dashing_cavalier's Journal: Sigh. Yet *another* critical Windows vulnerability...

WTFFF? Another critical vulnerability in Windows? I'm shocked! Here's the article.

Is it possible to secure a Windows box? I have done my best in my professional career to ensure that each Windows box I have had any control over is secure, but I can't feel 100% confident that one of the boxes I've configured won't be 0wn3d at some point in the future. Especially if they're not patched every other day to prevent the latest 'sploit. If I were still a consultant, I could not in good conscience recommend a Windows setup anymore if security were critical to the application.

I used to think that it was possible to secure Windows. I even took a course on Windows security that was taught by a former NSA spook who claimed he had set up a secure NT4 based network that was never compromised. Hmmmmm - that he *knew* of anyway... ;^) Since then I have given up on ever thinking that Windows will be totally secure. Trustworthy Computing? Sha, right! I don't even attempt to any open ports on my home router to forward to my Win2K server since who knows when the next 'sploit will be found?

I feel that the main reason for the continuing Windows security problems is that Windows was never designed to be a secure operating system. That and what Tackhead said about Trustworthy Computing. All the security code that has been added is nothing but window dressing (pun intended :^)). If M$FT truly wanted a secure OS, it should start over - flat out rebuild Windows.

Now to be fair, Linux can be made insecure and people do find security flaws (usually not with the core OS, tho.) Can Linux be misconfigured by an admin? Sure, same as Windows. But Linux is designed with security in mind - that's a huge difference! My eyes are opening - I feel like I've finally been unplugged from The Matrix...