502872)

To be fair, a big part of the reason OpenBSD has only had one remote root hole (not one remote hole, by the way, they don't say how many remote-arbitrary-code-execution-as-an-unprivileged -user holes they've had) is that, by default, OpenBSD runs almost no services. I think OpenSSH is turned on (it was responsible for the one hole), but things like Sendmail and Apache are not. They have had, for example, remote root vulnerabilities in Sendmail that are exploitable if you are running Sendmail for anything other than local delivery.

Personally, I consider Sendmail the weakest link on OpenBSD. They have put a lot of effort in to making sure their fork of Apache does things like drop privilege and chroot itself, but sendmail is still there, running as root with access to the entire filesystem and listening for network connections. I would love to see the default install shipped with a set of systrace policies that allow it to run as an unprivileged user with no filesystem access other than mail spools and only opening SMTP and SMTPS sockets as root.

Still, it is true that they do a lot to alleviate potential problems. Most buffer overrun exploits, for example, drop from being arbitrary code execution vulnerabilities to denial of service on OpenBSD.

Re:While on the surface..... (1)

kfg (145172) | more than 7 years ago | (#17502858)

Perhaps the thinking should change to using products that are reasonably secure (regardless of vendor) and using some common sense?

Ah, well, if you put it that way the first step I would recommend is to . . . choose non-Microsoft products.

KFG

Slashdot sucks (-1, Troll)

suv4x4 (956391) | more than 7 years ago | (#17502166)

The article contains advices such as "use firewall", "use antivirus", "update your OS", "don't buy stuff from spam mails"...

Why is this on Slashdot? Is this the sort of information we need to be fed? What's next, an article describing in detail how to turn on our computers?

Re:Slashdot sucks (2, Informative)

Hymer (856453) | more than 7 years ago | (#17502292)

This is on /. not because of the that info... this is on /. because NYT is writing "MS products sucks ! don't use them.".

Re:Slashdot sucks (1)

suv4x4 (956391) | more than 7 years ago | (#17502424)

This is on /. not because of the that info... this is on /. because NYT is writing "MS products sucks ! don't use them.".

I realize that, but that's pretty sad right? Looks like we Slashdot submitters/editors/readers are just a bunch of lo-life geeks who go to a news site just to get their daily dose of "haha Microsoft sucks!" finger pointing.

Last time I realized that I stopped reading Slashdot for 7 months. It's about to happen again.

There's such a thing as "too much of Slashdot" even for a hardcore geek I guess.

Re:Slashdot sucks (1)

polemistes (739905) | more than 7 years ago | (#17502362)

It's not the information, which is common knowledge for us. It's more who is giving the information and to whom. It not as if the Pope should stand forward and say that Muhammad might have been an important prophet, but more like his brother in law did it.

Alt browser really the way to go + VMWare can help (0)

Anonymous Coward | more than 7 years ago | (#17502168)

I keep a patched 2003 desktop, and I use Opera for browsing quite nicely. I confine my web surfing to a known list mainly. If I'm really worried, I surf from a copy of Opera running inside a snapshotted VMware instance. Occasionally I get my A/V program deleting an infected file in my Opera cache. I'm sure IE would have allowed a code execute in the same instance. I noticed a recent story that indicated a lack of full disclosure on Opera's part, but I've found it a usable alternative with enough of a niche that it doesn't seem attacked. Plus its a partitioned app, it doesn't have tendrils running everywhere in the OS like IE.

Re:Alt browser really the way to go + VMWare can h (1)

EugeneK (50783) | more than 7 years ago | (#17502694)

I confine my web surfing to a known list mainly.

That's just sad. And to think for every person like the poster, there's 1000's who feel the same - who are actually confine themselves to a known list of sites they are not afraid to browse.

Yeah, right (0, Flamebait)

El Lobo (994537) | more than 7 years ago | (#17502196)

The most secure product EVER is the product that nobody uses. OK, follow the so called "expert's" advice. If everybody follows them, MS will be the most secure in the world.

Re:Yeah, right (2, Insightful)

Chandon Seldon (43083) | more than 7 years ago | (#17502626)

This claim that security holes are strictly an effect of popularity is blatantly wrong.

It's true that more security holes are exposed in popular software, but some software just has less security holes to be exposed. Building secure unix-like operating systems is a topic that a lot of people have put quite a bit of effort in to - for much longer than Windows has even existed. Both GNU/Linux and Mac OS X can take full advantage of that work, since they're Unix-like systems. Windows cannot.

