Leaking seive
Time to ditch windows, if you don't need to run Windows (most people don't). Windows is a steaming pile of real world actual malware infested garbage.
Microsoft has broken out of its usual cycle to patch more Malware Protection Engine bugs notified privately by Google Project Zero. Project Zero's Mateusz Jurczyk didn't turn up just one “crazy bad” bug: while the new bugs are all named either “Microsoft Malware Protection Engine Denial of Service Vulnerability” or “Microsoft …
Chromebook is pretty bulletproof as far as security. You can't download desktop apps (aside from Google app store), but that is kind of part of the security... no downloads of random apps. And yes, yes, I know that it can't run the IDE you want to run, but, if everyone moved to Chromebook, they would probably move it to a browser or light app based architecture. Supply meets demand. Most users are good on a Chromebook. I think the user experience is preferable to Windows if you buy a higher end machine... and it is a lot less costly than Windows, especially if you want 10,000 of them.
Probably around the same number of bugs.
No, demonstrably fewer and of lower impacy, and those that exist tend to be of lesser impact due to the better layered models that anything but Windows uses.
But they're a lot cheaper.
Patching is free. The "cheaper" does apply, but more in the amount of effort to keep things stable and safe. We dropped Microsoft years ago, so every time we see another virus fly by it's "yeah, we dodged that one". That said, we have switched away from direct file access for our core systems, so even if someone would install ransomware it won't have much to blackmail us with as it all needs webdav style interaction and that has volume alerts on it.
I wrote "probably around the same number of bugs" to avoid protracted arguments with windows fans about specific numbers.
I said Linux bugs were cheaper because if Windows has 1,000 bugs and Linux has 1,000 bugs (I'm saying that just to simplify the argument) but Windows costs $100 and Linux is free then Windows bugs are 10¢ each whereas Linux bugs are free.
To put it another way, if you're going to get 1,000 bugs anyway, would you rather pay $100 for them or nothing for them?
Ah yes, Linux. Where kernel updates are discouraged by the #1 distribution because they have a semi-decent chance of breaking your computer. Where there is typically NO virus detection so you can be pwned and not know it. Where security vulnerabilities go for a decade without being patched. Security theater at its finest.
This new type of virus is ironic, using your malware detector to install malware. I'm sure other third-party AV software have similar bugs in them.
The world still using windows needs to grow up, the world has moved on, and windows98 style security holes cropping up in modern versions of Windows is very concerning.
If you don't need windows does, run something more secure, pretty much everything is more secure than Windows. I can't recall the last time e I saw non Windows malware in the wild, yet not of an hour goes by when we don't get a windows malware infested box in. Even have repeat customers given up trying to fight it, just bring their Windows PC in every 6 months for an automatic wipe and reinstall, malware is now routine part of Windows basically. Most of those people could use a Chromebook and we would never see them again. But that's bad for business ....
Wednesday, May 10, 2017
Exploiting the Linux kernel via packet sockets
Guest blog post, posted by Andrey Konovalov
https://googleprojectzero.blogspot.co.uk/
Conclusion
Right now the Linux kernel has a huge number of poorly tested (from a security standpoint) interfaces and a lot of them are enabled and exposed to unprivileged users in popular Linux distributions like Ubuntu. This is obviously not good and they need to be tested or restricted.
==
Just saying . . .