As operating systems go how secure is windows 7?

ahyeah78

Just made the jump back from linux to windows 7 again on a new laptop-i know that the linux security model is far more secure than windows could ever be but is are there users heres on boards that think windows is more secure. If so please post your responses in this thread.

Jaafa

Get a half decent security program and stay away from suspicious sites and it'll be as secure as any other OS. It really is that simple.

Capt'n Midnight

it's not quite that simple

to get similar out of the box security as linux

go to secunia.org and download the psi thingy , this will update many-non microsoft apps in the way linux usually does

don't use Internet explorer as it's usually subject to drive downloads ( usually in the sense that at any given time there is almost certainly at least one vulnerability waiting to be discovered)

use whatevery browser you used on linux, and save IE for windows updates


7 is a lot better than the bad old days, microsoft security essentials isn't that bad if you want to keep away from third party apps.

ressem

Windows file system and associated api has some advances over the clutter that is ext2/ext3/Reiser/Btrfs such as built in encryption, auditing and consistent ACL handling.
Some standard applications like gnu tar have been slow to deal with ACLs, so if you don't research it your restored backup might not work as expected.

Fysh

The UAC refinements in Windows 7 are nice but the biggest security hole for home users is still having an admin account by default. I've got a standard user account that I use for everyday stuff, elevating to my sysadmin account for installs, patches, etc.

Yes, it's minorly tedious. But given that there will still be permissions elevation vulns/UAC workarounds out there, it's a smarter way to work than the old "What could possibly go wrong if every user is root?" approach.

uncle_sam_ie

I switched from a Mac to a windows 7 gaming PC a few months ago. The one thing I'v been impressed with so far is the security. I have the free Microsoft Security Essentials running and religiously keep the software up to date. No problems for far.

Stuxnet

as M$ only release security patches once a month, (patch tuesday, 2nd tuesday of every month) unlike linux distros, mere hours after any threat surfaces, 7, vista, etc will never ever be as secure as their linux conterparts.....

ethernet

To be fair, MS break that update cycle if there's a really important update.

The second Tuesday of the month date just happens to make things more predictable for enterprise and sysadmins.

Also, with Linux, you're relying on your distro/the packager/some obscure repository to actually be updated with the patched package.

Fysh

iPwnage wrote: »

as M$ only release security patches once a month, (patch tuesday, 2nd tuesday of every month) unlike linux distros, mere hours after any threat surfaces, 7, vista, etc will never ever be as secure as their linux conterparts.....

Oh wow, you referred to Microsoft as M$, now I know your comment should be taken seriously. And as we all know, it only takes theoretical access to the source code for a software package for vulns to be fixed - you don't need an active developer base or anything. :rolleyes:

Microsoft, for their sins, are usually pretty good about responding to serious vulns in a timely fashion. They're certainly no Adobe (or Apple for that matter). They could be better, but they could also be (and in the past have been) far far worse than they are currently. Don't let that stop you from making numpty-grade remarks, though...

Kinetic^

Fysh wrote: »

The UAC refinements in Windows 7 are nice but the biggest security hole for home users is still having an admin account by default. I've got a standard user account that I use for everyday stuff, elevating to my sysadmin account for installs, patches, etc.

Yes, it's minorly tedious. But given that there will still be permissions elevation vulns/UAC workarounds out there, it's a smarter way to work than the old "What could possibly go wrong if every user is root?" approach.

This is best practice alright, the issue is that your average use is never going to follow this as it'll take to long to go through.

User education is the best way of staying secure, most of them just want the laptop/pc to work and are uninterested.

Fysh

Kinetic^ wrote: »

This is best practice alright, the issue is that your average use is never going to follow this as it'll take to long to go through.

User education is the best way of staying secure, most of them just want the laptop/pc to work and are uninterested.

Oh, I agree that it's hard to get people to go along with, but step 1 of user education when I'm concerned is "Contrary to popular belief, it's not a magic box. Don't expect to get away with treating it like one". It works best with those who've lost either time or data due to Being Naughty While Logged In As Root, though, so it may be that a bad experience is the best teacher of all...

homer911

More secure than Mac OS X apparently

http://www.thewindowsclub.com/mac-os-vulnerable-windows-7?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheWindowsClub+%28The+Windows+Club%29&utm_content=Google+International