Tag: "windows 7"

Adobe on Air and Flash running on HP's Slate

HP released a video showing more of their Slate computer. It's presented entirely by someone from the Adobe Flash platform team interestingly enough.

So the key bit of new information from this video seems to be the Air application HP are using for an application launcher. I don't think that's been mentioned before, but it isn't that big news really. Like their multi-touch desktops they always have a specific front-end on them. I just hope they give the Slate 2GB of RAM.

The main point of the video essentially seems to be a long stab at what the iPad can't do. It mentions statistics like 85% of the top 100 websites use Flash, 75% of all video uses Flash. In addition Adobe estimate more than 70% of all casual games on the web are written in Flash. And obviously to anybody following along, none of that will work on the iPad.

It's good they're trying to communicate these facts, back when the iPad was announced the only thing media could say was how amazing it is, while quoting Steve Jobs saying it'll provide the best browsing experience on the planet - something a bit difficult to argue considering it doesn't support Flash. Obviously nobody from Apple plays games on Facebook, or Portal Forums so it seems.

Internet Explorer 8 is more secure, and why the Firefox fanboys and the media need a security lesson

So Internet Explorer has been the media's main victim this past week. With stories about how it is completely unsecure.

Of course having a vulnerability isn't a good thing, but why is this getting so much attention, especially considering it's not even being used to target individuals? Well I suppose the media have to knock Microsoft, it's about the only thing they can do when it comes to Microsoft so this will have to do.

Tech Radar recently interviewed Microsoft's head security guy in the UK Cliff Evans. And did a pretty bad job of it. So Evans was explaining how switching away from Internet Explorer 8 isn't a good idea - something I agree with.

"If you were to ask me 'what's the most secure browser?' I would say Internet Explorer 8 – we're talking about a single vulnerability," he added.

Ouch a single vulnerability that's bad right? Some guy called richmurrils seems to think so and comments:

That's the funniest thing I've read in ages. :D

Of course what he really demonstrates is how little richmurrils actually knows about technology or security, I expect he was one of the people telling people to turn UAC off /facepalm, and how Tech Radar can't report things in context. So I'll put things in context even if they can't be bothered to, Firefox 3.5 has had at least 35 documented security vulnerabilities. Linux based operating systems can have hundreds of vulnerabilities discovered each year, Windows historically has had the fewest usually at just a dozen or two every year discovered. A single vulnerability isn't anything unusual.

Of course nobody bothers reporting that this vulnerability can only be exploited on Internet Explorer 6, a 10 year old version and on Windows XP a 10 year old operating system. Do Mozilla even bother to support such old products? Of course not.

Alright sure the vulnerability still exists in later versions, but it cannot be exploited on newer systems because of the additional security measures Windows Vista and later provide. Namely Protected Mode made possible by UAC.

When using Firefox a hacker only has to exploit code in the browser to run code on the machine. Exploiting Internet Explorer not only requires them to find a vulnerability and exploit it but it also requires them to somehow break out of the Protected Mode sandbox. Charlie Miller a security researcher talks a bit about this back during the Pwn 2 Own contest:

Why Safari? Why didn't you go after IE or [Firefox]?

It's really simple. Safari on the Mac is easier to exploit. The things that Windows do to make it harder (for an exploit to work), Macs don't do. Hacking into Macs is so much easier. You don't have to jump through hoops and deal with all the anti-exploit mitigations you'd find in Windows (Vista and later -Paul).

It's more about the operating system than the (target) program. Firefox on Mac is pretty easy too. The underlying OS doesn't have anti-exploit stuff built into it.

With my Safari exploit, I put the code into a process and I know exactly where it's going to be. There's no randomization. I know when I jump there, the code is there and I can execute it there. On Windows, the code might show up but I don't know where it is. Even if I get to the code, it's not executable. Those are two hurdles that Macs don't have.

It's clear that all three browsers (Safari, IE and Firefox) have bugs. Code execution holes everywhere. But that's only half the equation. The other half is exploiting it. There's almost no hurdle to jump through on Mac OS X.

Of course 3rd parties could use Protected Mode on Windows Vista and later like IE7 and 8 do. But Mozilla, Opera and others simply don't bother. They let the process run with the same rights as the user which is fundamentally less secure then running the browser in its own little sandbox where it can't get out.

In reality vulnerabilities like these are rarely what normal people come up against on the internet. The main problem is phishing and malware. Both of which are socially engineered to get the computer user to either hand over their data willingly or willingly install an application that's malicious. So how does Internet Explorer compare? IE8 blocks 83% of phishing websites completely, compared to Firefox which blocks 80%. While Internet Explorer 8 blocked 81% of malware before it reached the machine. Firefox blocked less than 30%, and other browsers scored even worse (source).

