Vista Hackers Get Busy

An anonymous reader writes "Microsoft's long-awaited Windows Vista release Thursday for business customers will get more than just the passing attention of network administrators. That's because hackers will be eagerly waiting to do what hackers do best: start some mischief." Some folks on the Black Hat set got a sneak peek at Vista earlier this year, so they've had time to prepare.

The most retarded story ever?

[Anonymous Coward]

Because crackers were obviously waiting until Vista was available in stores.

Re:

[Anonymous Poodle]

Yeah, hacking a beta would lose you style points . . . . .

Re:

[Ubitsa_teh_1337]

Actually, the final version of Vista has been available for ~3 weeks online, so it's not just the beta that people have been hacking away at.

Re:

[Fred_A]

Really ? Hmmm. I can't help but wonder if my coasters would look better with a 0 Day vista on them.

Re:The most retarded story ever?

[Asztal_]

I'm sure someone has managed not only to circumvent WGA, but r00t Microsoft's WGA servers and set the Administrator account's screensaver to a marquee: "Dear aunt, let's set so double the killer delete select all."

Re:The most retarded story ever?

[MioTheGreat]

By replacing two files in Vista with their RC2 counterparts, you were able to trick Vista into thinking it was RC2 for key and activation purposes.

Re:

[cnettel]

Does that include the 180 day (or whatever it is) timebomb?

Er surprise?

[brunes69]

How are they even supposed to know? Unless you're one of the tools who doesn't run Windows behind a stateful firewall with egress filtering so you know exactly who it is talking to.

Seriously - I stopped trusting Microsoft years ago. The idea that I would let Windows just sit there and phone home is assenine.

As far as updates goes - www.autopatcher.com for me.

Re:The most retarded story ever?

[Anonymous Coward]

Well, yes. I'm sure all the crackers have gotten their grubby little mitts on the thing already, but the general populate hasn't. What good is being able to break into Vista already, when no one is using it yet. Once the use of the OS starts to grow after it is released, there will be an abundance of targets. Not so, right now.

Re:

[Monchanger]

You can't get a Slashdot story written about you (albeit anonymously) by being the second confirmed crack.

That, and the adoption is still low due to there not being an available cracked version...

Re:The most retarded story ever?

[Jahz]

Well, yes. I'm sure all the crackers have gotten their grubby little mitts on the thing already, but the general populate hasn't. What good is being able to break into Vista already, when no one is using it yet. Once the use of the OS starts to grow after it is released, there will be an abundance of targets. Not so, right now.

Targets? Are you under the impression that the only reason to exploit a machine is to form a bot net? Additionally, have you considered that an exploit written/discovered during beta can, in most cases, be SAVED until release? It's not like the evil hackers are reporting their hacks to Microsoft for QA purposes.

*sigh*

Re:

[timeOday]

And what do you suppose the adoption rate of Vista within the next few months will be? I'm betting 0%, give or take. Hackers would be better off going after OS/2.

Re:The most retarded story ever?

[Danse]

And what do you suppose the adoption rate of Vista within the next few months will be? I'm betting 0%, give or take. Hackers would be better off going after OS/2.

With OEMs installing it on new boxes, I'm betting the sales pick up fairly quickly. I sure won't be one of them, but I know plenty of people who wouldn't think twice about getting the latest OS on their new PC.

Re:

[quakeroatz]

That right! First we'll all drop $300 on Vista, crack it, that will show them!!

Wait....

Re:

[darkonc]

You seem to forget that most exploits are profit-oriented these days.

Besides: The VISTA betas have been available for free, so you don't need to shell out $money to get a copy to test your cracking skills on.

Re:The most retarded story ever?

[StikyPad]

No, they were waiting for legitimate customers to install it so they could try out their hacks in the real world. See sig.

Re:

[Jah-Wren Ryel]

No, they were waiting for legitimate customers to install it so they could try out their hacks in the real world. See sig.

Rrrright. Because no legitimate customers have been running vista for months [microsoft.com] already.

Re:

[Deliveranc3]

Sure, 100% business machines Likely the high end workstations.

It's a botnet Dream!

Plus there might actually be useful information on these machines.

