Comments on: Google hacked by China

By: globalizenetworks

globalizenetworks — Wed, 20 Jan 2010 21:05:56 +0000

Those are good points. One reason that Microsoft products are so bloated is the commitment to supporting legacy software. However, that is also part of their corporate value proposition. Anyone who has managed a Linux system can appreciate this when trying to install new packages with an old distribution. DLL hell is replaced by RPM hell.

By: globalizenetworks

globalizenetworks — Wed, 20 Jan 2010 21:02:08 +0000

I agree, but Linux still basically a non-starter as a corporate desktop right now. Even Mac’s have integration issues with predominately Windows-based corporate network infrastructures. (i.e. Microsoft replaced Outlook for Mac which was MAPI with the inferior Entourage which uses IMAP.)

By: Wolfram Arnold

Wolfram Arnold — Wed, 20 Jan 2010 19:09:07 +0000

Another option to stay safe is to move off of Windows entirely. Macs are much less vulnerable, and Linux is even more so, probably by orders of magnitude. The reason is just the same that you mention with IE. Because the most wide-spread technologies attract most malicious attacks, it’s simply a better ROI for the covert elements carrying them out. Also closed source systems are always more vulnerable than open source systems, because the former rely solely on the eyeballs of the company to secure them and it’s probably not their most pressing business concern to create more secure or less buggy software.

In my experience with open and closed source systems, I find without fail that (popular) open source software is substantially cleaner, more modular, more maintainable and secure than anything closed source I’ve seen after years of use.

By: Dan Dascalescu

Dan Dascalescu — Wed, 20 Jan 2010 08:51:43 +0000

There are a few unstated assumptions:
* that security issues once found, are also quickly fixed. Mozilla may push patches more often than Microsoft.
* that users of both browsers are equally likely to report security breaches. Firefox users are probably more capable of telling if they were attacked.
* that the upgrade rate would be equal. In fact, Firefox almost forced everyone to upgrade from version 2 to version 3, while IE 6 doesn’t bug the user to upgrade to IE7, and nor does IE7 promote IE8.

By: globalizenetworks

globalizenetworks — Tue, 19 Jan 2010 20:22:07 +0000

You are right, I contradict myself at the end there. That’s why it’s a good idea to throw these ideas out there for peer review.

IE should be the most robust by that final argument, but I wonder if that robustness is offset by the fact that it’s the number one target of hackers right now. Another point I didn’t mention is that people seem to hate Microsoft particularly. This may or may not change when their market share decreases. Regardless, I am sticking with Firefox myself for now.