Page 1 of 2 12 LastLast
Results 1 to 16 of 22

Thread: Sophos makes stupid security recommendation

  1. #1
    HEXUS webmaster Steve's Avatar
    Join Date
    Nov 2003
    Posts
    14,277
    Thanks
    292
    Thanked
    837 times in 473 posts

    Sophos makes stupid security recommendation

    Security firm Sophos, in all its wisdom, has advised that consumers should consider purchasing Macs as a means of protecting themselves from viruses, trojans and other nasties. The BBC reports:
    [Sober-Z] infected computers running the Windows operating system, but was not designed to infect Apple Macs.

    "It seems likely that Macs will continue to be the safer place for computer users for some time to come," said Mr Cluley
    Of course, the fanboys are already up in arms at the title of this thread and its content thus far, but let's put it this way: How can the 'security' of an operating system be quantified by the number of exploits for it, when the operating systems have varying levels of popularity? It's the age-old argument that if Macs were more widely used, then virus and trojan writers would concentrate on MacOS and its apps, rather than Windows. Of course, the reality is it's impossible to say which is more secure, but granted, right now, with a Mac you've less chance of catching something nasty.

    Still, it's an unusual piece of advice for Sophos to make, one that's sure to spark a lot of debate, which we reckon is the real reason for the recommendation.

    My advice is not to rush out and buy a Mac, but to be sensible, keep your firewall on, your virus scanner up to date, and try to educate other users on what not to click (hard, I know, but we've got to try).
    Last edited by Steve; 05-07-2006 at 06:05 PM.
    PHP Code:
    $s = new signature();
    $s->sarcasm()->intellect()->font('Courier New')->display(); 

  2. #2
    Member
    Join Date
    Apr 2006
    Location
    North West, United Kingdom
    Posts
    131
    Thanks
    0
    Thanked
    3 times in 3 posts
    How can this advice be called stupid? Windows has the most malware, no question and will continue to do so for some considerable time to come. Much of this has been due to bad design decisions from Microsoft (tying Internet Explorer into the OS, having services enabled by default that most users don't need, adding functionality without considering the security implications) which Apple seem to have avoided as well as Windows' widespread usage.

    Whether OSX manages to remain relatively malware-free is open to debate but Sophos' advice makes good sense for those considering their first computer - and it does everyone else a favour if it prevents the emergence of another spam-spewing, port-scanning, DDoS-driven zombie. Sophos are quite correct to highlight the exponential growth in Windows trojans and these are becoming ever more sophisticated in terms of resisting detection (many now including rootkits) and removal to the extent that even Microsoft recommends reinstalling Windows from scratch to recover from infection.

    A similar point can be made about GNU/Linux and the xBSDs but these are less approachable for newcomers than OSX.

  3. #3
    Moderator chuckskull's Avatar
    Join Date
    Apr 2006
    Location
    The Frozen North
    Posts
    7,713
    Thanks
    951
    Thanked
    690 times in 463 posts
    • chuckskull's system
      • Motherboard:
      • Gigabyte Z77-D3H
      • CPU:
      • 3570k @ 4.7 - H100i
      • Memory:
      • 32GB XMS3 1600mhz
      • Storage:
      • 256GB Samsung 850 Pro + 3TB Seagate
      • Graphics card(s):
      • EVGA GTX 980Ti Classified
      • PSU:
      • Seasonic M12 700W
      • Case:
      • Corsair 500R
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • Asus VG278HE
      • Internet:
      • FTTC
    An OS not being attacked doesn't make it secure

    By his logic I'm immortal (well I aint died yet have I?). Theres plenty of proof of concept attacks for macs, just not an attractive target.

    No matter what your OS, a bit of sensible web-browsing (never google for the word 'free', no warez etc.) and a well setup router/NAT/firewall and you have a very secure system.

    I no longer run any softerware fw/av solutions (except for scans) and the worst infection I've had in a year is a couple of tracking cookies.

    I'm not a windows fan-boy or any other OS for that matter (I go where the games are), but swapping your enitire OS and machine is not a valid security idea.

    The weakest link in any security system is that monkey with the keyboard.