Re:Yeah, right (1)

WilliamSChips (793741) | more than 7 years ago | (#17502816)

Almost nobody uses IIS and yet it's still the most insecure webserver used. Perhaps non-Microsoft products are just better designed.

Re:Yeah, right (1)

Shanep (68243) | more than 7 years ago | (#17502870)

The most secure product EVER is the product that nobody uses. OK, follow the so called "expert's" advice. If everybody follows them, MS will be the most secure in the world.

You could use the systems which get more secure with more users who are empowered (open source benefit), or you could use the system which stagnates as far as security goes, regardless of the size of the user base, because the problems can be hidden from customers.

Your choice.

PS, OpenBSD has a small user base, yet appears to be leading similar systems in terms of security. So I think security has more to do with attitude and aptitude than the number of users of a system.

Using a non-Windows-based PC may be one defense... (3, Insightful)

fyngyrz (762201) | more than 7 years ago | (#17502224)

May be? MAY be? MAY BE?

<SARCASM>Sure, I have to worry about my Mac getting co-opted into a botnet 24/7, because we all know how many active threats there are to Macs! </SARCASM>

Man, talk about "understating the case."

The honest way to put it is that running Windows is the #1 way to get yourself into trouble. Adware, outright co-opting of your resources, virus problems... Windows boxes are insecure and risky, more so than any other machine, right out of the packaging.

You want security and simplicity of use? Mac isn't just "an" answer, it is the *only* answer. You want security and not too worried about simplicity? Linux or a Mac. You willing to re-work of all Microsoft's incorrect settings, patch all the browser vulnerabilities, play the target role in the hacker version of whack-a-mole, reboot your PC every few days because MS has discovered another severe vulnerability in their spaghetti code? Buy a Windows PC. Endless entertainment for puzzle solvers who don't care about their data security or computer availability. Been there, done that, found the solution, not going back.

Re:Using a non-Windows-based PC may be one defense (1)

BenoitRen (998927) | more than 7 years ago | (#17502400)

Windows boxes are insecure and risky, more so than any other machine, right out of the packaging.

Windows XP systems, yes. Not Win9x.

Wow! Talk about complete incompetence! (0, Flamebait)

LinuxIsRetarded (995083) | more than 7 years ago | (#17502564)

Mac isn't just "an" answer, it is the *only* answer. You want security and not too worried about simplicity? Linux or a Mac.
Talk about fanboy CYA. First you state that a Mac (presumably you mean the OS X operating system, as you use it in the same breath as Linux) is the only solution, and then only a few words later you state that Linux is a possibility as well. Can't risk being modded down for not being a mindless Linux fanboy on Slashdot, can you?

You willing to re-work of all Microsoft's incorrect settings
Windows lets you create normal user accounts with limited privileges. The installation requires that you create one administrative account and then as many limited user accounts as you desire. The only incorrect settings are those you ignorantly apply yourself.

patch all the browser vulnerabilities
How is this different than any other browser (or any other application, for that matter)? All applications have defects, such as Firefox [secunia.com] , Quicktime [secunia.com] , Opera [secunia.com] , and OS X [secunia.com] . These defects need to be patched (or perhaps I should assume that you don't patch vulnerabilities in software you use- including those in OS X- because you feel there's no threat).

reboot your PC every few days because MS has discovered another severe vulnerability in their spaghetti code
Are you serious? Every few days? Considering "Patch Tuesday" occurs once a month, you would be required to, at most, reboot your machine once a month. The reboot is only required in certain circumstances because Windows won't let you update a file that's currently in use. *nix systems allow modifications to active files, but active processes still only are able to use the previous version, which can be a nightmare when applying patches. While it's a matter of preference, I know many administrators that would rather reboot a machine to ensure that all processes are using the updated library than being forced to make this determination manually.

Endless entertainment for puzzle solvers who don't care about their data security or computer availability
This doesn't say much for your technical abilities. I have been highly successful in educating the least knowledgeable computer users (read: home users) in basic security practices. It's quite simple- don't run as an administrator.

