Between the Lines

Larry Dignan, Andrew Nusca and Rachel King
Home / News & Blogs / Between the Lines

Microsoft's intelligence security report: The top 5 takeaways

By | April 8, 2009, 2:15am PDT

Microsoft on Wednesday will unveil its sixth Security Intelligence Report and the tome—all 184 pages of it—has a lot of interesting data points culled from the software giant’s antivirus applications. Microsoft concludes that rogue security software is a big threat, lost and stolen equipment is a bigger issue than hacking and PDF and Office extensions are leading vectors. 

But we knew a lot of that already. We also know that Adobe’s monoculture and the patch cycle is less than perfect.  

Here’s a look at my top five takeaways from the full Security Intelligence Report

1. Vulnerabilities (and the reaction to them) vary based on whether the target is at work or home. Based on data provided by its enterprise Forefront Client Security and consumer Windows Live OneCare, Microsoft found that vulnerabilities are very different. Why? A corporate user may have email and Internet limitations that reduce the attack surface. A home user has more software tools to be infected. 

Simply put, a home user is likely to get hit with a trojan attack. In the enterprise, the weapon of choice is that worm attack. 

 

The biggest difference between enterprise and home vulnerabilities is social engineering. Microsoft explains:

The Windows Live OneCare list also includes several families associated with rogue security software, such as Win32/Renos, Win32/FakeXPA, and Win32/Antivirus2008. The social engineering messages used in connection with rogue security software may be less effective in an enterprise environment, where malware protection is typically the responsibility of the IT department…By contrast, the Forefront Client Security list is dominated by worms, like Win32/Autorun, Win32/Hamweq, and Win32/Taterf. Worms rely less on social engineering to spread than categories like trojans and downloaders do, does and more on access to unsecured file shares and removable storage volumes, both of which are often plentiful in enterprise environments.

2. Users don’t always remove unwanted software: There’s appeal in the “ignore” button. Microsoft explains one nuance of the malware issue:

Software cannot always be classified in binary terms as “good” or “bad.” Some software inhabits a gray area wherein the combination of behaviors and value propositions presented by the software is neither universally desired nor universally reviled. This gray area includes a number of programs that do things like display advertisements to the user that may appear outside the context of the Web browser or other application and which may be difficult or impossible to control.

Microsoft’s scans allow users to ignore a security alert, allow software to remain, issue a prompt, quarantine or remove it. 

If software is really malicious it is removed without user input. The gray areas appear when users have a choice. Microsoft adds:

These decisions are influenced by a number of factors, such as the user’s level of expertise, how certain they feel about their judgment regarding the software in question, the context in which the software was obtained, societal considerations, and the benefit (if any) being delivered by the software or by other software that is bundled with it. Users make choices about what to do about a piece of potentially unwanted software for different reasons, so it’s important not to draw unwarranted conclusions about their intent.

Threats dubbed moderate or low are often ignored by users, who think that there’s value in the software. These threats are keepers based on user behavior:

3. Rogue security software gains momentum. The concept of rogue security software is pure genius. Malicious hackers prey on fears of users, cook up bogus security software and extract payments to keep your PC running. Microsoft notes that rogue security software is becoming a hot category. Microsoft reports:

Rogue security software authors have long attempted to exploit this trust by giving their programs generic, anodyne names, like “Antivirus 2009,” and making them resemble genuine security software in many ways. Recently, many threats have taken this approach a step further, posing as components of the operating system itself or as a familiar search engine. One of the first families observed to exhibit this behavior was Win32/FakeSecSen, which was added to the MSRT in November 2008 and was the eighth most prevalent family in 2H08 overall. Win32/FakeSecSen adds an icon to the Control Panel named Vista AV or MS AV and fraudulently uses the same four-color shield icon as the Windows Security Center. Double-clicking the icon launches the rogue software, which claims to detect a large number of nonexistent threats and urges the user to “activate” the software by paying for it.

Win32/Renos is a longtime threat that delivers rogue security software was the most prevalent threat in the second half of 2008. Two new trojans–Win32/FakeXPA and Win32/FakeSecSen was the seventh and eight most prevalent family class.  

4. Social networking phishing attacks represented less than 1 percent of attacks, but yielded a big chunk of phishing impressions. Translation: Social networking sites will remain a big phishing target. 