  4. #4
    Member
    Join Date
    Apr 2006
    Location
    North West, United Kingdom
    Posts
    131
    Thanks
    0
    Thanked
    3 times in 3 posts
    Quote Originally Posted by chuckskull
    An OS not being attacked doesn't make it secure
    The point being made in the original article was that the vast majority of current threats are Windows only. Therefore getting a non-Windows system is a straightforward way of avoiding them. "An OS not being attacked..." is rather like "If a tree fell in a forest with no-one to hear it..." - a fine philosophical debate with no bearing on the advice being discussed here.
    Quote Originally Posted by chuckskull
    No matter what your OS, a bit of sensible web-browsing (never google for the word 'free', no warez etc.) and a well setup router/NAT/firewall and you have a very secure system.
    Not necessarily - your risk is less but if a website you visit is compromised (malware pushers have and will continue to target mainstream websites) and you use a vulnerable browser, your firewall will do nothing to protect you (unless it has web filtering).
    Quote Originally Posted by chuckskull
    I no longer run any softerware fw/av solutions (except for scans) and the worst infection I've had in a year is a couple of tracking cookies.
    I suggest a more accurate phrase would be "the worst infection I've noticed" - the most dangerous threats are those that hide themselves best (rootkits notably) and blocking these requires software capable of controlling driver installs (e.g. Process Guard, System Safety Monitor, App/RegDefend). Kaspersky 2006 has added a Proactive Defense module that offers the same functionality, but most other AVs haven't addressed this yet.

    If a rootkit does get installed, the only sure method of detecting it is to boot your system from a known clean source (e.g. a Linux distro CD) and run a scan from that. Is that part of your regular routine?
    Quote Originally Posted by chuckskull
    ...swapping your enitire OS and machine is not a valid security idea.
    Surely that depends on the effort/cost required to change versus the benefits? Someone who uses basic applications (email, word processing, web browsing) has no specific need of Windows so switching here would likely make more sense. Malware authors have a great deal of Windows-specific expertise which has taken years to develop. An alternative OS would require them to start almost from scratch, so even if the alternatives had the same problems as Windows it would still take a couple of years for them to be fully charted and exploited.

  5. #5
    Banned
    Join Date
    Jan 2005
    Location
    Who Cares!
    Posts
    4,092
    Thanks
    8
    Thanked
    61 times in 52 posts
    But surely Mac's will one day be inundated with trojans etc etc? Just the Microsoft is 'The' target at the mo?

  6. #6
    Moderator chuckskull's Avatar
    Join Date
    Apr 2006
    Location
    The Frozen North
    Posts
    7,713
    Thanks
    951
    Thanked
    690 times in 463 posts
    • chuckskull's system
      • Motherboard:
      • Gigabyte Z77-D3H
      • CPU:
      • 3570k @ 4.7 - H100i
      • Memory:
      • 32GB XMS3 1600mhz
      • Storage:
      • 256GB Samsung 850 Pro + 3TB Seagate
      • Graphics card(s):
      • EVGA GTX 980Ti Classified
      • PSU:
      • Seasonic M12 700W
      • Case:
      • Corsair 500R
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • Asus VG278HE
      • Internet:
      • FTTC
    Quote Originally Posted by Paranoid2000
    An alternative OS would require them to start almost from scratch, so even if the alternatives had the same problems as Windows it would still take a couple of years for them to be fully charted and exploited.
    Well then lets all go buy a mac now, and next year sophos will be raving about how vista is never attacked and is secure.

    Or even better lets all jump around operating systems every six months and really confuse those malware peddlers.