So not only is it more difficult to exploit vulnerabilities on Internet Explorer 8 on Windows Vista and up. The malware and phishing filters are also better on IE8, something that will protect most computer users.

One last comment is on how well Google and the media have spun this around from a story about how Google got broken into and people's personal data was stolen into a story about how a 10 year old browser on a 10 year old system has a single vulnerability, without even asking why Google are running such dated systems or without bothering to report that newer versions of IE aren't as susceptible. Nice spin department working there.

Update: Mark informed me that Chrome also runs in a sandbox.

Anti-virus, anti-spyware and firewall recommendations for Windows 7

I've had a couple of people e-mail me asking what they should install on their new Windows 7 computers since some of the firewalls and anti-virus software they've used in the past aren't compatible.

Long time readers of my blog will know the epic battle I've always had with anti-virus. To the point where during the Windows Vista timeframe I didn't run anti-virus. Obviously I don't recommend the average computer user to do that. But I could never find any anti-virus software that was both free, fast and not annoying.

In Windows XP you could tolerate anti-virus and 3rd party firewalls constantly nagging you and having annoying spinning icons in the system tray. In Windows Vista because the OS experience was so much cleaner than Windows XP anti-virus software like AVG or Avast always seemed drastically out of place and frankly noisy and annoying.

I was thrilled when Microsoft announced they were dropping Windows Live OneCare, a rather heavy security suite and replacing it with what was then codename Morro, now Microsoft Security Essentials. Why? Because it promised and delivered a Windows Defender-like anti-virus solution, namely fast, nag-free and out of the way. I would strongly recommend to everyone Security Essentials. It's a lightweight, fast and nag-free anti-malware application. Meaning it deals with viruses and spyware. In my opinion there is no competition anymore in the free anti-virus space, this is it.

Even if you've just brought a Windows 7 PC and have a trial version of Norton or McAfee I'd even recommend removing them and installing this instead.

As for a firewall. Post Windows XP SP2 this is really a non-issue. I'd recommend using the built in firewall. There's no need to clutter the machine with anything else.

And finally as a first line of defence against phishing and driveby malware if you're running Windows 7, you've already got Internet Explorer 8 there. Great. From a security standpoint there's no safer browser. If you're still on Windows XP or Windows Vista I'd suggest upgrading now. I know most of my readers use Firefox and that's fine for more tech-savy users. But I wouldn't recommend it for your average computer user, the data is clear, For phishing Firefox blocks 80% while IE8 blocks 83% and more malware in general Firefox catches less than 30% (other browsers were even less). Internet Explorer 8 was blocking 81%.

In short: Use Internet Explorer 8. Use the built-in firewall and install Security Essentials.

No games installed in Windows 7 Professional?

For those people installing Windows 7 Professional you might notice that the Games Explorer and Start Menu look a bit sparse game wise. By default the games aren't installed in the Professional version.

You can of course quickly add them back.

Press Start
-> Control Panel
--> Programs
---> Turn Windows features on or off

Up the top of the list of components you should see Games. Check that box, or drill into it and specify individual games. And press OK. Within a few moments the games should be installed.

You can also add the Games Explorer on the Start Menu by right-clicking on the Start Menu -> Clicking customize and adding it in the new dialog box and OKing out.

For those still not sure, here's the video tutorial:

Windows 7 themes by the boat load

Windows 7 has launched today, and with it a whole bunch of themes. Not only can you download all the international themes that come with Windows 7, although only one is installed which matches your region now you can grab them all.

In addition you can also download branded themes, for example there's a Ferrari theme and a Gears of War theme and even a Coca Cola theme.

Hey I might have to start releasing the themes I use here. :-)

Following up on the BBC's weak Windows 7 peice

As you may recall a day or two ago I blogged about a pretty major mistake the BBC made in an article looking at Windows 7. Well I'm following up with another issue I have with the review. At the end of the video the chap doing the review throws out:

In truth we've had a couple of problems with programs and updates we've tried to install.

Oh really? At the same time the following is displayed (yeah they couldn't even be bothered to use some screen capture software, instead filming a monitor argh):

Hmmm, unsurprisingly Sun's shoddy Java breaks. I've banned it from my machines because when it does work its always nagging you about updates and it has the nerve to fill up Add/Remove Programs with endless entries about itself and its updates.

Why do I have a problem with this? Well the general public will as always believe this is a Microsoft problem and the usual nonsense will be repeated. It's analogus to reviewing a new Samsung television set and mentioning in the review that your old Sony video tape recorder is broken. It's irrelevent.

The title of the article is A look at what's new in Windows 7 so why are they talking about Java and implying that Windows 7 is responsible for it not working?

1 2 4 5 ...6 7