Microsoft explains:

A typical social network phish is likely to trick an order of magnitude more users than a typical financial phish. There are a number of explanations for this discrepancy. While financial institutions targeted by phishers can number in the hundreds, just a handful of popular sites account for the bulk of the social network usage on the Internet, so phishers can effectively target many more people per site. In addition, phishers often use the messaging features of the sites themselves to distribute their attacks, typically by gaining control of a user’s account and using it to send phishing messages to the victim’s friends. These attacks can be much more effective than e-mail–based attacks, because they exploit the considerable level of trust users place in their friends.

Take a look at:

And.

5. Malware is dominant in the U.S. and accounted for 67 percent of all infected computers. Trojans—the miscellaneous variety–were detected on 29.4 percent of infected computers. Among other items:

Five of the top 20 families detected in the United States in 2H08 (Win32/Renos, Win32/FakeXPA, Win32/FakeSecSen, Win32/Antivirus2008, and Win32/Winfixer) download rogue security software or display misleading warning messages to convince users to purchase a program that supposedly removes spyware.

Here are the top five individual threats:

Trojan downloaders and droppers were detected on 24.4 percent of all infected computers.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Between the Lines”

Topics

Software, Trojan Horse, Microsoft Corp., Security Software, Win32/Renos, Win32/FakeSecSen, Phishing, Cyberthreats, Tools & Techniques, Spam, Security, Viruses And Worms, Spam And Phishing, Management, Larry Dignan

Larry Dignan is Editor in Chief of ZDNet and SmartPlanet as well as Editorial Director of ZDNet's sister site TechRepublic.

Disclosure

Larry Dignan

Larry Dignan has nothing to disclose. He doesn’t hold investments in the technology companies he covers.

Biography

Larry Dignan

Larry Dignan is Editor in Chief of ZDNet and SmartPlanet as well as Editorial Director of ZDNet's sister site TechRepublic. He was most recently Executive Editor of News and Blogs at ZDNet. Prior to that he was executive news editor at eWeek and news editor at Baseline. He also served as the East Coast news editor and finance editor at CNET News.com. Larry has covered the technology and financial services industry since 1995, publishing articles in WallStreetWeek.com, Inter@ctive Week, The New York Times, and Financial Planning magazine. He's a graduate of the Columbia School of Journalism and the University of Delaware.

For daily updates, follow Larry on Twitter.

43
Comments
Add Your Opinion

Join the conversation!

Just In

RE: PCs like an Automobile...
gdstark13 13th Apr 2009
So in your vision of computer technology, a lack of training is the problem? As an engineer I look at it differently. While training can helps, I still see computers as WAY more fragile than they need to be. You can get malware infections just by visiting the wrong website. Or opening an email message from family or friends. My opinion as a software engineer is that there's still a great deal that can be done to make computers more durable, less able to "crash" if we continue the driving analogy. And it's not even that difficult. We simply need to protect the bits that aren't supposed to change with hardware. Getting a malware install should be as impossible as leaving your keys in the ignition while it's still in drive. Or locking up the wheels in a hard stop (anti-lock breaks).

You can see hints of this sort of design with Dell's "latitude-on" feature, an ARM-based processor subsystem.

While I know you still see education as the solution, you need to remember that we're not just up against natural events (fail harddrives, etc) but rather we're up against organzied crime who are VERY motivated towards creating traps for the consumer. That's not the case with automobiles. Bottom line...a million times more people will have computer crashed today than automobile crashes. And I don't see education as the primary solution.

gary
View in thread
0 Votes
+ -
what OS??
blackhawk556 8th Apr 2009
Sorry if I missed it, but I wonder what system got hit the most, XP or vista??

what was their percentage?
0 Votes
+ -
XP, by far.
TheTruthisOutThere@... 8th Apr 2009
Hi,

There is a graph at the top of the actually report that shows exactly that (http://www.microsoft.com/security/portal/sir.aspx)

The report also says that the infection rate on the lastest SP of Vista is 60% lower than the latest SP (SP3) on XP. Looking at the graph, all XPs account for about 70-80% of all infections. (Note that the data is for Microsoft OSs only)
0 Votes
+ -
Where is infection rate defined?
aeriform 8th Apr 2009
It annoys me when people put graphs up but fail to define what the numbers actually represent.

Does infection rate mean:
-average number of infections per PC in the last time period
-total number of infections in the last time period
-some proprietary way of looking at infections

Neither the graph or the surrounding text tells you and it can make a big difference in determining what is actually being represented by the graph. Also, I would expect that people that are using Windows XP compared to those using Windows server have very different mind sets when it comes to security. Which leads me to question the security mind set of Windows 2000 users as compared to Windows XP users.

