Security holes in XP

[blankman]

Can someone please help me make since of all the negative news lately about Windows XP and the Universal Plug and Play hole? Why does the media always bash Microsoft whenever they put out a hot fix for issues like these? I think we are moving forward when things like that are discovered. Am I wrong to think that people will always find new ways to break into computers and the networks that they are on?

 

[Ritchie]

Well, the reason the media/computer community make such a big deal of things like this is because it is a big deal.

If you think that in 2 years a huge percentage of computers around the world will be running XP, and any one of them can be the equivalent of "rooted" very easily the repercussions are huge. Someone remotely controlling an XP machine in a government office ? That would scare *ME*!

Bashing microsoft is also a favourite pastime of a lot of people. I find it hard to be neutral sometimes as my job as a sysadmin involves continuous updating of flaws in MS products. Linux is Linux, Windows is Windows - you can't force people to love both so MS bashing is inevitable as their products tend to adopt less-than-optimal solutions to problems. There approach to bugs annoys alot of people too. You have to *PAY* to report a bug to microsoft - we are not so much moving forward as plastering the cracks.

You are not wrong thinking people will always hack - hell there are professional hackers nowadays - new products always bring flaws, it's just that microsoft suffers the most as they own most of the OS marketplace therefore exposing the computer illiterate to serious security holes.

Ritchie.

 

[Lonman]

You ain't seen nothin yet. Wait until some of Steve Gibson's predictions start coming true. That's what will give XP and Microsoft a black eye.

But yeah, I think there are individuals whose sole purpose in life seems to be finding weakness and exploiting it, just because they can. I'm not into the hacking/cracking/spoofing scene so I can only imagine what the pay-off could be for this kind of behavior - a sense of power and control is my guess.

The real problem is that there are a very few highly talented individuals who have the true ability to call themselves hackers, and then a buttload of wannabes just grab up all scripts and viruses and trojans and deliver them to an unsuspecting internet community.

Personally, I think a real hacker hacks to test personal theories, but in his pride he lets his work slip out and that's when the script kiddies and social malcontents grab onto his shirt-tails and gain recognition.

I'll stop now before i give myself a headache.

 

[Speed4Ever]

While I agree that MS products do tend to have some glaring security issues, I doubt this would be alleviated by other OSes if they were in the position Windows is today.

Linux tends to be more secure, becuase it isnt as well known, and has only a fraction of the user base. If things were switched around, I'm fairly certain Linux would have more than its share of headaches. Malicious hackersare obviously going to go after the larger denominator, because its more likely to succeed on a larger base, and because home users arent likely to know as much about security as the Linux base, since you almost need a degree in computing to even get Linux to run properly.

Frankly, these things are bound to happen, because the consumer requires more and more features as time goes on. Adding more features will almost definitely lead to more bugs, including security leaks. While MS may be biting off more than it can chew, I dont know any other company out there that can do the same job any better. Tell me of one company that can, and I'll eat crow...