Windows has more users so it makes more sense to make viruses for it

>>53133036
Windows gives administrator (root) privileges to users by default and has bullshit in the way of validating any executables you install.

Linux has package managers with trusted repositories and gpg verification. Things not on said repositories are generally either compiled from source or installed using shell scripts which can easily be looked over for malicious elements.

Additionally, you can't install much without root privileges, so your grandma can't just download some script from her russian horse porn websites and fuck everything to death.

Microsoft didn't take security seriously for a long time.

>>53133036
>and that if one brand of Linux was as big as Windows it would have the same issues?

Android clearly proves that right

>>53133098
/thread

>>53133098
this is it, nothing else

>>53133099
>which can easily be looked over for malicious elements

Shell scripts can be pretty fucking cryptic m8

>>53133138
>Implying Android .apks are linux binaries

>>53133099
ADMIN != Root.

SYSTEM != Root.

Also, SU privileges aren't what most people are aiming for, because they don't grant access to ring permissions above 1 which is the end of userland in Windows. 3 in Linux.

This is ultimately pointless though because any machine, Windows or Linux that has any installation of Java can have have privilege escalation to the virtualization ring (ring -1) which is the attack vector most people choose.

Ultimately, a properly configured Windows system can be very secure. Even more secure than a Linux system.

Now at this point you're scoffing because you know absolutely shit about low-level computing, but Linus's absolutely unfathomable decision to mirror the monolithic """modular""" architecture of System V means that while it may require a little creative work to deescalate ring protection, the entire system is comprimised once that wall has been breached.

XNU and NT have much more sensible hybrid designs that, when properly cared for and used, are close to impossible to dominate with ease, even after privilege escalation. The lack of permissions granted to even SYSTEM in userland is a huge boon to this.

>>53133192
>the entire system is comprimised once that wall has been breached
Yes, when you luckily/brutally guess the password or you can trick the user to install 3rd party repo.

In default, linux is more secured than windows.

File: stop.png (97 KB, 350x337) Image search: [Google]

97 KB, 350x337

>>53133576
the sad part is you think this is right. did ya learn all your 1337 h4x0r skillz on teh CSI bud?

1.) Bruteforcing a password is for retards who don't know any better
2.) If the system is x86 you can escalate to SU with ~10 lines of C code. Yes on Linux.
3.) If the system has Java installed you can trick the JVM into granting you ring -1 permissions on any system, a step above Root.
4.) The most widely believed lie ever told. Linux is "more secure than windows" only in perception. It's got a smaller userbase of much more savvy users than the average facebook machine that Windows is. If Linux replaced Windows as a desktop it'd get compromised just as often, if not more because it, just like any system is vulnerable if not configured properly. Even more so because it's monolithic architecture that means it only has a single line of defense.

I seriously hope your degree wasn't in anything related to digital computers because you know jack shit apparently.

>>53133099
/thread

>>53133036
Linux kinda makes users know more about their systems. I'd go as far as to say Linux users are more computer literate than average winniggers.

>>53133700
No shit, that's not even speculative. The average windows user is a middle aged soccer mom who knows jack shit about computers. That's what happens when you control a huge portion of the market.

Of course your average Linux user isn't that competant in the grand scheme of things. As seen by people in this thread not understanding why a properly handled hybrid kernel is more secure than a shitty monolithic kernel with side action modular capabilities.

>>53133741
>Handling scroll bars in a well maintained kernel
>>Modular capabilities
Sure, anon

>3 retarded brits make better cars than Indian engineers

>>53133783
The modularity isn't the reason why Linux is shit. The fact that it's monolithic IS. It's a flawed design straight out of the 1970s because Linus ignored every single advance in computational security and design that was made in the 80s because he had such a hardon for the leaked UNIX source.

The result is just as vulnerable as every other monolithic system. Or in other words, introduces a single point of failure for attack vectors.

Yes it grants Linux great speed... compared to microkernels, not hybrid kernels.
>But NT is slower than Linux
This is true and is an artifact from the environment that NT is developed from. 5% performance gains aren't made because maintainers don't really get benefits from it. Meanwhile, every 12 year old and poo-in-loo pajeet working on Linux loves to get pats on the head from higher up maintainers and continually jump on the small performance increases. The result is that since about 2002 NT has fell behind Linux in optimization.

However compare it to the hybrid kernel of XNU and you'll find that Linux gets blown out of the water. Not only is XNU more secure due to it's hybrid design, but it also is faster because it's both actively maintained by veteran developers who gladly take the extremely high paying job Apple throws out for them, as well as the innumerable open source contributions.

>>53133036
These days, nothing really. People are smart, and they want money. Windows has the user base, simple as that.

>>53133099

>bullshit in the way of validating any executables you install

What are hash checks

>>53133192
>>53133659
>This is ultimately pointless though because any machine, Windows or Linux that has any installation of Java can have have privilege escalation to the virtualization ring (ring -1) which is the attack vector most people choose.
Java doesn't do "real" virtualization that needs any lifted privileges it just reads and executes bytecode. If you make auch a ridiculous claim you need to at least provide a source for that.