The chart and map that follow are less ambiguous.
0 Votes
+ -
RE: XP, by far
pubmonster 8th Apr 2009
As someone else pointed out, are those numbers normalized to "per computer", or a percentage of the total? And does anybody know the breakdown of XP versus Vista machines out there? And please, don't start the whole "I'm not running Windows, so this doesn't apply to me, but I'll gloat anyway" crapolla
0 Votes
+ -
2. Users don?t always remove unwanted software
ejhonda 8th Apr 2009
Figure 54 is a curious inclusion in this discussion. Some of those applications I recognize - UltraVNC and Dameware Mini Remote Control - are legitimate remote control applications. So unless the PC owner hasn't intentionally installed those programs, then of course the owner is going to want to ignore them in a scan for malware.

Seems odd to include legit remote admin products in with adware items, especially if your intention with the statistics is to show users are ignoring warnings. In this case, some of those should legitimately be ignored...
0 Votes
+ -
Most home users
mdemuth 8th Apr 2009
don't use remote admin products. It is good that MS at least flags them.
The problem isn't those that say "yes, I know what that is and I want it", it is those that say "I have no idea what that is, but I'll leave it just in case"

0 Votes
+ -
Don't agree
mswift@... 8th Apr 2009
How many home users have you talked to that said this: I had a problem so I called the computer company and they did something across the internet and it works now.
I can tell you that every member of my extended family has a VNC client installed so that I can help them quickly and easily. I bet most people posting on this board have similar situations.
0 Votes
+ -
The biggest security risk is...
SteveMak 8th Apr 2009
The biggest security risk is the human in the driver's seat.

"I didn't know I shouldn't click the 'YOU ARE A WINNER!!!!' banner"... "How should I know I was downloading a bad program?"... "I'm running Symantec. It should have fixed it. It's Symantec fault." ..."I dunno! It just happened."... "IT manages this laptop -- THEY should have done something to prevent this."

Ignorance + Lack of Accountability = Unhappy Experience.

Simple. True. Sad.

It seems that those who have a high degree of proficiency on their PC, also have an understanding of how to avoid or mitigate risks, and how to address issues when they arise.
0 Votes
+ -
RE: The biggest security risk is...
gdstark13 8th Apr 2009
I don't agree. The customer is always right. This is a case of poor engineering design. If the OS was designed correctly, specifically to not allow overwrites of critical areas, most of this problem would go away.

gary
0 Votes
+ -
"Critical areas"?
omdguy 8th Apr 2009
I can only assume you mean things like the %SystemDir%; %winDir%; %programFiles% variables, correct (I'm assuming Windows here). If the OS were to block any files other than signed, system files to be written here, app compat goes completely out the window and so now where is the user, even more frustrated.

Microsoft could make the most absolute secure version of Windows that didn't allow this, or several other behaviors, but in the end the user would be stuck in an experience that would frustrate them.

So by saying "if the OS were designed correctly" is a vague, uneducated statement since everyone's defeinition of "correctly" varies.

Pat
0 Votes
+ -
RE: "Critical areas"?
gdstark13 8th Apr 2009
Pat,

The experience should be something like this: To install the OS, you insert a chip titled "Windows" or "UNIX" into the system. Installation done. To install an app, you simply plug another chip in ("Office", "Quicken", etc). Installation done. To uninstall the app, you simply unplug it. Clearly this doesn't mean nothing can go wrong, but it does mean the ROM-resident code CANNOT be overwritten by malicious code (or by stupid users doing stupid things). Of course you would still need to backup data files.

My background is in embedded applications, specifically arcade games and consumer games. That exposure made it clear to my why Windows can never be secure. The current security model relies on the goodguys ALWAYS being smarter than the badguys. That's just not a realistic assumption.

gary
0 Votes
+ -
AV program weakness
Spats30 8th Apr 2009
In my experience, even in the Enterprise, I
agree with you that even if the user clicked on
something they shouldn't have, they have an
expectation that their AV will pick off these
kinds of threats. And from what I've seen, the
AV programs have not been doing a good job.
0 Votes
+ -
Well then it's a good thing Windows was designed to do...
ye 8th Apr 2009
If the OS was designed correctly, specifically to not allow overwrites of critical areas, most of this problem would go away.

