Google isn't using MS anymore..

Bl8ckr0uter

Google Abandons Windows for Better Security


Seeing how time and time again Macs are broken into first, how can they say this is "more secure" than Windows? Think maybe this has to do with the bing vs google thing or the fact they are releasing an OS later this year?

Thoughts?

tiersten

knwminus wrote: »

Seeing how time and time again Macs are broken into first, how can they say this is "more secure" than Windows?

Eh? What do you mean by this part? Both have had their share of security issues.

eMeS

tiersten wrote: »

Eh? What do you mean by this part? Both have had their share of security issues.

Yeah, confused by that a bit too...not that Apple products are inherently more secure, just that given that there are more Windows machines, and more people using IE out there it would make more sense that more exploits occur there, and occur there first....

MS

varelg

Thinking that Macs are more secure than Win is probably based on Mac's UNIX heritage. On the flipside, Mac is THE alpha dog of closed- source systems, MS doesn't even come close. How Paranoid can Android get? Security consultants' watercooler talk is that the weakest link in the infrastructure isn't the OS
What is also puzzling is how Chrome is viewed as a new OS- how difficult is it to write a web frontend to an Ubuntu distribution? That's not a new OS. However, you just can't deny any connection between upcoming Chrome release and this MS bashing press release... so 20-th century linux advocacy...
Next on the chopping block at Google HQ? Maybe non- Android smartphones? You'll pry my BlackBerry from my cold dead... aaaaaaahhhh...

tiersten

varelg wrote: »

Thinking that Macs are more secure than Win is probably based on Mac's UNIX heritage.

OSX isn't UNIX. It is a Mach kernel with a POSIX API from FreeBSD bolted on and I/O kit. A few security issues were because of this slightly strange arrangement since there is an Mach API and a BSD API for the same thing but they worked in different ways. One of them was if you created something with the Mach API but then used the POSIX API on it then you'd get a kernel panic.

varelg wrote: »

Mac is THE alpha dog of closed- source systems, MS doesn't even come close.

The OSX kernel is opensourced as XNU which is a component of Darwin. The Windows kernel however isn't generally available unless you're in a large company or institution that has special links with Microsoft.

Services, libraries and servers are a mixture of open source and closed source for OSX. They're all closed source in Windows.

varelg wrote: »

What is also puzzling is how Chrome is viewed as a new OS- how difficult is it to write a web frontend to an Ubuntu distribution? That's not a new OS.

It isn't a web frontend to Ubuntu. Canonical were/are working with Google on it but it isn't a reskinned or altered Ubuntu. They're using some of the same components in both but it is a from scratch build.

wastedtime

I am pretty sure this has more to do with Microsoft being a competitor then anything else. You just don't use stuff from your competitor. The timing I think was just luck to the China thing. Something like this on this large of a company just doesn't happen that fast (or at least I hope it wouldn't). There would be a lot of planning/testing to do ahead of time.

dynamik

wastedtime wrote: »

I am pretty sure this has more to do with Microsoft being a competitor then anything else. You just don't use stuff from your competitor.

They definitely have a better reason for making the switch than that. The cost of lost productivity, retraining, support, etc. is going to be far above licensing costs. Losing a customer as large as Google would definitely be painful, but it's not like it's ultimately going to affect Microsoft as a company.

Security seems like a valid reason (at the moment); OSX and Linux are definitely less likely to be targeted, as mentioned earlier. However, as they increase in popularity, so will the number of attacks.

I would assume the only reason they're not going to Linux completely is because they need some applications that simply aren't available on Linux, such as Photoshop (yes, I know older versions can run with WINE). I suppose the less tech-savvy users might prefer Macs as well.

humdingy02

knwminus wrote: »

Seeing how time and time again Macs are broken into first, how can they say this is "more secure" than Windows?

I think knwminus is referring to Pwn2Own. A MacBook was the first to be hacked one year (maybe more), but it's been hacked every time.

tiersten

humdingy02 wrote: »

I think knwminus is referring to Pwn2Own. A MacBook was the first to be hacked one year (maybe more), but it's been hacked every time.

