And if you don't want that application to put your security at risk via the arbitrary code execution exploit du jour, all you have to do is run that application in a separate limited user account. And make sure all your important files' ACLs prohibit access from that account. And don't use runas, use an actual separate login session, because of window shatter attacks. It's so easy, I bet everyone runs their applications this way. I'm sure you do. ...Right?

99% of avoiding Malware is simple not being an idiot and not going to places you shouldn't

You mean shady websites like mysql.com?

"It exploits the visitor's browsing platform (the browser, the browser plugins like Adobe Flash, Adobe PDF, etc, Java, ...), and upon successful exploitation, permanently installs a piece of malware into the visitor's machine, without the visitor's knowledge," say the researchers. "The visitor doesn't need to click or agree to anything; simply visiting mysql.com with a vulnerable browsing platform will result in an infection."

all possible bit combinations for the bad sectors

A floppy disk sector is 512 bytes, so even with just a single unreadable sector there are 256^512 possible combinations, more than there are atoms in the universe.

If the majority of people used a Mac, then there would be Mac rootkits all over the place, and a few people would be bragging about how secure Windows is.

* Drive letters - WTF???

* \ instead of the standard / - leave it to Microsoft when faced with picking a sane choice and and a mind boggling idiotic one...

Why are mount points better than drive letters, and why is / better than \? Unix's own particular way of naming files is far from universal.

Complain to your application's maintainer. Windows notifies applications before the system is about to restart for updates. Applications that don't save the user's work are defective.

If the user's not present, where is it supposed to save the work to? You certainly don't want to overwrite the previous save without asking. %APPDATA%\myapp? And now you have to check on startup to see if anything was saved there and let the user know about it if so, because the user sure is going to have a hard time finding it otherwise.

Yay, more logic that has to be implemented in every program. And if the developers of a program fail to do so, there is absolutely no indication to them that they've done something wrong. When you make it easy to do the wrong thing and hard to do the right thing, people are going to do the wrong thing. An OS designed with ignorance to this fact is what's really defective.

Triple DES can be cracked by anyone with a sufficiently fast computer (even faster if you have special custom made chips for it)

That's the original (single) DES; Triple DES is still not feasible to crack.

I also hope that some state gets its hands on him, and he ends up serving some time in a fuck you in the ass state pen with thugs and violent offenders.

Really, you're happy with thugs and violent offenders being given free sex slaves paid for by your tax dollars?

If this country had a single ounce of sense we would just shoot the guy.

If you download and run a program without sandboxing it, then you are trusting its source by definition.

Don't confuse "trusted" with "trustworthy".

You would pay $5 a Banana or Apple so that "american" workers can do it?

Do you really think a person can only pick two fruits per hour? Because that's what would be necessary for prices to have to go up that high as a result of paying the fruit pickers the legal minimum wage. Seriously, do the math.

The sad, simple fact is that you can't fix stupid. No matter how much you try to educate the end user, they don't seem to listen. If Joe Public wasn't so uneducated about it the problem would go away entirely.

We could fix all 7,000,000,000 people in existence, or we could just fix all 3 operating systems that anyone uses. Which is more practical?

The problem is that current OSes make it very easy to install software and give it full privileges, and very hard to install software and give it only limited privileges such that it can't cause you harm (in both Windows and *nix, you have to create a new user account for it, but Windows is worst because most programs can't even be installed unless you're running as administrator)

Reverse the difficulty, and malware relying on "user stupidity" would pretty much disappear.

It's a minor update: just like they didn't keep updating 4.0 when 4.0.1 came out, they don't keep updating 4.0.1 when 4.0.2 came out. But for marketing reasons, they decided that 4.0.2 would be called "5.0".

Most people seem to have this mindset that using RAM is bad, and the more memory you have free and unused the faster your computer will be. These are the same people who think they're increasing their computer's performance by turning off superfetch, etc.The problem with this perception is that it's completely stupid.

Programs load data into memory because memory is fast and your disk and the network are significantly slower; hundreds or thousands of times slower, and pointlessly unloading the data from memory increases the risk of having to go back to the slower disk or network to retrieve it later. If you still have RAM available, it is actually detrimental to your system performance to free this data.

If it were possible for programs to allocate caches that work like the filesystem cache, where old items get discarded automatically to make room for anything more important, then this would make sense. But in real life, when a program written with that "unused memory is wasted memory" philosophy has filled up RAM and you start another program, the first program will have to go to the swapfile. Return to it later and it'll take forever to become usable again, while it gets re-loaded 4kB at a time. (I'll usually just kill the firefox.exe process and restart it when this happens, because that's actually faster)

That's all well and good in a corporate environment, but do you really expect every home user to have his own personal IT department?

If you think Apple software is inherently secure, read up on some of the past Pwn2Own contests.

Don't kid yourself - the only reason OS X doesn't have much malware (yet) is that Windows is used by far more people and is therefore a juicier target.