allthough it is not very securit related, i came across a very funny movie in youtube that i believe would interested those few of you who read this blog...
Microsoft is frequently dinged for having insecure products, with security holes and vulnerabilities. But Symantec (Quote), no friend of Microsoft, said in its latest research report that when it comes to widely-used operating systems, Microsoft is doing better overall than its leading commercial competitors.
The information was a part of Symantec's 11th Internet Security Threat Report. The report, released this week, covered a huge range of security and vulnerability issues over the last six months of 2006, including operating systems.
The report found that Microsoft (Quote) Windows had the fewest number of patches and the shortest average patch development time of the five operating systems it monitored in the last six months of 2006.
During this period, 39 vulnerabilities, 12 of which were ranked high priority or severe, were found in Microsoft Windows and the company took an average of 21 days to fix them. It's an increase of the 22 vulnerabilities and 13-day turnaround time for the first half of 2006 but still bested the competition handily.
Red Hat Linux was the next-best performer, requiring an average of 58 days to address a total of 208 vulnerabilities. However, this was a significant increase in both problems and fix time over the first half of 2006, when there were 42 vulnerabilities in Red Hat and the average turnaround was 13 days.
The one bright spot in all of this is that of the 208 Red Hat vulnerabilities, the most of the top five operating systems, only two were considered high severity, 130 were medium severity, and 76 were considered low.
Then there's Mac OS X. Despite the latest TV ads ridiculing the security in Vista with a Matrix-like Agent playing the UAC in Vista, Apple (Quote) has nothing to brag about. Symantec found 43 vulnerabilities in Mac OS X and a 66 day turnaround on fixes. Fortunately, only one was high priority.
Like the others, this is also an increase over the first half of the year. For the first half of 2006, 21 vulnerabilities were found in Mac OS X and Apple took on average 37 days to fix them.
Bringing up the rear were HP-UX from Hewlett Packard (Quote) and Solaris from Sun (Quote). HP-UX had 98 vulnerabilities in the second half of 06 and took 101 days to fix them. Sun, though, really dragged its feet, taking on average 122 days to fix 63 vulnerabilities. It wasn't doing much better in the first half of 06, either. It took 89 days to fix 16 vulnerabilities.
you can read the full article with detailed statistics in: http://www.internetnews.com/security/article.php/3667201
If you use Vista, then you're probably aware that it has a new security feature called User Account Control (UAC). This feature enables you log in as a regular user without administrator privileges (which is a more secure way of using your computer), but quickly elevate your privileges when a program needs greater access to your computer than is allowed for a regular user account.
Overall, UAC is a good feature. But some people find it to be bothersome, due to the prompts that appear, asking if you want to elevate a program's privileges. So, the question arises whether or not to disable UAC. If you do disable it, and then log in with an account that has administrator privileges, you need to be aware that your system is less protected than it would be if you had left UAC enabled.
The reason this is true is because many forms of malware typically try to create or modify Registry keys and Windows system files. They might also try to write files to areas of the system where a regular user account would not normally write files. With UAC enabled, actions that require administrator-level access are prohibited unless you specifically allow them by approving a UAC prompt.
Keep in mind that while UAC does help prevent many forms of malware from infecting your system, malware can still find its way in to your system even with UAC enabled. UAC simply protects the system from actions that would normally require administrator-level access. So, it's a good idea to leave it enabled.
On the other hand, if you consider yourself to be somewhat of an expert at protecting your computer, then disabling UAC and running as admin may be something you'd be comfortable with. After all, if you've used Windows for years and have yet to experience a serious infiltration of your system by some type of malware, then it's possible that you can continue in that way without UAC.
Keep in mind that if you share your computer with other people who have their own user accounts, you can disable UAC but it might break usability for other user accounts. Woody Leonard pointed out to me that when UAC is disabled via the Control Panel for one user account, other regular user accounts are no longer able to elevate their privileges. A regular user account can't even change Vista's system time, unless UAC is available so the user can authorize the change. Disabling UAC isn't good if you have other regular user accounts for people who share your computer.
Instead of disabling UAC using the Control Panel, a better approach might be to use an account with administrator-level access as your usual user login account, and then disable UAC only for accounts that have
administrator-level access. That way, your user account won't be subject to UAC prompts, but other user accounts will be.
On any version of Vista, except Home Basic and Home Premium, you can disable UAC for administrator accounts by following these steps:
Step 1. Click the Start button and launch the Local Security Policy editor
by entering secpol.msc in the Search box.
Step 2. Select the Local Policies item in the left panel to expand the tree,
then expand Security Options under Local Policies.
Step 3. Scroll down the list in the right panel to locate User Account
Control: Behavior of the elevation prompt for administrators in Admin
Approval Mode. Right-click that item and choose Properties.
Step 4. Select Elevate without prompting and close the dialog.
If you use Vista Home Basic or Home Premium, the Local Security Policy editor, unfortunately, isn't included. To disable UAC for administrator accounts, you'll need to edit the Registry. Follow these steps to do that -
and be extremely careful, since mistakes could render your system unusable!
Step 1. Click Start and enter regedit in the Search box to launch the Registry Editor.
Step 2. Navigate to the following key:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ System
Step 3. Double-click the ConsentPromptBehaviorAdmin item.
Step 4. Change the value to 00000000.
Step 5. Close the dialog and exit the Registry Editor.
One of the most exciting security features in Vista is Windows BitLocker drive encryption. BitLocker is a full-volume encryption tool that supports custom protection and authentication methods. However the user and support experience can be a mixed blessing, depending on which protection and authentication methods you choose. In this article we’ll walk you through a best-practice step-by-step approach on how to install and configure BitLocker in Windows Vista.
WindowsSecurity.com's has published a 2 part article for best practices when configuring bitlocker:
http://www.windowsecurity.com/articles/Best-practice-guide-how-configure-BitLocker-Part1.html
http://www.windowsecurity.com/articles/Best-practice-guide-how-configure-BitLocker-Part2.html