Its been the same guy every year and each time he's been using a undisclosed vulnerability he already knew about before the contest. Firefox and IE have all been exploited within the same day as well so a few hours or being first isn't much of a difference. Successive days however start including extra software or relaxing restrictions.

MentholMoose

dynamik wrote: »

Security seems like a valid reason (at the moment); OSX and Linux are definitely less likely to be targeted, as mentioned earlier. However, as they increase in popularity, so will the number of attacks.

I think that's true in general. However, in the case of targeted attacks, this benefit is reduced. If an attacker is after Google, they will just working on exploits for Evolution / Thunderbird / Apple Mail / etc. instead of Outlook, write Linux payloads for Adobe Flash and Reader exploits, and so on.

dynamik

That's why I said at the moment.

alan2308

tiersten wrote: »

OSX isn't UNIX.

It most certainly is.

Register of Open Branded Products

Michael.J.Palmer

Just my two cents here: It doesn't matter what OS Google decides to use, in reality, they're the big "giant" on top of the mountain right now and whenever you're in that spot you've got a target on your back.

If someone wants to attempt to hack Google then they'll do it regardless of what OS they're running. No OS is completely secure so I just think it's a pointless move overall by Google if their only excuse is "better security".

tiersten

alan2308 wrote: »

It most certainly is.

Register of Open Branded Products

OSX has the right to use the UNIX trademark as it certified as a UNIX-like system which is compliant with the SUS UNIX03 specifications. The actual part that was certified was the POSIX subsystem within XNU which was taken from FreeBSD and not the rest of the kernel. XNU itself stands for XNU is Not UNIX according to Apple/NeXT. XNUs heritage is more Mach than UNIX.

Linux could be certified as "UNIX" according to the SUS specifications if anybody actually bothered to pay for the testing and certification fees.

alan2308

tiersten wrote: »

OSX has the right to use the UNIX trademark as it certified as a UNIX-like system which is compliant with the SUS UNIX03 specifications. The actual part that was certified was the POSIX subsystem within XNU which was taken from FreeBSD and not the rest of the kernel. XNU itself stands for XNU is Not UNIX according to Apple/NeXT. XNUs heritage is more Mach than UNIX.

Linux could be certified as "UNIX" according to the SUS specifications if anybody actually bothered to pay for the testing and certification fees.

If your standard for what is or isn't UNIX is where the code originated, then OSX has plenty of company in the "it's not UNIX" camp. Basically everything that isn't HP/UX.

And while we're nitpicking, Linux can't be certified anything, as it's only a kernel.

tiersten

alan2308 wrote: »

If your standard for what is or isn't UNIX is where the code originated, then OSX has plenty of company in the "it's not UNIX" camp. Basically everything that isn't HP/UX.

AIX, Solaris, SunOS and SCO Unix all count as well as they were descendants of System III or System V in some manner. The zombie that is SCO would like to discuss this further with you.

If having a POSIX API is enough to count as UNIX then Windows would be UNIX as well.

alan2308 wrote: »

And while we're nitpicking, Linux can't be certified anything, as it's only a kernel.

GNU/Linux then Mr Stallman.

alan2308

Is SCO actually still shipping a product? I thought their entire payroll was lawyers at this point.

If Solaris is Unix simply because it used to contain Unix code, then we can also say that Windows is DOS.

tiersten

alan2308 wrote: »

Is SCO actually still shipping a product? I thought their entire payroll was lawyers at this point.

It was still lurching along last time I looked via some buy out or something along those lines.

alan2308 wrote: »

If Solaris is Unix simply because it used to contain Unix code, then we can also say that Windows is DOS.

You're saying OSX is UNIX because it has a POSIX subsystem from FreeBSD but Solaris which is a descendant of SVR4 isn't?

tiersten

All the SUS certification gives you is the ability to say that you've got a proper implementation of the POSIX API and related utilities and that you're willing to fork out the fees necessary to get it certified. The benefit of paying out is that you can call your OS UNIX compatible even when it may not actually have any UNIX code in it like IBM z/OS. OSX is UNIX compatible but not a descendant of UNIX. If you claim that ripping out a large subsystem and putting it into something else means that you're a direct descendant then the Linux kernel is a descendant of OS/2 via JFS and IRIX via NUMA.

alan2308

Nobody was claiming that OSX is a direct descendant of Unix. But if it looks like a duck, it walks like a duck, and it quacks like a duck, then its a duck. Especially when the governing body of duckdom officially declares it a duck.

tiersten

alan2308 wrote: »

Nobody was claiming that OSX is a direct descendant of Unix.