>If the system is x86 you can escalate to SU with ~10 lines of C code. Yes on Linux
Again, please provide a source.

>>53133834
>high paying poo-in-loo pajeet

>>53133960
>>If the system is x86 you can escalate to SU with ~10 lines of C code. Yes on Linux
>Again, please provide a source.

I assume he's talking about https://www.youtube.com/watch?v=lR0nh-TdpVg

>>53133934
see>>53133700

>>53133036
>GNU+Car

kek

File: screencapture-www-cvedetails-com-top-50-vendor-cvssscore-distribution-php-1456174069877.png (504 KB, 1366x1391) Image search: [Google]

504 KB, 1366x1391

>>53133036
>Is there any way Microsoft could fix that or is it simply too far gone/profitable with antivirus shit
It doesn't work that way, idiot. MS, even being closed source, is the home to the most security exploits out there. On top of that most users think having an antivirus will fix their security holes. The result is exactly what you'd expect

> Leenooksx usebase
> <0.1%

> Windows userbase
> >9000k

>>53133036
Joke's on you, Tesla is actually open source as well.

>>53134149
4chinzz userbase is smaller than reddit/9gag. May be you should fuck back to one of those

>>53134008
That exploit works on all systems though, thats hardly just a Linux thing.

>>53133036
>What is it about Windows that allows viruses to be so easily made for it and exploit it, but not Linux?
The lack of a package manager and the ease to install software from dodgy sources. It's about culture too. In practice sites can host their own repos or plain .deb or .rpm packages but it's rarely used, most people rely on their distro's package manager. OTH "curl | sudo bash" installers are getting common, it's fucking stupid.

>>53133659
>2.) If the system is x86 you can escalate to SU with ~10 lines of C code. Yes on Linux.
PoC or you are a faggot

https://www.youtube.com/watch?v=OXS8ljif9b8
Theo De Raadt ranks Windows second in security only with OpenBSD beating it.

>>53134008
At 40.00m in that video the man tells the memory sinkhole is fixed in SandyBridge and newer processors.

>>53133138
android is not linux. Android is a piece of shit that shouldn't exist as it is today.

>>53133192
>that has any installation of Java
who the fuck use java in 2016 ?

>>53133659
still waiting for the sources on what you said.

>>53135910
It is linux. It's not GNU/Linux though.

>>53133834
I would use the minix3 kernel or hurd if they worked better but they don't have as much development in them as linux.

File: Rally-Fighter-Rendering-03-lg.jpg (175 KB, 1280x960) Image search: [Google]

175 KB, 1280x960

>>53133036
There is already a proper open source car.
Pic related.

>>53135917
every enterprise ever.

>>53136393
Tesla cars actually are open sores

>>53133192
>Also, SU privileges aren't what most people are aiming for

bullshit, most people aim for su privileges because they don't require literally inventing exploits to make virtualisation rootkits less detectable

>that has any installation of Java

or, you know, literally any code execution at all

>which is the attack vector most people choose.

as far as most security researchers are concerned, virtualised ring exploits are still proof of concept and still have inherent problems that don't make them the silver bullet that you seem to think they are

>Ultimately, [windows can be more secure than linux]

[citation needed]

>Now at this point you're scoffing

[bla bla bla]

>while it may require a little creative work to deescalate ring protection,

a "little" creative work

>the entire system is comprimised once that wall has been breached.

the entire system is compromised when the entire system is compromised? colour me shocked

>XNU and NT have much more sensible hybrid designs

windows kernel design has nothing to do with why windows 10 (with supported hardware, more so than is typically needed for virtualisation rootkits in the first place) is more "resistant" to virtualisation rootkits because what windows 10 does is exactly what the rootkits do, run software in a virtualised layer above the operating system

which is all fine and dandy in practice, at least until it's bypassed, and we'll get patches and full world wide web public disclosure when?

what you fail to mention is that these types of virtualisation explots have their weaknesses and 1) reside on the physical harddrive 2) are detectable on guest operating systems (with some work) 3) require root privileges in the first place 4) removable on "infected hardware" (with some work), easily removable on "uninfected" hardware 5) aren't found in the fucking wild

>>53133659
>2.) If the system is x86 you can escalate to SU with ~10 lines of C code. Yes on Linux.

are we talking about the x86 ring exploit vulnerability? because that's pre-sandy bridge cpus, affects windows also, has already been patched depending on your motherboard vendor

if not, [citation needed]

>3.) If the system has Java installed you can trick the JVM into granting you ring -1 permissions on any system, a step above Root.

the sad part is you think this is right. did ya learn all your shitposting skills from rajheed's first shill camp?

virtualised ring -1 exploits are independent of java and require ring 1 code execution privileges in the first place, and are at best ring 0 without a hardware reboot

>4.) The most widely believed lie ever told. Linux is "more secure than windows" only in perception.

