Vista vs XP security test

[jayclark]

A recent article I found interesting.

http://crn.com/software/199701019?pgno=1

For those who are lazy This is the conclusion of the test.

THE BOTTOM LINE

Based on the Test Center's findings, businesses that migrate their Windows PCs from XP to Vista will get a slightly more secure OS. But as the Finjan reports showed, Vista's security remains wafer thin.

In the end, both the Vista and the XP test notebooks were almost equally damaged by viruses, trojans and other malware. And because most of the Web sites in the test were able to exploit Vista's weaknesses, Internet users are just about equally vulnerable with both OSes.

These test were run with default security. Which Means XP SP2 with IE6 128bit encryption, no windows defender, also no Anti-Virus. Vista ran with IE7 256 encryption, windows defender, and also no anti virus.

I'm by far no security expert, so I'd like to hear any flaws in the test procedures you guys think they made.

[SuperSparks]

I don't understand the point they are trying to make So they are saying that a Windows installation without any AV can be infected by malware? That's hardly news. I could have saved themselves the trouble and told them that

[ua549]

No surprises. MS cannot easily add any functionality to Windows without a very high risk of being sued by governments and third party providers with similar functionality.

Look what happened to Microsoft for including a media player in Windows. Imagine what would happen to them if they included anti-virus functionality or other security functionality. MS is damned if they do and damned if they don't. They are in a lose-lose situation.

[SuperSparks]

I couldn't agree more.

I suspect that they must have turned off a lot of Vista's default settings too - IE7 running in Protected Mode alone will prevent harm from most malicious websites, to give just one example.

[jayclark]

I was wondering. Maybe there really isn't a fool proof way to lock down any OS in todays world? Without loosing usability and being user friendly. Yeah MS could lock down the system but then user would be screaming about it. And Windows is known for its usability. You lock the system down and you loose one of its main selling points. I know Mac and Linux don't have a virus issue really. But neither Of those OS have ever had to with stand the shear amount users WIndows have. Myself had this XP install for 3 years. No virus to speak of, and the occasional tracking cookie. I don't lock down this machine either. I just use AVG, SP2 Firewall, and behind a router. My VIsta box runs the same way. I don't think this setup is abnormal for average users. They thing I do is, check for spy ware in programs I've never used. And I never download anything that I find questionable. So maybe it would be better to educate users about Spy ware and viruses. Instead of the OS baby sitting them?

[Train]

So maybe it would be better to educate users about Spy ware and viruses.

If they would listen. Believe me, I got paid plenty before clients finally paid attention.

3 to 5 years it taken for each client so far.
Guess they did not think it was sexy enough.

[ua549]

Here is a starting point for configuring a secure computer and network.

Follow the links for information on setting up your machine as a secure computing platform. C2 is the highest you can go without purchasing an especially configured operating system. Windows NT was C2 certified in 1999.

Currently Orange Book security is used mostly for commercial installations since the military has much stricter and harder to implement security standards.

I spent much of my career consulting with governments and banks worldwide on networking and security.

[SuperSparks]

Here's what Ars Technica has to say about that report:

http://arstechnica.com/news.ars/post...xp-report.html