Re:Wow! Talk about complete incompetence! (1)

LinuxIsRetarded (995083) | more than 7 years ago | (#17502670)

Gotta love Slashdot. The grandparent makes ridiculous claims about the indescribable complexity of the Windows security model and alleges that constant reboots are required, yet is modded Insightful. When someone presents evidence to the contrary, however, that post is modded as Flamebait. Goooooooooooooooooo fanboys!

Re:Wow! Talk about missing the point (2, Insightful)

fyngyrz (762201) | more than 7 years ago | (#17502702)

First you state that a Mac (presumably you mean the OS X operating system, as you use it in the same breath as Linux) is the only solution, and then only a few words later you state that Linux is a possibility as well

I see you are having reading comprehension problems. Read again. Slowly. You may be able to determine that those are two different statements, with two different sets of requirements.

This doesn't say much for your technical abilities. I have been highly successful in educating the least knowledgeable computer users (read: home users) in basic security practices.

You know what? I don't have to "educate" users I point at Macs, because Macs work and are secure out of the box. Also, I don't mind in the least being characterized as a fan of systems that work. Don't worry too much about my technical abilities; I've been writing code and designing computer hardware since the early 1970's. One of the consequences of that is I am quite familiar with Windows, *nix, old Apple systems, OSX, and a bunch of earlier operating systems as well. And if there's one constant that's been the same since day one, it is that the less the user needs to know to use the computer safely, the better off they are.

You like Windows? Fine and dandy. I don't. I won't recommend the OS as a primary operating environment any longer under any circumstances. Virtualized in a sandbox, yes - when you need a particular application. Otherwise, no.

Microsoft Astroturf (5, Interesting)

PavementPizza (907876) | more than 7 years ago | (#17502238)

There's only been 9 comments on this story at the time of this writing, and yet the following tags are already up: "flamebait, nytfud, troll". These guys work fast, don't they? What's flamebait, trolling, or FUD about this article? Avoiding Microsoft products is a perfectly prudent move, if you can. Is it untrue to say that Mac and Linux users are safer on the internet than Windows users, or that Opera or Firefox users are safer on the internet than Internet Explorer users? Far from it. It's demonstrable fact.

Re:Microsoft Astroturf (1)

PavementPizza (907876) | more than 7 years ago | (#17502262)

...and just like that, they're gone.

Re:Microsoft Astroturf (1)

lachesis-jp (886896) | more than 7 years ago | (#17502328)

Well since he is the guy that overhyped Kevin Mitnick case so he could make a profit selling his book and as a result got Mitnick to spend an unfairly long time in jail, I don't find it strange that's he's not liked too much on slashdot.

Deep Freeze (2, Interesting)

Anonymous Coward | more than 7 years ago | (#17502298)

Our school installed Deep Freeze and all the virus/malware problems just went away. Basically, users can't install programs. If they try, the programs go away when the computer is rebooted. All the computers reboot themselves at midnight. So, a virus might last a few hours but it's gone the next day. A couple of years ago the network was down for a few days while the IT guys eradicated a virus. Since Deep Freeze there have been no such problems. I'm surprised that more people don't use it.

Re:Deep Freeze (1)

Llywelyn (531070) | more than 7 years ago | (#17502796)

Your school doesn't have a computer science program, does it?

NYT Security Tips (1)

westlake (615356) | more than 7 years ago | (#17502318)

The article runs to five, short, selectively quoted, paragraphs. There isn't a lot of meat on these bones, nothing, really to raise the spirits of those posting here.

The essentials, with emphasis added:

Botnet programs and other malicious software largely take aim at PCs running the Microsoft Windows operating system, because Windows' ubiquity makes it fertile ground for network-based attacks.

Using a non-Windows-based PC may be one defense against these programs, known as malware; in addition, anti-malware programs and antivirus utilities for the PC are available from several vendors. Windows users should use the Windows Update feature.

Microsoft itself entered the computer-security business last year and now offers a free malware-removal tool for download from its Web site. The company says the program removes about two million pieces of malware each month, of which 200,000, or about 10 percent, are botnet infections.

Like Windows, Microsoft's Internet Explorer browser is also a large, convenient target for code-writing vandals. Alternative browsers, like Firefox and Opera, may insulate users. Microsoft's most recent browser release, Internet Explorer 7, is said to offer significantly improved defenses.

Adding software to your browser like Noscript, a plug-in utility, can limit the ability of remote programs to run potentially damaging programs on your PC.

Re:NYT Security Tips (0)

Anonymous Coward | more than 7 years ago | (#17502458)

Microsoft itself entered the computer-security business last year and now offers a free malware-removal tool for download from its Web site. The company says the program removes about two million pieces of malware each month

Doesn't it strike anyone as funny that a company can make additional money securing its own product?! And furthermore can proudly boast how it removes two million a month? Two million! Good grief - using a Microsoft operating system must be a bit of a lottery...

You people just don't understand the paradigm (4, Funny)

straponego (521991) | more than 7 years ago | (#17502396)

Microsoft wants to empower its users, and everyone else, for that matter. Don't you see how convenient it is that MS products execute treat every piece of data they ever come into contact with, no matter where it's from or whether it's a video, sound file, Office document, image-- whatever!-- as an executable? It's just like how you pick up every piece of garbage you see and put it in your mouth because it might be food. That's the taste of Freedom!

Microsoft products (1)

umassthrower (1048224) | more than 7 years ago | (#17502402)

It's been proven that Microsoft has dominated the market not by creating a superior product, but by superior (often times unethical) business practices. Their goal is to do whatever it takes to dominate the market and this is a result of that. The fact of the matter is that many Microsoft products are infact lacking in areas that they didn't need to focus on in order to gain market superiority. Competitors then need to target a different market and create a superior product in order to attempt to compete with Microsoft products. Do OS X and Linux, firefox and Opera seem to have less faults than they actually do because less people use them? Yes. Is that the only reason? No. Don't simply dismiss non-microsoft products based on the fact that they don't control the majority of the market.

AWESoME fp (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#17502518)

bring your own OS I do, be3ause

Theres ways to secure windows (1)

gsn (989808) | more than 7 years ago | (#17502528)

Closing unnecessary open ports, turning off javascript, using a firewall, running windows update and keeping your virus definitions current, running some anti-spyware software once in a while, not downloading anything from anywhere of the net and running it on your computer willy nilly, not clicking links in emails from sexylaura123@ebay.securelogin.com or the like that remind you of the great time you had last Saturday and most of all not running in a fucking administrator account will do wonders at securing windows. Frankly I think telling users to do that, rather than tell them to switch to Non-MS software which they often can't and probably won't do anyway is a little more useful.

not a real solution (0)

Anonymous Coward | more than 7 years ago | (#17502572)

once again the solution is to drop everything and either rebuy hardware or hope that linsux supports your current hardware.

whatever happened to simple security solutions that made sense that people could do today without added expense? i've never had a virus/malware. i keep my computers behind a firewalled router (with very little configuration work), i keep them updated and i run AVG.

damn, that was hard.

Anyone here watch Drawn Together? (2)

Progman3K (515744) | more than 7 years ago | (#17502636)

This is where the animated characters take on faces like donkeys and go "well, DUH!!!!!!!"

On fark, They'd be paging Rick Romero...

NoScript is great, except... (3, Informative)

trawg (308495) | more than 7 years ago | (#17502646)

.... probably 80%-90% of the websites I visit REQUIRE me to enable scripting before I can use things like navigation elements, which are a little crucial. Some of the more lame ones (like http://www.channelgo.com.au/ [channelgo.com.au] ) actually successfully load all the content, then it detects I don't have Javascript, and redirects me to a page telling me I need to reenable Javascript!

I like the extra feeling of security I get using NoScript, but I'm pretty close to ditching it because the pain of having to enable and reload every website I visit just to do something like be able to click on an 'about' or 'FAQ' link is too much.

Re:NoScript is great, except... (1)

gsn (989808) | more than 7 years ago | (#17502874)

Try QuickJava so you can turn javascript on and off a little easier - the annoying thing is that flashblock wants javascript on so even that isn't quite ideal.

Meh. (1, Insightful)

Anonymous Coward | more than 7 years ago | (#17502700)

For the technically savvy, it's probably a good tip. However, do you expect the same people who constantly get infected with the malware-of-the-day on Windows to be able to properly administer Linux / OSX / BSD / whatever else? They won't lock it down, get security updates, or do anything else. It is possible to operate Windows securely (though it would probably be safer just to forget Internet Explorer even exists). If there are millions of Linux computers out there and nobody is securing them or updating them (as is the current situation with Windows), how long do you think it would take for these scumbags to redirect their efforts? The only real defense is education, but we all know that is totally doomed to failure.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?
or Connect with...

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>