...exactly this.
0 Votes
+ -
RE: Well then it's a good thing Windows was designed to do...
gdstark13 8th Apr 2009
Clearly there's a large gap between "designed" and "accomplished".

gary
0 Votes
+ -
There sure is. And Microsoft did an excellent job at...
ye 8th Apr 2009
...closing that gap.

0 Votes
+ -
RE: There sure is. And Microsoft did an excellent job at...
gdstark13 9th Apr 2009
As someone in IT I'd have to disagree. Way too many infected, messed up computers in the world.

gary
0 Votes
+ -
So you're one of those clueless IT people.
ye Updated - 9th Apr 2009
As someone in IT I'd have to disagree. Way too many infected, messed up computers in the world.

Making such a statement proves as much. Let me guess: Your idea of protecting a Windows system is to use third party "solutions".
0 Votes
+ -
RE: So you're one of those clueless IT people.
gdstark13 9th Apr 2009
ye, are saying there's no security problem?

gary
0 Votes
+ -
Ye lives in the twilight zone
i8thecat 9th Apr 2009
And even in there, he still wears his crash helmet.
0 Votes
+ -
Security Risk, Part II: PEBKAC
SteveMak 9th Apr 2009
PEBKAC = Problem Exists Between Keyboard And Computer (that's the User, BTW)

Just some more food for thought:

(1) The problem with building an idiot-proof computer is that nature always comes along with a better idiot.

(2) I'm a terrible Internet Slut. Web surfing, P2P, FTPing, downloading. And yet, my PCs have never been myseriously infected. Well, to be candid, a couple of the apps I have downloaded over my lifetime turned out to be "less than honorable". My bad. I fixed it. I moved on.

Generally, my machines are pristine, reliable, and speedy, year after year. Mostly PCs, plus a Mac. No problems. "But that's not a fair comparison" people tell me. "You work on computers, so you know what to do..."

And that's just my point! If an untrained person gets into an airplane, and then crashes it, I don't care if they've managed to take off and land dozens of times before. "Lack Of Traning" played a key role in the incident. I don't blame the environmental conditions, or the airplane manufacturer for not making planes "as they should" (i.e., planes that don't crash) -- I put the blame squarely on the untrained operator's shoulders, who was foolish enough to attempt to operate an aircraft, unprepared.

The same thing happens with computers. Except fortunately, people typically don't die.
0 Votes
+ -
RE: Security Risk, Part II: PEBKAC
gdstark13 10th Apr 2009
That's wonderful that you have avoided all malware (as far as you can tell). But let me ask you this...is it your contention that the PC will always be like an airplane with respect to training? Or do you envision the PC eventually being as safe (and reliable) to use as the automobile?

gary
0 Votes
+ -
PCs like an Automobile...
SteveMak Updated - 12th Apr 2009
gary (gdstark13) says "...do you envision the PC eventually being as safe (and reliable) to use as the automobile?"

To the best of my knowledge, training and licensing is required for the legal operation of an automobile. Also, statistics clearly show that those drivers who are better trained, and who have better driving skills, and who make better decisions while operating their vehicle, are at a MUCH lower risk of having an incident. Interesting parallels with respect to being "safe", no?

On the topic of "reliability" of cars, my understanding is that routine maintenance, and the timely repair of issues when they first appear, are essential to maximize a car's "reliabilty." On one hand, we have people who do this, and who have satisfactory result. On the other, we have people who just put fuel in it, and then drive until the next problem arises. So again, there is an interesting parallel here, too.

In my anything but humble opinion, peoples' casual approach to owning and operating an automobile, or a computer, are major contributors to their unsatisfactory experiences.
0 Votes
+ -
RE: PCs like an Automobile...
gdstark13 13th Apr 2009
So in your vision of computer technology, a lack of training is the problem? As an engineer I look at it differently. While training can helps, I still see computers as WAY more fragile than they need to be. You can get malware infections just by visiting the wrong website. Or opening an email message from family or friends. My opinion as a software engineer is that there's still a great deal that can be done to make computers more durable, less able to "crash" if we continue the driving analogy. And it's not even that difficult. We simply need to protect the bits that aren't supposed to change with hardware. Getting a malware install should be as impossible as leaving your keys in the ignition while it's still in drive. Or locking up the wheels in a hard stop (anti-lock breaks).

You can see hints of this sort of design with Dell's "latitude-on" feature, an ARM-based processor subsystem.

