![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
mdlbearThis eWeek article starts with the following:
In a rare discussion on the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall operating systems as a practical way to recover from malware infestation.
"When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit," Mike Danseglio, program manager in the Security Solutions group at Microsoft, said in a presentation at the InfoSec World conference here.
Now, the second part of this is true even in the Unix/Linux world: once your machine has been compromised, the only really reliable way to deal with it is to nuke it and re-install. The difference is that in the Unix world it doesn't happen very often, it doesn't take long to fix, and your local data (user home directories, databases, etc.) are going to be in separate partitions that don't have to be wiped because user code is very unlikely to be capable of compromising the system.
The first paragraph, though, says that Windows is so insecure and so badly broken that the only thing you can do is minimise your downtime when the inevitable, frequent, successful attacks occur. And that neither Microsoft nor its users see any other solution.
no subject
Date: 2006-04-04 10:24 pm (UTC)no subject
Date: 2006-04-05 01:23 am (UTC)no subject
Date: 2006-04-05 02:09 am (UTC)I have a great solution to that problem in the article. Avoid MS products.
no subject
Date: 2006-04-05 03:01 am (UTC)no subject
Date: 2006-04-05 03:10 am (UTC)no subject
Date: 2006-04-05 03:31 am (UTC)Symantec and McAffee have a vested interest in seeing that Microsoft stay at least somewhat broken. So does Microsoft, actually. If they can get away with teasing us with the Next Big Fix long enough for Ballmer to retire, then they win. And everybody doing the Dominant Paradigm loses bigtime when MSFT finally throws up its hands with respect to Windows and the stock price tanks, throwing a bazillion retirement plans into disarray....
But, yeah, a properly partitioned Linux (or other Unix or Unix-like, including MacOS X) box being run by an unprivileged user has designed into it an order of magnitude more security than Windows will ever have without a total rewrite. Which they're not willing to do, because it would put them and a lot of other people out of business. A *lot* of other people.
And I'd be willing to let them continue, except that they're also foisting this big-brother, we-own-everything-and-you-just-rent, and oh-by-the-way, neither-property-nor-privacy-rights-exist kind of attitude on the general populace, and you only have to look at the other Washington to see where *that*'s getting us.
Nay, f--- that.
What do you bet Microsoft will start offering a service to reload your Windows box with the software it knows you own over the network, just type in your credit card number here....
And what do you bet there'll be phishing schemes based on it before it even goes live. (I know, no bet on a sure thing...)
no subject
Date: 2006-04-05 04:16 am (UTC)chkrootkitfrom a cron job. If a system fails that and I can't find the problem, I can do a clean reinstall in under an hour. (It's amazing how fast you can install from a local mirror.)No bet.