And 0 day hacks + Windows Phone home (rendering them undetectable) = massive pwnage.

Re:The most retarded story ever?

[The Great Pretender]

They should have released Vista during NASCAR season, then the crackers would've been too distracted to mess with it.

Re:

[rucs_hack]

does this mean XP will become safer?

I mean, if all the hackers are working on Vista, surely the current crop of XP worms etc will go out of date, and a properly set up XP box won't be at such risk from a constantly evolving virus enemy

Re:

[Orange Crush]

does this mean XP will become safer?

About as safe as Win98 is today. XP will still be the most common desktop OS for years to come. Average users don't upgrade OSes. Heck, they don't even patch them. XP was released in 2001, yet three years later Windows 98 still accounted for more than a quarter [wikipedia.org] of Google page views.

Also, Vista's (theoretically) harder to pirate than XP was and I'd wager that a large part of XPs early adoption was via corp .iso's.

The hack I'm waiting to see

[gbulmash]

I'm waiting to see a worm that exploits a vulnerability to execute code and does the following:

• Searches the windows registry to identify your network card and downloads the proper network driver and a basic kernel.
• Overwrites the MBR so that the next time you restart your PC a bootloader loads the kernel and a network driver, begins an unattended install of Linux, and sets the bootloader to boot into Linux by default.
• Does NOT overwrite or reformat the Windows partition, but instead mounts it so you can

Re:The hack I'm waiting to see

[skinfitz]

Runs a little "You now have Linux. Let us show you why you should keep it" demo at startup.

See that's where your idea falls down - that would require artistic and creative skill along with the ability to - heaven forbid - document something.

Skills that most programmers simply do not posess, unless you are talking about making ASCII porn pictures of anime characters, but I don't think that's going to sell Linux to the average Windows user.

Re:

[Fred_A]

Then the interesting thing would be to see how many people actually just keep Linux. :-)

I think about 8. One at McAffee, one at Avast, one at AVP...

Re:

[nickos]

I don't think it does FOSS's image any good for Linux to be associated with virus writers.

An aside - it's interesting how most successful modern viruses aren't really as harmful as they could be on the machines they infect. Sure they often zombify the machine, but to the uneduacted user this just means the machine runs a little slower than before. If a virus were to successfully infect many machines and then format all of their harddrives on a designated day a couple of months later I think there would be a

Re:

[LifesABeach]

Dawn sweet idea for a worm; About the only thing that I can think of is when the linux desk top manager lights up, its look and feel is the same as the Microsoft desk top manager, and the user could choose which one is more preferable like '98, 2000, XP, or Vista. Heh heh, the howls at Microsoft would be deafening.

Re:The hack I'm waiting to see

[Milton Waddams]

Woah, this comment is even more retarded than your first one.

Re:

[jonnythan]

10% of people who get Windows viruses already dual boot into Linux and Windows?

Wow.

Hack WGA First

[Mateo_LeFou]

Make it better. The less piracy of windows there is in the world, the more people will get into free alternatives

Re:Hack WGA First

[Jherek Carnelian]

Make it better. The less piracy of windows there is in the world, the more people will get into free alternatives.

Hell, make it deny everyone. The less legitimate use of windows there is in the world, the more people will get into free alternatives.

Re:Hack WGA First

[pallmall1]

Hell, make it deny everyone.

What are you trying to do, kill the spam industry?

Re:

[Tim C]

I'll choose my own OS, thank you very much.

Re:

[Iriestx]

Ding ding ding. After seeing the WGA/DRM nightmare that is Vista, I wiped my Windows partition and am full time Ubuntu. I've never been happier with and more excited about the future of my OS.

Re:

[Redlazer]

I did the same, but then i ended up saying to myself "Now what do i do?"

But, much like someone above said, to each his own. I like playing games, and most games are not available for Linux. Dont get me wrong, Linux is fantastic, but it just lacks that ease of use and get up and go that Windows has. And yes, the WGA thing does keep me up at night, staring at my computer, expecting it to try and kill me in my sleep. And then take my wallet.

-Red

mmm... Wii

[Mateo_LeFou]

That is pretty much all. I played it with my brothers last weekend. Good God, I pity its competitors.

