Former Hacker Praises Microsoft on Security

Published on Friday, May 28, 2010 by admin

vault_door

Former hacker Marc Maiffret, who exposed the vulnerability used by the Code Red worm 10 years ago, says Microsoft’s security model is solid. Now a security expert, Maiffret says that platforms like Apple and Windows Mobile have been less-often attacked because their market share is relatively small and hackers like to go after the big fish.
There’s no safe place on the Web, reports Relevant Products/Services former hacker Marc Maiffret, who shared some interesting insights recently with CNET.com regarding Internet security Relevant Products/Services.

Nearly a decade after he exposed the vulnerability used by the Code Red worm, Maiffret gave Microsoft Relevant Products/Services’s security model high marks.

“Now, when you look at Microsoft today, they do more to secure Relevant Products/Services their software than anyone,” he said. “They’re not perfect; there’s room for improvement. But they are definitely doing more than anybody else in the industry, I would say.”

In general, platforms like Apple and Windows Relevant Products/Services Mobile have been less-often attacked because their market share is relatively small and hackers like to go after the big fish, said Maiffret, now a security expert.

But there’s nothing that makes those platforms inherently more secure than the Windows operating system Relevant Products/Services, he said, and in fact, that could be a problem for Mac users.

“We’ve only seen a scratching of the surface as far as Apple vulnerabilities because nobody cares to find them,” Maiffret said. “The Apple community is pretty ignorant to the risks that are out there.”

IBM Distinguished Engineer Jeff Crume agrees.

“I know there are lots of people that think that because they use a Mac, they don’t have to worry about security,” he said. “As the saying goes, ‘There’s nothing more dangerous than presumed security.’”

Maiffret also pointed out other risks including Web-based applications such as Facebook and (surprising to me) Adobe. People don’t regularly update security patches for Adobe and other desktop Relevant Products/Services applications as they do for Microsoft software, he said, leaving them vulnerable every time they open a PDF.

By the way, to protect your system against PDFs carrying malicious code, the geeks at the blog ghacks.net suggest the following process: Open Adobe Reader or Acrobat and click on “Edit,” then “Preferences.” Select “Trust Manager” from the categories menu on the left and uncheck the box that reads “Allow opening of non-PDF file attachments with external applications.”

If you like this post, Subscribe To RSS Feed and get the latest posts whenever they’re available. Thanks!