While I know you still see education as the solution, you need to remember that we're not just up against natural events (fail harddrives, etc) but rather we're up against organzied crime who are VERY motivated towards creating traps for the consumer. That's not the case with automobiles. Bottom line...a million times more people will have computer crashed today than automobile crashes. And I don't see education as the primary solution.

gary
0 Votes
+ -
This is...
Jeremy W 10th Apr 2009
of course, nonsense.

If the user was using a Mac, it would warn him against
this, not like Windows which will install the malware.

There are solutions to this problem for Windows users. It
is simply that MSFT does NOT want to fix the problems
because they would impact on its monopoly profits.
0 Votes
+ -
Do users even care
lapetinap@... 8th Apr 2009
As a Net/LAN administrator of and education institution, the extreme majority of student, teachers, and administrators do not even care about the vulnerabilities and issues concerning security. If steps are taken to mitigate the problem(s), they complain that it takes them to long to do their work, and if you do nothing, they complain that they have lost their work and their machines ane infected and need re-imaging. I feel that a more concerted effort needs to be made to eradicate the developers of these viruses and malware. This has become a global issue now, and needs to be dealt with globally.
0 Votes
+ -
Facebook Problems
mikefarinha Updated - 8th Apr 2009
I've started to do the whole Facebook thing and had an odd experience one day. There are a lot of these quizzes people share like '80s TV shows quiz' or 'Movie buff quiz.'

I started to click on some of these and quickly found, after the fact, that a lot of these links to quizzes are actually ad links. The problem is that the Facebook design is so poor that it is nearly impossible to tell legit links from spam links.

While MySpace is fairly ugly at least the delineation between content and ads is pretty obvious. I had never thought before this that web design considerations could affect computing security. Facebook really seems like a spam/malware paradise.
0 Votes
+ -
The real top 5 threats
Alan Smithie 8th Apr 2009
any 5 releases of windows you care to choose
0 Votes
+ -
No, it's the fingers on the hand...
ejhonda 8th Apr 2009
... of the user that controls the mouse.
0 Votes
+ -
There are only 4 fingers on a normal hand. (NT)
kozmcrae 8th Apr 2009
.
0 Votes
+ -
Get a Mac
EmperorDarius 8th Apr 2009
Just get a Mac and stop pretending that malware is normal.
0 Votes
+ -
Obscurity does not make security
Ceridan Updated - 8th Apr 2009
Unfortunatly, if the majority of computer users swich to macs... malware author will swich to make malware for macs.... that's how everything goes...

Besides Macs are actualy more vulnerable then vista in some cases ( No ALSR equivalent, no DEP equivalent...) and in some cases, you can implement the same security that Apple has (the so called unix superority in security... I say so-called because it's only permission based....)

now pray tell how Macs are supposed to be supperior to PCs(Linux or windows)... Specially when most of the attack vectors theses days are social engeneering based that would probably work on most computers anyhow.
0 Votes
+ -
Er, Macs (and Linux) both have DEP etc.
d_a_keldsen@... 8th Apr 2009
I'm afraid this critique is both factually wrong, and misses the point. Macs and Linux DO have DEP (it's a processor feature that needs to be tweaked to handle apps that rely on converting data to executable), but that's not the critical issue.

Windows, from day 1, has generally been run with administrative privileges in home environments, AND has relied on delivery of unsigned, unvalidated executables for casual use (OLE and ActiveX, anyone?). Microsoft continues to dig out from under this legacy, but it's there, and makes for a very target rich environment for all sorts of malware.

Dak
0 Votes
+ -
Yep
JT82 8th Apr 2009
Which is why Vista is a great thing. UAC keeps the computer running how it should have been, least user privliege. Also, using a 64-bit version you automatically have DEP enabled system wide AND you must use signed drivers.

I had an issue with my parents computer always getting slammed with malware - until I made the standard 'general user' account a Limited user in XP. It will be a nice day when I can upgrade them to Vista (Id like to take them over to Ubuntu - but they are very set in their ways) - though my dad already uses thunderbird happy.
0 Votes
+ -
Nah
honeymonster 9th Apr 2009
The OSX implementation of DEP is buggy and is
only enabled for some Apple supplied system
modules, not for software in general. It is not
enabled for the most important piece of
software: the browser (not enabled for Safari
nor for Firefox). Hopefully this will change
with Snow Leopard because the state of security
in OSX is dismal as was evidenced at the recent
PWN2OWN conference.

Many Linux distributions also do not enable DEP
(the NX bit). Most notably, Ubuntu in 32bit
does not enable DEP.