the most widely believed lie ever told is that linux would have as many vulnerabilities as windows if it had a larger userbase

do you know why people refer to linux as more secure in the first place? it's because casual security researchers can both detect intrusions, figure out how said intrusion works and what it exploits to get working, and distribute patches for said intrusion all by themselves (but typically go straight to dev mailing lists and get thousands of independent security researchers from major distributions helping to write patches, verify they work, close any related holes in the software)

it's part of the reason why major, *major* security exploits are worthless on linux systems because they go public so fast and are typically patched almost as soon as they go public, whereas on windows systems such vulnerabilities are worth a shit ton of money on the black market because they typically go unpatched for a very long time and don't get any public exposure, and at least until windows 10, will still affect thousands of users after months because windows users never fucking update

File: 1452343012821.jpg (110 KB, 611x513) Image search: [Google]

110 KB, 611x513

>>53133036
>tesla motors
>closed source

Please tell me this is bait. You monumental idiot.

https://www.teslamotors.com/blog/all-our-patent-are-belong-you

>>53133659
>4.) The most widely believed lie ever told.

>and at least until windows 10

which brings me to the reason linux has the reputation for being more secure in the first place, it wasn't until fucking windows vista that windows users got asked before running programs with administrator privileges (WHICH IS THE DEFAULT FUCKING ACCOUNT TYPE FOR NEW INSTALLS) and look at how well that worked out for microsoft, for months and years until windows 7 you had people wining that windows vista was annoying, people not updating from xp, hundreds and hundreds of guides on how to disable UAC (which went well on past windows 7 release) and only until windows 10 for microsoft to finally force updates down users throats

not to mention the abysmal stock firewall that windows had, I don't even know if they've bothered to fix it but what a joke that was

and look at how microsoft plan to force people to update to windows 10: forcing the dx12 carrot in front of /v/'s face, forcing the prospect of newer cpus and hardware not working on older windows, etc

>just like any system is vulnerable if not configured properly.

which is part of the problem, it wasn't until windows vista introduced some sane defaults for security that common sense became good enough on windows (whereas before it was still powerful but you'd still get fucking wrecked by vulnerabilities and exploits regardless)

it can only be argued that windows is as secure as linux given all the unpopular as shit decisions windows had to make to make their operating system not a heap of shit for security by a default, something linux (and to an extent, osx) had years before microsoft ever thought of fixing their shit

>I seriously hope your degree wasn't in anything related to digital computers because you know jack shit apparently.

it's just good to see that your degree is from rajheed's first shill camp, given the lack of sources, blatant lies and misrepresentation of facts to mislead those who don't know better

>>53137043
>>53136901
>>53136736
thanks for clearing that up.

>>53133834
>This is true and is an artifact from the environment that NT is developed from. 5% performance gains aren't made because maintainers don't really get benefits from it.

or, you know, the 5% performance gains are made on an operating system that is used on the vast majority of public facing servers (>60-80%), and almost all super computers (>96-99%), and because the development model accepting contributions from all over the world is inherently better suited to finding and fixing problems

>Meanwhile, every 12 year old and poo-in-loo pajeet working on Linux

you must be confused friend, as india is the primary marketplace for windows systems and are typically the goto for outsourced windows enterprise based software

>However compare it to the hybrid kernel of XNU and you'll find that Linux gets blown out of the water. Not only is XNU more secure due to it's hybrid design, but it also is faster because it's both actively maintained by veteran developers who gladly take the extremely high paying job Apple throws out for them, as well as the innumerable open source contributions.

it's just too bad those veteran highly paid apple developers can't figure out that flashing unsigned code to the firmware from dma devices isn't generally a good thing for security :^)

>>53137169

anyway I'm done, don't take what you read on /g/ from windows shills as scripture folks, they're probably lying or at the very best misrepresenting facts to suit their viewpoint

as a note I don't think windows/osx are any less secure than windows if configured properly and in the hands of a competent person all 3 of these operating systems can perform very well, but the open source nature of linux is inherently better for security for the reasons I outlined here: >>53136901 - ANYONE can do the basic detection, reverse engineering, and patching, of almost any exploit or vulnerability, and as a result you're not left hanging for updates from a vendor as ANYONE can also apply those patches and fix their system (which are typically released almost as soon as the exploits go public in the first place, usually the patches are written, tested, and starting to be distributed to distribution vendors before it goes public, sometimes even fully patched before it goes public)

it's worth noting that on average, however, the typical severity of exploits found on typical gnu/linux software is far less severe than is the case for windows based operating systems, and the most severe of these typically hit the news big (think shellshock, heartbleed, etc), whereas no one gives a shit or knows that say fonts are a pretty severe attack vendor on windows

Most malware doesn't use exploits, they just try to trick people into installing it.
1. The number one method of installing things on Windows is still telling users to execute arbitrary exe files from the internet
2. Said setups are usually downloaded without any signature and without SSL (which would also allow anyone to intercept downloads and inject malware)
3. MS office documents that may execute arbitrary macro code, the only barrier is a silly warning that anyone usually just ignores
4. File endings aren't displayed by default

Microsoft trained their users to behave in a way they really shouldn't, which is the reason why anyone can just redistribute malware.

>>53133036
Because, unlike Linux, it's developed by pooinloos.