If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#1
|
|||
|
|||
infection rate: xp vs w7
Hi All,
You guys see this? http://www.forbes.com/sites/gordonke...ays-microsoft/ Sort of makes you think about the accuracy of "conventional wisdom". -T |
Ads |
#2
|
|||
|
|||
infection rate: xp vs w7
On 12/21/2014 04:23 PM, Todd wrote:
Hi All, You guys see this? http://www.forbes.com/sites/gordonke...ays-microsoft/ Sort of makes you think about the accuracy of "conventional wisdom". -T Interestingly enough I am getting more infected machines from Win7 users than I am from XP users...but it seems to be related mostly to the person's browsing habits |
#3
|
|||
|
|||
infection rate: xp vs w7
On 12/21/2014 02:46 PM, philo wrote:
On 12/21/2014 04:23 PM, Todd wrote: Hi All, You guys see this? http://www.forbes.com/sites/gordonke...ays-microsoft/ Sort of makes you think about the accuracy of "conventional wisdom". -T Interestingly enough I am getting more infected machines from Win7 users than I am from XP users...but it seems to be related mostly to the person's browsing habits 1+ |
#4
|
|||
|
|||
infection rate: xp vs w7
Todd wrote:
You guys see this? http://www.forbes.com/sites/gordonke...ays-microsoft/ Sort of makes you think about the accuracy of "conventional wisdom". Looks more like the effect of statistics on a bigger audience along with targeting by the malcontents at the bigger audience. http://en.wikipedia.org/wiki/Usage_s...rating_systems Windows 7 is the target favored because it has more users. Vista looks good in your article because, gee, not a lot of users there so a pitiful OS segment to target. While not quite as bad as Vista, XP (has become) and 8 are also low-volume targets. If you're a terrorist and have a batch of Anthrax, do you mail your white powder letters to residents of some hick town in the middle of nowhere or to residents in a large metropolis? |
#5
|
|||
|
|||
infection rate: xp vs w7
On 12/21/2014 07:28 PM, VanguardLH wrote:
Todd wrote: You guys see this? http://www.forbes.com/sites/gordonke...ays-microsoft/ Sort of makes you think about the accuracy of "conventional wisdom". Looks more like the effect of statistics on a bigger audience along with targeting by the malcontents at the bigger audience. http://en.wikipedia.org/wiki/Usage_s...rating_systems Windows 7 is the target favored because it has more users. Vista looks good in your article because, gee, not a lot of users there so a pitiful OS segment to target. While not quite as bad as Vista, XP (has become) and 8 are also low-volume targets. If you're a terrorist and have a batch of Anthrax, do you mail your white powder letters to residents of some hick town in the middle of nowhere or to residents in a large metropolis? HI Vanguard, Great analysis. I would add that ease of infection is also a factor. And, if you are looking for "security through obscurity", you would want to avoid those operating systems that are high on the bad guys list. Linux and Mac would qualify. iOS seems to be off the bad guys radar too, although it is not very obscure anymore. Plus I would guess Android would be on the top of there list too, especially since it "seems" to be easy to hack. My favorite hack of all time is an Android hack: http://www.intomobile.com/2013/08/06...vulnerability/ "Attackers could cause the unit to unexpectedly open/close the lid, activate bidet or air-dry functions, causing discomfort or distress to user." But for "easy of hack", Windows still seems to be the choice. And as Philo points out, their browsing habits have a lot to do with it. As a PCI tester, I have to second Philo big time. I spend endless hours tightening things up that will probably never be attacked. The PCI standards don't really address where the attack will typically come from: your browsing and eMail habits, which are insane to have on a Point of Sale system. One has to remember that the bad guys are by definition "lazy". They go for the easiest entry point, which gets back to Philo's point. -T |
#6
|
|||
|
|||
infection rate: xp vs w7
On Sun, 21 Dec 2014 16:46:04 -0600, philo* wrote:
On 12/21/2014 04:23 PM, Todd wrote: Hi All, You guys see this? http://www.forbes.com/sites/gordonke...ays-microsoft/ Sort of makes you think about the accuracy of "conventional wisdom". -T Interestingly enough I am getting more infected machines from Win7 users than I am from XP users...but it seems to be related mostly to the person's browsing habits Correlation is not the same as causality. |
#7
|
|||
|
|||
infection rate: xp vs w7
mechanic wrote:
On Sun, 21 Dec 2014 16:46:04 -0600, philo wrote: On 12/21/2014 04:23 PM, Todd wrote: Hi All, You guys see this? http://www.forbes.com/sites/gordonkelly/2014/05/12/ windows-7-and-windows-vista-more-at-risk-to-viruses-than-windows-xp-says-microsoft/ Sort of makes you think about the accuracy of "conventional wisdom". -T Interestingly enough I am getting more infected machines from Win7 users than I am from XP users...but it seems to be related mostly to the person's browsing habits Correlation is not the same as causality. The numbers in the graphs, don't differ enough to form a cheering squad. The OS still has all its attack surfaces (they didn't get rid of ActiveX). If would have been more interesting, to see how much improvement comes from using ASLR (turned on by EMET). And whether the infection rate drops or not. http://en.wikipedia.org/wiki/Address..._randomization Paul |
#8
|
|||
|
|||
infection rate: xp vs w7
Paul wrote:
