A small minority of users - as few as one in 20 - is running fully-patched Windows PCs. Just five per cent of newly-registered users of an online security inspection service Secunia came out with a clean bill of health, while more than 40 per cent have at least 11 insecure applications installed. The data is based on scans of …
Does that mean there is such a thing as a fully secure computer?
(Ans: I think not)
All it means is that the security is more or less slightly insecure :)
And then there are functionality issues...
So tell me, if having the latest patches is more secure, what do you do when they lock up your computer or cause explorer.exe to be deleted? I'm quite comfortable being one step behind the curve, thanks, if it means my machine will actually switch on in the mornings.
Actually, those numbers can't be right
So, I used this tool. What I found was that it was beta. Yup. Those numbers are from a beta product (a product that I like - FYI). Sometimes it would tell me that Windows was not patched. So, I downloaded the appropriate patch and ran it. The patch told me that I was already patched and consequently quit. To the best of my understanding, the Secunia tool was looking for patch numbers and didn't recognize that some patches were unnecessary due to more recent patches.
Other "unpatched" at-risk software came from old-unsupported versions of software. For example: My DVD burner came with Nero. Nero has since moved to a new version and is no longer supporting the specific version that I have installed. OK. Big deal. But, because Nero has moved on, Secunia says that my computer is insecure. Oh well. I just ignore that.
And don't get me started on their Java detection junk. They tell me that I am using an older version of Java. They offer me a link to a new version (their link even has appropriate version numbers etc...). I follow the link and the version that is presented to me is the same version that I already had. No new versions were available.
I could deal with all of this because the app was free and more or less useful. It reminded me to update my various seldom-used programs.
BUT, to make this sort of analysis from a beta tool is not only premature, but potentially foolhardy.
and for all that aged software from years past that isn't updated any more (re: win9x)... even fully patched it's swiss cheese for hackers cause M$ stopped patching it. Maybe they wouldn't have to patch so many holes in their current OSes if they had fixed the problems that were already there. or... now here's a concept... started over from scratch and made an entirely new operating system focusing on stability and security instead of trying to continue to add on to the windows 95 base or NT base. But heck... what do I know... I'm just an end user that has to deal with their mess cause they have all the hardware developers in their back pocket.
As a user of the Secunia product...
It checks everywhere. If you have a backup folder with an old version of something, it flags it.
If you install a product which requires its own outdated version of Java (and keeps it in its own directory tree), it flags it.
So, even though I have every product I use on my system patched to the latest, greatest and the OS, I have 4 items that are "out of date" because they are either backup copies that are not used or part of an application that requires a specific version and keeps it in its own folders.
Patching your computer...
...just slows it down too much. I prefer to go bareback!!! It's far more interesting and much faster.
Re: Patching your computer...
Slowdown? I've not noticed any slowdown…
I'm confident my PC is secure
I never install stuff from companies that want full access to my system.
Does this principle, if widely applied by sysadmins, not somewhat skew the results?
> So, I used this tool, too. What I found today was that it was beta.
Well, Secunia Personal Software Inspector is not quite beta any more. What I found on their website (http://secunia.com) today was a release candidate one.
You have a case though IRT paid consulting services for a third party. However, Secunia denies you in their License Agreement, to which you consented, the right to use the PSI-tool commercially. Therefore, sticking to their rules, you won't run into problems with taking resposibility for a botched tool operation on your customer's PC.
The use of PSI on your private PC is free, which I consider fair enough - even if the tool were in beta status, and not in release candidate status, which it is.
BTW, please go FreeBSD - or maybe even OpenBSD - if you'd like to use a system which is not only secure, but also easy to maintain. All the whining about poor security is mostly confined to systems which are by design hard to maintain.
Once again the "big security question" boils down to the saying "Thank you, Bill". The trailing words "for the crap" are yours to say.
Normal home users
I've never seen a normal home PC that was patched. Only geeks who understand what it means bother. The home users I know all get annoyed by the popups that programs keep giving to 'pester' them to upgrade so they disable them. After all, if it currently appears to be running just fine there cannot be a problem, right? It's only when you click on a file and the wrong thing happens that you have a problem that needs the latest drivers or something...
Home users are a lost cause and the more complex computers become, the less interested people will be about things like this. It's no different to cars... when they were new, everyone who owned one knew how to service it to some degree and could point to the different parts of the engine. But now that they get a car on credit and trade it in for a new one after 2 years they don't even know it's supposed to have water in it, let alone where it goes.
In the same way that people now get fleeced by garages who do every little thing for them, one day computers will be upgraded and tweaked silently in the background via remote logins to your system and no one will care about the ongoing costs of this 'service' or the privacy issues it brings. Computers - whateverrrr!