    Quote Originally Posted by Paranoid2000
    Surely that depends on the effort/cost required to change versus the benefits? Someone who uses basic applications (email, word processing, web browsing) has no specific need of Windows so switching here would likely make more sense.
    They probably do have a need of the money it will cost to swap their windows box for a even a bottom end mac (£800?+)

  7. #7
    Member
    Join Date
    Apr 2006
    Location
    North West, United Kingdom
    Posts
    131
    Thanks
    0
    Thanked
    3 times in 3 posts
    Quote Originally Posted by Koolpc
    But surely Mac's will one day be inundated with trojans etc etc? Just the Microsoft is 'The' target at the mo?
    In the distant future maybe - in the near future (1-3 years) very unlikely. Safari has a far better security record than Internet Explorer (the main infection vector on Windows systems) and OS X, being based on BSD Unix, doesn't have some of the more "unusual" architectural features of Windows that help malware along (being able to create threads in other processes or send messages to other applications' windows) and has the "root" user (the Unix equivalent of Windows' Administrator/Owner) disabled by default.

    See Windows Vista Beta 1 vs. Mac OS X "Tiger" (Part 2) for more discussion on OS X's security.

  8. #8
    Member
    Join Date
    May 2004
    Location
    Glasgow
    Posts
    190
    Thanks
    2
    Thanked
    5 times in 3 posts
    Oh wonderful, now security firms have been eveloped in the Reality Distortion Field ;p (TechReport'ism re: macs ;p)

  9. #9
    Moderator DavidM's Avatar
    Join Date
    Jan 2005
    Posts
    8,779
    Thanks
    800
    Thanked
    252 times in 234 posts
    My notepad never suffers from virus threats.

    Mind you, it is made out of paper.

  10. #10
    Moderator chuckskull's Avatar
    Join Date
    Apr 2006
    Location
    The Frozen North
    Posts
    7,713
    Thanks
    951
    Thanked
    690 times in 463 posts
    • chuckskull's system
      • Motherboard:
      • Gigabyte Z77-D3H
      • CPU:
      • 3570k @ 4.7 - H100i
      • Memory:
      • 32GB XMS3 1600mhz
      • Storage:
      • 256GB Samsung 850 Pro + 3TB Seagate
      • Graphics card(s):
      • EVGA GTX 980Ti Classified
      • PSU:
      • Seasonic M12 700W
      • Case:
      • Corsair 500R
      • Operating System:
      • Windows 10 Pro
      • Monitor(s):
      • Asus VG278HE
      • Internet:
      • FTTC
    Quote Originally Posted by DavidM
    My notepad never suffers from virus threats.

    Mind you, it is made out of paper.
    What kind of framerates you getting in BF2?


  11. #11
    Banhammer in peace PeterB kalniel's Avatar
    Join Date
    Aug 2005
    Posts
    30,749
    Thanks
    1,789
    Thanked
    3,289 times in 2,647 posts
    • kalniel's system
      • Motherboard:
      • Gigabyte Z390 Aorus Ultra
      • CPU:
      • Intel i9 9900k
      • Memory:
      • 32GB DDR4 3200 CL16
      • Storage:
      • 1TB Samsung 970Evo+ NVMe
      • Graphics card(s):
      • nVidia GTX 1060 6GB
      • PSU:
      • Seasonic 600W
      • Case:
      • Cooler Master HAF 912
      • Operating System:
      • Win 10 Pro x64
      • Monitor(s):
      • Dell S2721DGF
      • Internet:
      • rubbish
    Why don't they advise people to stand in a cupboard with their hands over their ears instead?

  12. #12
    Drop it like it's hot Howard's Avatar
    Join Date
    Jul 2003
    Location
    Surrey, South East
    Posts
    11,731
    Thanks
    14
    Thanked
    42 times in 39 posts
    • Howard's system
      • Motherboard:
      • Asus P5B
      • CPU:
      • Core2Duo E6420 2.13GHz
      • Memory:
      • 2x1gb OCZ DDR2 6400
      • Storage:
      • 250GB & 500GB Seagate
      • Graphics card(s):
      • Inno3d iChill 7900GS
      • PSU:
      • Antec SmartPower 500W
      • Case:
      • Coolermaster Elite 330
      • Monitor(s):
      • 2x AG Neovo F419
      • Internet:
      • Virgin Media 20mbit
    Quote Originally Posted by Steve
    My advice is not to rush out and buy a Mac, but to be sensible, keep your firewall on, your virus scanner up to date, and try to educate other users on what not to click (hard, I know, but we've got to try).
    Too right. I can't remember when I last had a virus or trojan, on any of my machines. A little common sense goes a long way.
    Home cinema: Toshiba 42XV555DB Full HD LCD | Onkyo TX-SR705 | NAD C352 | Monitor Audio Bronze B2 | Monitor Audio Bronze C | Monitor Audio Bronze BFX | Yamaha NSC120 | BK Monolith sub | Toshiba HD-EP35 HD-DVD | Samsung BD-P1400 BluRay Player | Pioneer DV-575 | Squeezebox3 | Virgin Media V+ Box
    PC: Asus P5B | Core2duo 2.13GHz | 2GB DDR2 PC6400 | Inno3d iChill 7900GS | Auzentech X-Plosion 7.1 | 250GB | 500GB | NEC DVDRW | Dual AG Neovo 19"
    HTPC: | Core2Duo E6420 2.13GHz | 2GB DDR2 | 250GBx2 | Radeon X1300 | Terratec Aureon 7.1 | Windows MCE 2005
    Laptop: 1.5GHz Centrino | 512MB | 60GB | 15" Wide TFT | Wifi | DVDRW


  13. #13
    Mike Fishcake
    Guest
    The best advice to not be under risk of computer viruses?

    Turn your computer off, seal it in a lead box and drop it into the middle of the Atlantic Ocean.

    Problem solved.

  14. #14
    Drop it like it's hot Howard's Avatar
    Join Date
    Jul 2003
    Location
    Surrey, South East
    Posts
    11,731
    Thanks
    14
    Thanked
    42 times in 39 posts
    • Howard's system
      • Motherboard:
      • Asus P5B
      • CPU:
      • Core2Duo E6420 2.13GHz
      • Memory:
      • 2x1gb OCZ DDR2 6400
      • Storage:
      • 250GB & 500GB Seagate
      • Graphics card(s):
      • Inno3d iChill 7900GS
      • PSU:
      • Antec SmartPower 500W
      • Case:
      • Coolermaster Elite 330
      • Monitor(s):
      • 2x AG Neovo F419
      • Internet:
      • Virgin Media 20mbit
    It's at that point you hope your OS doesn't have any holes...
    Home cinema: Toshiba 42XV555DB Full HD LCD | Onkyo TX-SR705 | NAD C352 | Monitor Audio Bronze B2 | Monitor Audio Bronze C | Monitor Audio Bronze BFX | Yamaha NSC120 | BK Monolith sub | Toshiba HD-EP35 HD-DVD | Samsung BD-P1400 BluRay Player | Pioneer DV-575 | Squeezebox3 | Virgin Media V+ Box
    PC: Asus P5B | Core2duo 2.13GHz | 2GB DDR2 PC6400 | Inno3d iChill 7900GS | Auzentech X-Plosion 7.1 | 250GB | 500GB | NEC DVDRW | Dual AG Neovo 19"
    HTPC: | Core2Duo E6420 2.13GHz | 2GB DDR2 | 250GBx2 | Radeon X1300 | Terratec Aureon 7.1 | Windows MCE 2005
    Laptop: 1.5GHz Centrino | 512MB | 60GB | 15" Wide TFT | Wifi | DVDRW


  15. #15
    I shall never tire... BEANFro Elite's Avatar
    Join Date
    Jan 2004
    Location
    Surrey
    Posts
    1,596
    Thanks
    122
    Thanked
    31 times in 19 posts
    • BEANFro Elite's system
      • Motherboard:
      • Asus MAXIMUS IV EXTREME Rev.3.0
      • CPU:
      • Intel Core i7 2600K Sandy Bridge
      • Memory:
      • Corsair Memory Vengeance 8GB DDR3
      • Storage:
      • 240Gb RevoDrive 3 X2, 1x 1TB Maxter DiamondMax 11
      • Graphics card(s):
      • Sapphire ATi HD5970 3GB
      • PSU:
      • Coolermaster Silent Pro Gold 1000W Modular
      • Case:
      • Coolermater Cosmos Pure Black
      • Operating System:
      • Windows 7 Ultimate 64-bit
      • Monitor(s):
      • Dell 2209WA
      • Internet:
      • TalkTalk
    We've already had this discussion [ sigh ] its down do lack of education that most people get spyware and viruses.