Re:

[Mateo_LeFou]

Good luck. I never quite got the appeal of Ubuntu (pretty die-hard fedora guy), but I understand it's helping many such as yourself cut the shackles.

Re:

[Iriestx]

The biggest appeal to me was all of my hardware working on the first boot. The biggest headache I've had trying to make the switch was making all my hardware work. Once that happened, the shackles took themselves off.

Re:

[Fred_A]

Good luck. I never quite got the appeal of Ubuntu

It's a polished Debian. It should be self explanatory.

Apart from that, since it's a Linux distribution, it installs pretty much the same thing as any other Linux distribution, so in the end there isn't much difference, especially to a seasoned user.

Re:

[Anonymous Coward]

have gotten bored to tears trying to figure out something fun to do with it.

$ dd if=/dev/zero of=/dev/null

Re:

[Ajehals]

Is this the game where you have to count how many seconds it takes for /dev/null to fill up? Im up to 6 already!!! :)

Re:Hack WGA First

[kimvette]

My backup archive server NEVER runs out of space. I've been archiving old backups to /dev/null weekly for four years now. It is amazingly efficient.

Re:

[Fearless Freep]

Have you tried a restore yet?

Re:

[Alsee]

I used to use the same backup technique but the restore process was too slow for my taste, waiting for my data to come back out of dev/random.

-

Re:Hack WGA First

[WoLpH]

It all depends on your definition of "fun". You can play a lot of games with ease, kde alone features games like Fleur II, Bricks, Raeumen, Neuner, Spooky Shooter, Sheep, Megami and a lot more. Those games are considered "fun" so what is your point really?
Exactly, Linux isn't bad, it's just not what _you_ want.

For me it's the exact opposite, every time I work on a Windows machine I just feel restricted, I can't move around as fast, everything takes more time to do... So is Linux now better then Windows? No it isn't, it's different, it is superior at some points, it's inferior at some other points. Neither is perfect, just keep in mind that the world doesn't revolve around you, your opinion is just one of billions ;)

Re:

[Five Bucks!]

As I said in my previous comment, "I'm only speaking from my perspective, but I'm sure others share my sentiment."

That said, I do agree with you. It would be foolhardy to say Windows is always greater than Linux or OSX - disregarding inherent security and stability issues, the OS that is best depends on the one that allows you to work most proficiently. For me, it is Windows; but I'm competent enough such that I could become proficient with Linux. It's just that the latest in gaming is usually released fo

Re:

[Tim C]

That's nice, and believe me I'll be at the head of the line to grab a copy of UT2k7, but that's just one game. The number of (commercial/big name) games released for Windows still outnumbers those available for Linux by several orders of magnitude, even if you only count *good* games...

Re:

[Ash Vince]

I had the same problem. I found a better solution was to ditch ATI and use nvidia.

The main thing that sold me was someothing on the nvidia site saying how much commonality there was between the driver under linux and windows.

Before anyone bothers replying talking about binary drivers being bad please see my previous posts on the issue. I think they are fine (and ATI use them anyway from what I remember).

All being said though, I do play most games under windows as the DirectX seems to have more pretty functi

Re:

[Tim C]

as the DirectX seems to have more pretty functionality than OpenGL

Let me fend off the obvious replies by saying simply that DirectX encompasses far more functionality than OpenGL does, and that that's by design. What you *should* be comparing is Direct3D and OpenGL.

(And yes, I knew what you meant, but you know what pedants us slashbots can be)

Re:Hack WGA First

[dave420]

And I feel the same way when working in Windows than Linux - as you say, it's all down to the individual. That's why any fanboy asshat trying to convert people to any other camp just serves to piss them off - people will change when they want to - not before.

Cedega

[Mateo_LeFou]

This issue is quite common. I don't know the status of Cedega, as I'm not much of a gamer, but I undertand it's very useful.

Re:

[springbox]

Hey, Linux absolutely kicks ass for servers. That is if you find writing backup scripts and writing traffic control rules fun (no sarcasm, sorry, it can be interesting.) I still personally use Windows on my desktop system though.

Re:

[jZnat]

I know this might not seem as easy as clicking next a few times, but installing Quake 4 (for example) was as easy as copying a few files from the CDs and running the latest patch from id Software to fill in the rest of the files.

Always a game

[nawcom]

Microsoft software will always be a puzzle game to hackers and such; closed, hidden, and exciting to find.

Re:

[hollywoodb]

puzzle game ... closed, hidden, and exciting to find

Isn't that the credo of Windows users?

"6 months running, don't know what the hell is happening, time for (another) reinstall!"

It's Starting Already...

[Anonymous Coward]

I don't even have the operating system installed and I'm worrying about the hackers and the virus already.

Wondering how many...

[Darundal]

...Viruses and other bits of Malware will be out in the wild ready to hit machines running Vista when corporations and other VLK owners start getting it installed and running. Microsoft claims it is their "Most Secure Operating System EVER," should be interesting to see how well they actually do maintaining that claim. I bet nothing for 2 days, but ~5 within the next week. What should be more interesting is how much press they get, and how Microsoft responds to them.

Re:

[jmp_nyc]

I bet nothing for 2 days, but ~5 within the next week.

I wouldn't take the other side of that bet. It looks like any of those early adopter companies that are running Lotus Notes (or any other third party mail client) are screwed from day 1. [zdnet.com.au] It seems that Microsoft put a big lock on the front door, but left the sliding glass door to the back yard wide open.
-JMP

Re:

[I'm Don Giovanni]

All I see in your referenced article is that faulty third party email clients might be tricked into running executable attachment malware. How is this Vista's fault? The faulty third party email clients are at fault. Sophos is making a big deal out of this because they sell security software and want to make sure people still buy their stuff.

At least the malware run by these clients won't run with admin priveledges under Vista, so it's at least as good as Linux wrt that. And Vista's builtin mail client

Outcome is Predetermined

[mpapet]

1. Windows will always have "enough" security for most users. There's no incentive for them to do any better because they own the market already. Therefore, end-user security is not important.
2. The target is too big and the OS too poorly designed for running a reasonably safe desktop.
3. The outlook for system administration is good because there will be plenty of work.

What's sad is the Wikipedia page that compares Vista to XP conveniently studiously avoids the fact that Microsoft and the media corporations now control essential parts of your computer. http://en.wikipedia.org/wiki/Features_new_to_Windo ws_Vista [wikipedia.org]

I give the first verified Vista exploit 90 days from the day they ship to consumers. What's your bet?

Re:Outcome is Predetermined

[RAMMS+EIN]

``I give the first verified Vista exploit 90 days from the day they ship to consumers.''

Is that because it takes them 187 days to verify it?

Beats the ThunderBird mail-eating bug.

[Animaether]

Sorry, going to be almost entirely off-topic here because a submission on this was rejected and I think it deserves at least some exposure. If it was Outlook eating e-mails Slashdot would be having a field day, but alright.

ThunderBird v1.5.0.8 introduced an issue where malformed e-mails (namely the Referer: header value matches the Message-Id: header value) is causing the e-mails not to be displayed. They are received, they're in the mailbox file, but they're not displayed. The error is probably somewhere in the Threading code, but affects non-threaded Views all the same. Worse yet, if you compact your folders (as you are recommended to do regularly), the invisible e-mails will also actually be deleted.

This issue has been in ThunderBird since 1.5.0.8 release, obviously. It was first discovered on November 9th. A bug was logged on November 11th. It is now December 1st (here anyway), and an official fixed release is not expected until later this month.

There is no telling how many users are affected by this bug, as most users will never realize that the mail isn't arriving - and when told, the first few things they would check is spam filters, their ISP's spam filters, firewalls, junk filters, and then the MozillaZine page on disappearing e-mail (sad that there's such a page) - which makes no mention of this bug either.

I'll take an exploit any day - turn my machine into a zombie if you must - but causing me to lose mail for no good reason, knowing about it, and not officially fixing it, is inexcusable.

That said - the fix is in the 1.8 branch, in 2.0, and in the nightly builds. Thing is, only way to know about it is if you read the bug (change referrer - bugzilla.mozilla blocks slashdot referrers):
https://bugzilla.mozilla.org/show_bug.cgi?id=36040 9 [mozilla.org]

Re:

[MullerMn]

Thing is, only way to know about it is if you read the bug

Or if, for example, you were to read the release notes?
http://www.mozilla.com/en-US/thunderbird/releases/ 1.5.0.8.html#issues [mozilla.com]

Re:

[westlake]

What's sad is the Wikipedia page that compares Vista to XP conveniently studiously avoids the fact that Microsoft and the media corporations now control essential parts of your computer.

and this has meaning in the market Vista shares with cable TV, the PVR, HDTV, the video game console and DVD player because...?

free-as-in-beer and free-as-in-freedom do not have the same meaning to Microsoft's target audience as they do the Geek. to the middle class, the computer is an office machine and a household appl

Re:

[jZnat]

The Xbox360 is a "trusted computing" environment where all executables are cryptographically signed and whatnot. Windows runs on a normal PC, so they don't have that sort of control over the computer right now.

Re:

[quanticle]

And that's exactly why Microsoft is pushing "trusted computing" aka NGSCB/Palladium, with its associated motherboard-integrated TPM chip so heavily. TPM allows the manufacturer to cryptographically sign all code running on the machine, and only allow "trusted" code to run.

Sneak Peeks

[RAMMS+EIN]

``Some folks on the Black Hat set got a sneak peek at Vista earlier this year''

It seems to me pretty much everyone got a sneak peek at Vista earlier this year.

Re:

[Utopia]

That comment seems to be from the Slashdot editor not from the submitter.
Obviously he didn't get a peek.

  .

Helping Hacker Culture Grow

[foobsr]

If you are a writer or journalist, don't say or write hacker when you mean cracker. If you work with writers or journalists, educate them on this issue and push them to do the right thing. If you catch a newspaper or magazine abusing the work `hacker', write them and straigten them out (this appendix includes a model letter).

The New Hacker's Dictionary [outpost9.com]

CC.

Re:

[GaryPatterson]

While I sympathise to some extent, you're fighting a lost battle. In fact, it's pretty much the same one that people who bemoan that the word "gay" no longer means happy lost years ago.

To 99.9999% of the world, Hacker == Cracker == bad person

Re:

[billsoxs]

Get a grip

It is "JURY rigged" not gerry rigged. See http://www.worldwidewords.org/qa/qa-jur1.htm [worldwidewords.org]

Re:

[Simon Garlick]

http://en.wikipedia.org/wiki/Jury_rig [wikipedia.org]

Re:

[slackmaster2000]

This will never change in the media.

The term "hacker" has for a very long time been used to describe those individuals who break into computer systems. Your computer gets "hacked," your software is "cracked." When Hollywood makes a movie about kids who break into computer systems, they are called "hackers." When you read in the paper about people going to jail for breaking into computers, they are referred to "hackers." This is the terminology that average people understand.

Aside from all that, "cracker

Re:Helping Hacker Culture Grow

[badboy_tw2002]

You mean REALLY liking computers won't turn my hair blue and introduce me to a world of leather clad babes and techno music? I thought I just wasn't using mine enough. This is disappointing.

Yeah, I don't really understand why people get mad at "hacker == cracker". They're mislabled as badboys. You wouldn't want them mislabeling you as fat lonely nerds who live in their....

Wait.

Shit.

Re:

[ampathee]

Personally, I say 'geek' - I think it sounds cooler than 'nerd'.

Re:

[LO0G]

Actually the difference is that a geek bites the heads off chickens [wikipedia.org].

Re:

[SCHecklerX]

Or just accept to use it as both. I say 'I like to hack neat soultions together' and also say "yeah, those hackers love to put botnet backdoors on your private LAN". I don't know why it can't have both meanings effectively and make everyone happy.

Re:

[ConceptJunkie]

Get over it. That battle was lost a decade ago. Nobody cares anymore.

Or are you one of those folks who still gets into System V/Berkeley flame war...

Re:

[Dunkirk]

Yeah, well, can you blame him? He's also one of those guys who makes everyone say "GNU/Linux."

Re:Helping Hacker Culture Grow

[Dunbal]

don't say or write hacker when you mean cracker

      No. That's the thing really. With the DMCA, both of them are criminals now anyway...

Re:

[iwan-nl]

With the DMCA, both of them are criminals now anyway...

...in the US of A. Most other countries don't have these ridiculous suppressive laws.

I saw a long line of these guys at compusa

[Anonymous Coward]

They were all standing around with their tents in their black hats waiting to crack stuff and make keygens and shit. I asked why they were waiting in line when they could have had the RTM weeks ago on Usenet? They replied, "What's Usenet?" Those black hats must really fuck with the circulation in your head. I wonder if Slashdot editors wear black hats.

Third party application.

[Utopia]

Windows Mail identifies and stops all ten threats on its list,
Stratio-Zip, Netsky-D, and MyDoom-O are able to bypass security when a third-party email client is used.

Good proof that Vista is insecure.

Re:

[innocence18]

Isn't this the same as lumping Apache vulnerabilities in with Linux vulnerabilities? 3rd party mail app problems are hardly Vista's fault are they?

Re:

[Utopia]

I was being sarcastic.

Predictions

[Beryllium Sphere(tm)]

o Exploits will be in older code.
o The first "exploits" announced will be simply userland Trojans, as will most that follow.
o Old-style remote exploits will be unusual and dramatically rarer than we're used to.
o Nobody will notice the difference. The media will lump all problems together and the reports will boil down to "LOL V1st4 pwned".

MS has hunted down unsafe APIs and banned crypto algorithms that are damaged (MD5) or that nobody can figure out how to use correctly (RC4). They compile with stack canaries. They've added address space layout randomization. A large number of people in Canada will forever snarl at me in derision for saying this, but Microsoft is beginning to absorb lessons from the success of OpenBSD.

It's never going to be the same, of course. There's not enough money in the world to audit Microsoft's cetacean code base to OpenBSD standards and I can't believe the design of Windows would support privilege separation.

Re:

[jimicus]

The first "exploits" announced will be simply userland Trojans, as will most that follow.

You mean like a lot of spyware today is? Like LoveLetter, MyDoom and Bagle all are?

They may not be kernel-level exploits. But they're still destructive, they still get everywhere.

Re:

[mark99]

Hmmm. How about "elephantine"?

I kind of like cetacean though. I think it is imaginative. And I think the previous AC post is being a bit pedantic.

THE most secure version of Windows, ever?

[gelfling]

Mercy me I can't imagine there will be any vulnerabilities at all in this newest highest priced, longest to develop & release version of Microsoft's ratio sum ultra of enterprise operating systems. And even if there are and someone exploits them that would just be unfair and mean. I'm sure I wouldn't want to know about any exploits in this the most critical and hyped version of Microsoft Windows.

Surley we will not see Vista viruses for some time

[SuperKendall]

As the lession of the Mac has tought us, until an OS has a significant market share there will be no viruses. Therefore we should see no viruses for Vista until the install base exceeds the tens of millions of Macs that are around today.

Right?

Re:

[I'm Don Giovanni]

I take it, from your tone, that you're implying that the lack of attacks against Mac OS has nothing to do with its small marketshare. Interesting that you post this one day after Apple patched 31 security holes. And there were three months earlier this year when Apple patched 40+, 20+, and 20+ security holes. So the holes are there aplenty, but they're not being exploited for some reason. If small marketshare isn't the reason that those holes haven't been exploited, then what is the reason? Why don't y

You reinforce my point

[SuperKendall]

I take it, from your tone, that you're implying that the lack of attacks against Mac OS has nothing to do with its small marketshare.

How perceptive!

Interesting that you post this one day after Apple patched 31 security holes

And then you falter.

Not all security holes are created equal you know; Some security holes are harder to exploit than others. You can never remove all security holes so you approach security using a tactic called "defense in depth" which builds a layered approach to security, such that even if you have a weakness at some level either the levels above will prevent access for an exploit, or an exploit can only get so far. So Apple fixing 31 security holes means only that they are indeed vigilant about patching security problems.