Also, some common installed technologies can be
used to circumvent DEP. If you have Java
installed the "hotspot" compilation model is
inherently insecure in this regard:

1) the DEP flag can not prevent
execution interpreted bytecode even if
this bytecode resides in an DEP/NX memory area.

2) The process will inherently have the ability
to generate executable code in non-NX memory
locations. This code is generated from
bytecode.

3) most Java VMs stupidly makes data constants
sit in the same memory pages as executable
code, meaning that you can design an applet
with string constants which is actually
malicious code. The browser/JavaVM will happily
execute such code.
0 Votes
+ -
Ok....Sell me oceanfront property in AZ ...
JT82 8th Apr 2009
and I'll buy it. You still have the human element. I seem to remember that there was a fair amount of, wait for it..... Mac users that were infected when they clicked on a link to install their free codec to view free porn.....

or did you somehow forget that? Regardless of the OS, Malware will get you if you are a stupid user (or fail to patch, one in the same).
0 Votes
+ -
RE: Microsoft's security report: The top 5 takeaways
trm1945 8th Apr 2009
Are we better off now than we
were 4 years ago?
0 Votes
+ -
VNC is classified as malware?
roystonlodge Updated - 8th Apr 2009
The second graph in this article lists TightVNC and UltraVNC. I've never heard anyone claim that VNC is a form of malware. Is there a problem out there with VNC servers being installed on computers without the owners' knowledge?

Or is this just Microsoft trying to scare people into using RDC?
0 Votes
+ -
VNC labeled as Malware
mithraigor@... 8th Apr 2009
This is Microsoft responding to free remote access software instead of people buying there own for thousands of dollars per seat. After all, these unsuspecting customers could easily access *LINUX* for gods sake!
0 Votes
+ -
LOL
JoeMama_z 8th Apr 2009
Whatever VNC on Windows can do, the built in FREE RDP service in XP/Vista can do waaaay better.

The only time you pay for RDP access is for a multiuser Terminal Server, last I checked was $70 bucks per user or device.

Sure you might be able to use VNC in a multiuser environment, but why would you? VNC, while useful in some cases, is a dinosaur.
0 Votes
+ -
It generally isn't
JoeMama_z 8th Apr 2009
however from an IT perspective it may well be. CEO has a VNC daemon on it and doesn't know it, yikes!

Angry IP Scanner and Microsoft's own PSTools gets detected as well.

RDC is really RDP, and aside from it being Windows only, it beats the **** out of VNC.
0 Votes
+ -
RE: Microsoft's security report: The top 5 takeaways
pillbox1234567 8th Apr 2009
i just have one question...do you people have the
capability to stay on the subject instead of trying to
convert everyone else to your favorite OS?!?!?!?!?! i
dont think you do
0 Votes
+ -
RE: Microsoft's security report: The top 5 takeaways
bbonis@... 9th Apr 2009
Only "God" could write an impenetrable OS. There is no such thing. Just on the basic principals of how it works, is its undoing. You could have every software writer in the world come up with the "ultimate" OS, and within months someone would find an exploit. As long as programs are written by humans, humans will be defeating them.

Education for the "lame" person to be able to identify what is a threat, and what is not, will cripple the amount of chances the unsavory programs have to install/function in your system. I think that might be the only hope.
0 Votes
+ -
Let's see...
Jeremy W 10th Apr 2009
There are, by now, over 200K viruses and other malware for Windows and
no actual viruses for Mac but the MSFTBoys continue to insist that
Windows is better.

"Who you gonna believe, me or your lyin' eyes?"

Of course no OS is perfect. (That is why the next OS-X will be better than
the last.)

However, who needs all the agita of Windows and the Windows yearly
anti-virus tax along with all the fake Windows anti-virus services (now
estimated at more than one hundred. Go here for a PARTIAL list:
http://en.wikipedia.org/wiki/Rogue_software )

Notice how they look very "real" to an ordinary user. Do you like "Vista
Antivirus 2008" - it certainly reads like an official MSFT program. To the
ordinary, non-geek user, it probably LOOKS very "Official".

MSFT could fix all of this and promised to make security "a major priority"
but that would have drained away too many of its monopoly profits so the
Windows public is stuck with this fifth rate trash called Windows.

When a major part of the airline or electricity grid is brought down
because of a Windows vulnerability, then things may change. Maybe we
will be treated to scenes of a crazed, raging monkey on a stage screaming
about security, security, security....

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix