Win7 infection rates rose during the second half of 2010 even as malware hit rates on XP machines declined, according to official statistics from Microsoft. The latest edition of Microsoft's Security Intelligence Report shows an infection rate of four Win7 PCs per 1,000 in the second half of 2010, up from three Win7 PCs per 1, …
"Infection rate of four Win7 PCs per 1,000"
From the text is seems to be more correct to write "INFECTED POPULATION of four Win7 PCs per 1,000" --- for an infection rate you must have a time unit (per hour exposed? per month? per year? --- it cannot be that because then the later statement that it has fallen for XP over the same period would be nonsense).
But anyway the newsflash is of course "more viruses on 6month old PCs than when new out of the box". Who'd have guessed?
From the article, it seems that the rate is *new* infections per 1000 machines per six months. So it's not about computer age. The message seems to be that the average XP machine has a 14/1000 chance of getting infected in six months, while a Win7 machine has a 4/1000 chance of getting infected in six months.
Given all the marketing hooha by the security industry and Mac fanbois one could be forgiven that 99.6 % of windows machines are infected, and not the inverse.
Security on Windows, not a major problem, time to move on now...
The article states that XP's infection rate is 14 per 1,000 PCs. WIn7's is 4 per 1,000 PCs. That does make it, by a fair margin, 'the most secure Windows ever'.
I can't say I'm surprised that Java is the problem. The ENDLESS F***ING UPDATES for it mean that even I get fed up to the back teeth with them and stop bothering. The article does compare favourably with my experience, which is that Win7 machines get infected when teenagers get a Facebook update that says 'OMG CLIK HEAR 4 TOTALLY SHKOCING THING!!!!!ONEONEONE' - and inevitably they click on it.
I haven't had java installed on my desktop for a couple of years - I can't remember the last time I encountered a need for it.
I've Never Installed it Willingly
Ever since OpenOffice 1 it has always wanted Java installed and I refused despite warnings of decreased functionality. Over the years I think I encountered one peripheral thing that I couldn't do without it. Recently I watched as the 3.whatever OO install proceeded to shove Java down my throat. I would bet most people with Java never got it voluntarily but only as part of software bloat.
Outside OO I've hit one government website that used Java for an interactive map viewing tool, that is it.
Minimizing your exposure area applies to applications in addition to operating systems. Apps like OO need to stop installing the kitchen sink when all the average user will ever use is Writer and Calc.
A vendor just pointed me to their image conversion tool. I started installing it only to find it required .NET 2.0. That was the end of that because there is no reason to install .NET to do what any well written 2 meg utility can do.
These application frameworks were supposed to be the solution, instead they have become the problem. Always choose the smallest tool for the job.
Not the whole picture.
You seem to be unable to convert into percentages. 4 out of 1000 is 0.4%, not 4%. I would also like to point out that 6 months ago, a lot less people were using windows 7 (early adopters tend to be more technically-minded people), meaning the rate will likely increase more now as more "joe bloggs" users transition to Windows 7 and fall for the same social manipulation and phishing scams as they did before (if they are told to click "yes" when the big warning comes up to get free smileys/wallpapers/screensavers/nudes of their favourite celebrity, they will do as they are told).
It's about improving people's education regarding the internet and computers in general; Windows is the most popular operating system and it will therefore have a bad combination of popularity (potential gain for scammers) and large numbers of morons using it. Macs tend to be slightly expensive for most and linux tends to be for servers (and is rarely offered with standard desktop machines that "joe bloggs" users would be purchasing in the first place).
Told you so!
Now it finally pays to stick with Windows XP.
You can't be "more" immune. Immune is an absolute; you are either immune or you are not. Resistant would be a more appropriate word to use.
More Immune... More Pregnant/Less Pregnant
Exactly what I was thinking. More dead, less dead.
Maybe they will say they are speaking of individuals AMONG the population rather than individuals OF the population, hehehehe
degree and rate of immunity
Of course you can be "more immune" - both individually (degree of immunity), and as a population (rate of immunity). You can also be hyper-immune or immune-deficient: immune deficiency may be due to "depressed immunity" or atypical immune reaction.
Normal vacination programs aim to achieve "effective immunity", but if, for example, you do not complete a series of vacinations, you may be left with a low level of immunity, which may only effective in preventing disease from low levels of infective challenge.
Re : "more immune"
I take your point however immunity does in fact vary, individuals immune response varies as does the amount of infectious agent they are subjected to. So generally a person can't be said to be just immune or susceptible but will form part of a distribution when the population as a whole is measured.
More reason to stick with XP as not only is it faster, takes less disk space, boots quicker, gets in your way less..... but apparently more secure as well...
+2 for the x64 Edition
Viruses are also mostly written for 32-bit Windows XP, because the 64-bit variant is about as rare as rocking horse scheiße.
no, it isn't
Read the article. Infection rates have gone down on XP and up on 7, but they are *still* over three times as high on XP. XP is waaaay less secure than 7.
Stick with XP??
To the two people who say this is a reason to stick with XP; I'm just going to cut and paste a couple of lines from the second and third paragraphs of the article:
"infection rate of four Win7 PCs per 1,000"
"infection rates for Win XP SP3 machines [are] 14 per 1,000 PCs"
Were we reading the same article?
Thanks for the absolute and relative infection numbers John. This is exemplary technical writing!
Did the "old guard" IT chaps on here forgot their reading glasses before posting?
As it stands today:
Windows XP 14 in every 1000 are infected
Windows 7 4 in every 1000 are infected
So no, according the data published in the article you are posting on it would appear XP is piss poor security wise.
Who would have thought it hey?
Java considered harmful
"Microsoft records a massive fourteen-fold rise in Java-based attacks during Q3 2010, as miscreants sought to exploit a pair of vulnerabilities prevalent at the time. These two vulnerabilities (CVE-2008-5353 and CVE-2009-3867) accounted for 85 per cent of all Java exploits detected in the second half of 2010."
Well, there's a shocker. Why do people use Java, again? Speed? No. Stability? No. User experience? No. Portability? Sort of. I guess. As long as you have the exact right JVM version and that version is compatible with your other Java apps.
I loved Java when I was a student and hadn't yet had to use it for anything serious. Now I loathe it. I can see how it might be useful in some fringe cases where running under multiple OSes is a top requirement, but you can't do a web app, and these two requirements are so hard to work around that you are willing to end up with a bog-slow crappy-looking app that sometimes crashes and might require a huge download before you can install it.
You're out of date...
As a Java Swing dev of many years, I can confidently say you're talking (mostly) BS about Jsva
- Startup has been massively improved with the quickstarter (some update in version 6). Sunacle are doing great stuff modularising Java which will make for more significant gains.
- Runtime speed is and has been for years more than good enough, IMO this claim is rubbish.
- if you mean startup speed then I think that's covered above
- if you mean general usability then that's down to the developers designing rubbish; Swing has any component you like, there's commercial component libraries. You can (and I have) write custom components to do anything. The apps can be skinned, etc
Security? I'm no expert in this area, but java has had it's security model baked in since day one, but I can't be bothered to research it. It's never been an issue.
On the positive
- Massive libraries are available, today, for any area
- 50%+ of webservers run on Java; are they all wrong?
- many investment banks in the City run on Java Swing, and they have quite hard real-time aspects.
- the online MMRPG "Runescape" runs as Java.
Java and Swing is still productive though I admit it's getting long in the tooth. Banks are starting to move to .net.
I am quite excited by Java FX 2, the new Oracle version. Amazing potential including startup times of about s second!
So, in summary, check your facts before trotting out the same tired "arguments".
Re: Out of date
If you look around the room and don't see a problem, the problem is you. The speed and stability of Java apps is *always* inferior to apps developed natively for a given platform. The UX aspect does depend on the developer, but apps developed in Java are typically uglier and possessed of fewer features than apps developed using Flash, Flex, or .Net. If you want to know about how useful a platform is, don't ask a developer, ask a user. What is the end result like for the person who actually has to use it? In the case of Java, it's crap.
As to your other points:
More than 95% of all desktop PCs run Windows, and yet Register readers waste no time dropping their Cheetos to lambast Windows, so majority share is clearly meaningless. Appeal to numbers or the majority is a sucker bet. I also work in financial services, and using financial services software as a reference for quality code (especially the leaky, buggy, bloated Java-based disasters used to run financial Web application software) does not win you any points; in fact, it goes much further to demonstrate *my* assertion. Referring to an obscure MMO also doesn't help.
I use Java apps *every day*, and *every day* I have reason to complain about doing so. Check *your* facts and stick your head up out of your cube. Talk to the people who actually have to *use* your software (without letting them know you're the developer) and find out what they *really* think!
I find a lot of Clickpotato infections in Windows Downloads folders, on client computers, indicating that people are installing it with programs that they are willingly downloading? This doesn't generally depend on any security exploits (other than evading antivirus detection), just peoples' willingness to install any crap from the Internet.
Perhaps these dodgy adware, toolbars, security scans and browsers that appear with just about every free download should be banned - or at the very least require a tick to opt in, rather than an untick to opt out.
When a paper on the security of Microsoft operating systems is published by someone other than Microsoft, I'll read it. Otherwise, print it on rolls of soft perforated paper.
Nonetheless XP is better (in the short term)
Sure you have three time more chance to be infected than with Win7 but, when you consider that the current PCs are an ocean of space for XP, part of the infections rely upon java-based services and the stupidity of the users, then a not so tech-savy user can afford to stick to XP.
Unfortunately XP will run out of protection in the long term, in this sens Win7 is a rather good successor, but the next Win will eat all the place again. So why having a better secure OS if it is too low too heavy to be useless ?
- Review Is it an iPad? Is it a MacBook Air? No, it's a Surface Pro 3
- Microsoft refuses to nip 'Windows 9' unzip lip slip
- Tesla: YES – We'll build a network of free Superchargers in Oz
- Netflix swallows yet another bitter pill, inks peering deal with TWC
- Special Report Roll up for El Reg's 3G/4G MONOPOLY DATA PUB CRAWL