    I personally have never had a virus on my PC ever but outbreaks of spyware on my pc are such a rarity that anti-spyware apps. are a mere early warning center as my own methods for getting rid of spyware are so effective.

    One final point, if Sophos have scare-mongered enough people to switch, we're talking at least half of the amount of people who use windows, then Apple will start getting more viruses n spyware catered just for them.
    Last edited by BEANFro Elite; 07-07-2006 at 10:46 AM.

  16. #16
    Member
    Join Date
    Apr 2006
    Location
    North West, United Kingdom
    Posts
    131
    Thanks
    0
    Thanked
    3 times in 3 posts
    Quote Originally Posted by BEANFro Elite
    ...its down do lack of education that most people get spyware and viruses.
    Yes, but also consider the amount of information a new user needs to learn to keep themselves safe:
    • What a firewall is and how to use it (which also means understanding the basics of networking);
    • What an anti-virus scanner is and how to use it (in particular the importance of keeping it updated);
    • What types of online behaviour are "dangerous" and likely to result in infection (e.g. downloading anything from anonymous sources, clicking on links in spam emails);
    • The risks of "rogue" anti-spyware applications (or why Google sponsored links may be bad for your PCs health);
    • The effects and dangers of different classes of malware (viruses, trojans, keyloggers, rootkits, etc).
    That's a lot to absorb in one go - and that is just the basics of online security since a prudent user will also need to cover:
    • Using a web-filter to remove ActiveX/Java/Javascript from unknown or untrusted sites;
    • Installing and using alternative browser/email clients;
    • Online privacy issues (cookies, referers, web bugs, etc);
    • Knowing how to identify when their web traffic is encrypted (https) and the dangers of phishing;
    • Not running as Admin/Owner except when absolutely necessary (and the hidden "Run As" option in Windows).
    Even these don't cover all the problems that can be encountered (Sony rootkit anyone?) so a "full" security setup on a Windows platform should include:
    • Running a secondary malware scanner to cover items that the primary may miss;
    • Checking periodically for rootkits and keyloggers using specific detectors (not all anti-virus software covers these items properly);
    • Installing and configuring a system firewall (e.g. Process Guard, System Safety Monitor, App/RegDefend) to control what programs are run and what actions they can take (which in turn requires understanding techniques like hooking, code injection and DLL injection and when these are likely to be legitimate and when malicious).
    Mac users do not have to worry about all these issues currently and are not likely to have to for some time yet.
    Quote Originally Posted by BEANFro Elite
    One final point, if Sophos have scare-mongered enough people to switch, we're talking at least half of the amount of people who use windows, then Apple will start getting more viruses n spyware catered just for them.
    The "Windows is a target only because it is popular" is a myth. Windows' popularity is part of the reason for it being a target but the main reason is that it was never designed from the ground up to be secure - and this has been exacerbated by Microsoft's design decisions as mentioned above, making them easier to infect (most exploits have been application-specific targeting Internet Explorer or Outlook rather than Windows itself). Macs have been around for long enough (longer than Windows) and have a more attractive demographic of (generally) wealthier owners to be a very attractive target for malware writers so the incentive is certainly there.

    In summary, Windows is a malware war-zone and new users need to be aware of that beforehand, following guides like CERT/CC Tech Tip: Before You Connect a New Computer to the Internet. If a new user is not prepared to do this, then it is far better for everyone else that they get a Mac or Linux system since they are then less likely to be hijacked, become part of a botnet and pose a nuisance to others - Sophos' advice should be commended for this reason alone.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Mac + Firefox fans, verses security
    By TheAnimus in forum General Discussion
    Replies: 3
    Last Post: 20-09-2005, 10:22 PM
  2. Firefox suffers first 'extremely critical' security hole
    By XA04 in forum General Discussion
    Replies: 18
    Last Post: 12-05-2005, 12:13 PM
  3. Have you done all of your windows updates ?
    By Moby-Dick in forum General Discussion
    Replies: 33
    Last Post: 05-05-2004, 01:23 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •