[4359] in WWW Security List Archive
Re: UNIX less secure than Win95? (was Re: Sceptic about (Funds ...)
daemon@ATHENA.MIT.EDU (BVE)
Tue Feb 11 15:29:18 1997
Date: Tue, 11 Feb 97 12:35:08 EST
From: bve@quadrix.com (BVE)
To: jay@homecom.com
In-Reply-To: <32FF3A6F.76F7@HomeCom.com> (message from Jay Heiser on Mon, 10 Feb 1997 10:10:39 -0500)
Cc: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
BVE wrote:
>
> I wholeheartedly agree with this point. Win 3.1, and Win 95, need to be thrown
> out. Basic user security, which we've had in other computer systems for over
> 30 years now, needs to come to the desktop.
Whoah! I hope I'm not quoting you out of context. Security issues
rarely have
a higher priority than business issues. Those two operating systems are
way too
useful to be thrown out. Its going to be impossible for those two
I didn't mean we can just stop using Win3.1 and Win 95. What I meant was that
the (lack of) security model they use is very bad, and the state of corporate
security is going to have big, glaring holes until such time as these two
"operating systems" are gone. For that matter, your PC at home will be quite
susceptible while connected to the 'Net, as well. Win 95 is especially
dangerous, as it understands IP, and therefore has more doors and windows to
climb in than Win3.1.
Would you be happy with NT? Whatever its relative degree of
'secureness', I'm going
to go out a limb and say that its easier for an inexperienced user to
cause damage
with UNIX than with NT. But even though its easier to use, NT still
NT at least allows for securing the machine, and separating administration from
users. Therefore, it provides the basics, and would be a substantial
improvement over 3.1 and '95. As for inexperienced users causing damage, I've
done *way* too much PC support to buy that argument. All you have to do to
louse up your PC is install some random COOL program, and you can make all your
existing applications stop working!! Not to mention all the random changes to
Control Panel settings I've seen. ("No, I *never* went into those menus!")
UNIX does a substantially better job of protecting the system from the user.
UNIX does a worse job of protecting the user from themselves. Not that this is
particularly relevant, as I acknowledge that no one is going to throw away all
those office automation apps, and other coool software. They simply have to be
ported to a better operating system. Failing any other choice, NT at least
meets the basic requirements....
without doing requirements analysis up front. For most people, Win95 is
still the
Take a good, hard look at NT4.0. New interface, better stability, better
security. Disadvantage: limited hardware compatibility....
BTW, which operating system is sucessfully attacked more often over the
net,
UNIX, NT or Win95? So far, its been UNIX, hasn't it? Couldn't we
make a case
that UNIX is less secure than Win95? Is there a 4th choice to consider?
Absolutely not. UNIX is obviously more secure than Win95, by any reasonably
objective measure. Yes, there have been more hacks and holes discovered in
UNIX, but people haven't been trying to break into Win 95 for the past 25 years
or so! When someone actually bothers (to break into Win95), it's trivial.
(Especially if you're at the keyboard. Note that UNIX does *not* have this
problem, in general!)
I agree that Win3.1 and Win95 can't be dismissed out of hand, but every effort
should be made to migrate away from them (even MS wants you to!). As
compatibility problems are resolved with NT, roadblocks to upgrading will
disappear.
-- Bill Van Emburg
Phone: 908-235-2335 Quadrix Solutions, Inc.
Fax: 908-235-2336 (bve@quadrix.com)
Check out http://yourtown.com! (http://quadrix.com)
"You do what you want, and if you didn't, you don't"