If would have been more interesting, to see how much improvement comes from using ASLR (turned on by EMET). And whether the infection rate drops or not. http://en.wikipedia.org/wiki/Address..._randomization ASLR is already in Windows 7; however, whether it gets used depends on how an application was compiled (it they used the /DYNAMICBASE linker flag). There was an update (http://support.microsoft.com/kb/2639308) to force ASLR on apps not compiled to use it. Admittedly it is probably easier to use EMET (although you'll have to figure out why some programs misbehave to determine how to configure EMET) than doing registry edits. ASLR is included in Windows 7. It's not available in Windows XP. You can add more protection, like with an IPS (intrusion protection system) software; e.g., EMET (make sure to get v5 although it is still susceptible to many of the old [but minorly modified] attacks) or MalwareBytes Anti-Exploit (which is out of beta but still causes too many app crashes, like in Internet Explorer). Not all of EMET's protections are usable under Windows XP. So you'd think with ASLR included since Windows Vista that 7 would be less susceptible to attack than Windows XP. That's why it looks like the volume of users is affecting the stats regarding infection: there's simply far more Win 7 users than XP users so the numbers go up. The stats shown in the Forbes article are not percentages but a volume count, so it's a misleading article. Also, I suspect XP users abandoned Microsoft's security software (e.g., Defender, MSE) and long ago have prevanently moved to more robust security software. The Forbes article doesn't mention what security softwares were used on the PCs that they scanned. If the Win7 users were just using what Microsoft gave them then, of course, they'd be more susceptible to infection. We don't know what percentage of the scanned PCs (none, some, or all of them) were end-user hosts or workstations under a domain utilitizing enterprise-grade security. There isn't sufficient information in the Forbes article to draw any conclusion from those numbers. I scrolled through the Microsoft doc to which Forbes referred but never saw the chart that Forbes put in their article. So where did they get those stats? Did I miss in Microsoft's report what Forbes claims is in there (for the chart that Forbes showed)? I did see Microsoft's definition of "computers cleaned per 1000" was what their MSRT (Malicious Software Removal Tool) had detected. That runs just once per month, gets loaded to run but disappears afterward, and relies on the user to allow it to run (for those that don't leave Windows configured to automatically download and install updates or those that manually do the updates and accept everything offered without reviewing the list). I would hardly rely on a monthly scan by a Microsoft security program (MSRT) to tell me whether I'm infected or not. |
#9
|
|||
|
|||
infection rate: xp vs w7
On 12/22/2014 2:11 PM, VanguardLH wrote:
There isn't sufficient information in the Forbes article to draw any conclusion from those numbers. I scrolled through the Microsoft doc to which Forbes referred but never saw the chart that Forbes put in their article. So where did they get those stats? The Microsoft doc referred to in the Forbes article is from May 2014. The latest document (report number 17) is what's currently found when you hit the the Forbes link. That report is from November 2014. Since XP is no longer supported, it is no longer included in the reports. At any rate, that explains why you couldn't find the chart in the document - it's a different document. |
#10
|
|||
|
|||
infection rate: xp vs w7
Moe DeLoughan wrote:
On 12/22/2014 2:11 PM, VanguardLH wrote: There isn't sufficient information in the Forbes article to draw any conclusion from those numbers. I scrolled through the Microsoft doc to which Forbes referred but never saw the chart that Forbes put in their article. So where did they get those stats? The Microsoft doc referred to in the Forbes article is from May 2014. The latest document (report number 17) is what's currently found when you hit the the Forbes link. That report is from November 2014. Since XP is no longer supported, it is no longer included in the reports. At any rate, that explains why you couldn't find the chart in the document - it's a different document. Same URL (http://www.microsoft.com/security/sir/default.aspx) but they slide in the most recent SIR (Security Intelligence Report). ARGH!!! Oh well, when I get some free time, I'll read the latest one. |
#11
|
|||
|
|||
infection rate: xp vs w7
On Sun, 21 Dec 2014 14:23:32 -0800, Todd wrote:
Hi All, You guys see this? http://www.forbes.com/sites/gordonke...7-and-windows- vista-more-at-risk-to-viruses-than-windows-xp-says-microsoft/ Sort of makes you think about the accuracy of "conventional wisdom". -T It makes me wonder of what use is a post that tells me nothing, like was AV software installed, what class of user are we talking about. I've been using various flavours of windows for years and have never been infected by a true virus. Of course, if you click on every link you can find and respond to all email you might have a different story. |
#12
|
|||
|
|||
infection rate: xp vs w7
Todd wrote:
Hi All, You guys see this? http://www.forbes.com/sites/gordonke...ays-microsoft/ Sort of makes you think about the accuracy of "conventional wisdom". -T Duh...Convential wisdom is usually a pipe dream on something written 7 months ago. Data no longer significant and only for time sampled. -- ....winston msft mvp consumer apps |
Thread Tools | |
Display Modes | Rate This Thread |
|
|