Claiming OSX is more secure than Windows because of its UNIX heritage doesn't count?

The claim is dubious at best anyway. The general consensus is that OSX is more secure purely because marketshare is less so therefore it isn't as lucrative of a target as Windows. The guy who continually breaks into OSX machines at the Pwn2Own contests even believes this.

The iPad/iPhone/iPod touch runs a slimmed down version of OSX yet there has been a large number of published and unpublished security vulnerabilities for it. There is a large enough marketshare that it provides sufficient motivation for people to attempt to attack it. The financial motivations of having the ability to unlock is huge as well but that is targetting the radio baseband processor which is a proprietory Infineon OS.

alan2308 wrote: »

But if it looks like a duck, it walks like a duck, and it quacks like a duck, then its a duck. Especially when the governing body of duckdom officially declares it a duck.

I'll tell the people I know that run z/OS that they're actually running UNIX now. They'll love that.

tiersten

As this has veered deeply into off topic territory, I'm going to stop :P Feel free to post a rebuttal however.

alan2308

tiersten wrote: »

Claiming OSX is more secure than Windows because of its UNIX heritage doesn't count.

That's not exactly the same thing as claiming it to be a direct descendant, That may be where varelg was going, but I don't think claiming it has a Unix heritage is really that unfair.

And I'll pass on a z/OS comment as I know nothing of that environment. Though if it has even a slightly familiar shell and awk, grep, etc. then I'll feel right at home and call it close enough.

tiersten wrote:

You're saying OSX is UNIX because it has a POSIX subsystem from FreeBSD but Solaris which is a descendant of SVR4 isn't

I missed this the first time.

That's not what I was saying. I was just questioning that Solaris is a Unix only because it was once based on SVR4. There isn't any Unix left in it, hasn't been for years. Every piece of software that's been around a while is quite different that what it once was.

You're right that this threadjack has run its course. We'll just have to agree to disagree on this one.

Bl8ckr0uter

humdingy02 wrote: »

I think knwminus is referring to Pwn2Own. A MacBook was the first to be hacked one year (maybe more), but it's been hacked every time.

This is what I was referring to.

eMeS

alan2308 wrote: »

And I'll pass on a z/OS comment as I know nothing of that environment. Though if it has even a slightly familiar shell and awk, grep, etc. then I'll feel right at home and call it close enough.

As you know, it's not Unix, but it has a POSIX compliant compatibility feature, and it is common to run multiple *nix images under a host z/OS using Unix System Services. The shell in that world is called OMVS. I believe it is based on Korn (not the band though).

MS

wastedtime

The original article is here here. To me it doesn't sound like a real trustworthy source. We can wait and see if Google makes a statement...they where pretty open about the hole thing in January. I guess they didn't consider this worth giving an official statement? Or at least yet.

But my problem from a security stand point is I just don't see how this was a mitigating factor for an industrial "cyber attack." These types of attacks are targeted based on there business not the OS/software they use. The only thing I can think of is that they are implementing some new security measure that is easier to implement on just the apple/Linux computers. Getting rid of windows just because they feel they are less secure just doesn't add up to me.

It would be nice to know what they did to mitigate this threat.

tpatt100

I would figure from a security standpoint their server farms are the target of most attacks. Home PCs are targets for attackers that want their machines for their bot nets.

Hyper-Me

The most likely thing it comes down to is the fact that they are developing Linux based operating systems and using Windows for their day to day duties. A company wants to show that they have faith in their own products (or ones using the same underlying architectures)

I think if Chrome OS ever sees stable releases theyll start moving a lot of their people to that.

They compete with Apple, too, in the mobile space. Thats their #1 competitor there besides RIM