Still virus and malware free, even with these 31 exploits it would seem....

And there were three months earlier this year when Apple patched 40+, 20+, and 20+ security holes

Yes, and three months earlier we also had no malware or viruses.

So the holes are there aplenty, but they're not being exploited for some reason.

(a) you obviously had no idea what the holes were in, and (b) as I said you can never remove all holes - only a fool would imagine that to be possible.

To help you reach a deeper understanding of the situation, consider this - some of those "holes aplenty" were in the OS X SSH server. yet by default OS X does not have SSH enabled. So, realistically, a hole in that system means nothing for a virus writer, because they cannot count of enough people to be running SSH to make that an exploit they can reach. That is but one example.

If small marketshare isn't the reason that those holes haven't been exploited, then what is the reason? Why don't you suggest a reason?

I have - defense in depth. It's too difficult currently to reach the exploits that are open, or to do anything of use when you reach them. Furthermore a good deep defense also means that if an exploit should infect a computer, it's far easier to remove the malicious code - whcih lesses the desire to write an exploit because its lifespan will not be as great.

Let's turn your whole argument around. Apache is a popular web server, far more popular than any other. Yet it too has a distinct lack of sucessful exploits against it compared with other servers. Since marketshare does not seem to tell us anything about the likleyhood of successful attacks, some other force is at work - and that is a better overall security model.

Maybe it isn't small marketshare, but it certainly isn't that the holes aren't there (like Mac fanboys like to suggest).

Mac "fanboys" rarely suggest there are no holes, just that OS X has better security by default which reduces the impact and effect of the holes that will ALWAYS be there. Only "Windows Bitches" distort that argument to claim otherwise. Say, didn't you jus make that mistake?

Re:Surley we will not see Vista viruses for some t

[chthon]

I had trouble with Mac viruses already in 1990. And they were very obnoxious, because the Apple automounted floppy disks. If you inserted one with a virus, your system immediately got infected. If you inserted a new floppy, that immediately got infected too. The only way to clean up was to have a non-writable floppy disk available with the necessary tools.

Some folks got it early?

[nurb432]

What the hell? Microsoft wasgiving out Beta copies like candy at most every seminar/class for months and months.. its not like they were hiding it.

Oh, and there was that little 'public download' they had on RC2... geesh.

Re:wtf bs

[Dunbal]

we had to manipulate the bits with our fingers, in the snow, without gloves on!

      You had FINGERS? You lucky dog. We used to sit around at night, in the freezing cold, dreaming about what it would be like to have fingers...

Re:

[Geoffreyerffoeg]

You had FINGERS? You lucky dog. We used to sit around at night, in the freezing cold, dreaming about what it would be like to have fingers...

You had COLD!? Back in my day, everything was at thermodynamic equilibrium....we didn't have a concept of temperature since there was never heat transfer....

Re:

[Alsee]

We used to sit around at night, in the freezing cold, dreaming about what it would be like to have fingers...

You had ASSES? You lucky dog. We used to ooze around at night, in the freezing cold, dreaming about what it would be like to be able to sit...

-

Re:

[pestilence669]

As devil's advocate:

There's a real good reason to create viruses: To force software makers to patch their software. A bugs generally has a much longer time frame to be fixed. Patching for a virus or worm tends to happen instantly.

Re:

[quanticle]

Because (in both real life and online) where ever there are windows, you'll have douchebags willing to throw rocks through them. You can whine all you want about how these people should do something "more constructive with their time", but that doesn't change the fact that they exist.

You just have to work around/ignore them as best as you can, and go on with your life.

Re:

[ericlondaits]

It IS faster, at some point... because DOS 6.22, Win 3.11 or Win 95 for that matter wouldn't support 64 bit processors, USB 2.0, SATA disks, etc. Installing it in a modern computer would be a huge waste of perfect hardware.

Also, Win95 had much better multitasking than 3.11 (or DOS, which wasn't multitasking at all) so that's "faster" in some sense as well.

Of course newer operating systems are more taxing on resources... but they also can assume the user has a better computer.

Re:

[SCHecklerX]

You forgot to add the word "remotely". Hard to do when there is no network support in the OS.