Moz is certainly not free from problems and indeed has some unique ones of its own (the current flaw with tabbed browsing spoofed popups spring to mind). However the list of known issues is far shorter, and more importantly many of the default actions are by design inherently safer.
Something to remember with the term "spyware" is that it encompases all the privacy invading things like tracking cookies. If you enable any form of cookies on a browser then you are vulnerable to these. I am not aware of any nasty spyware browser hijacks for Moz like CoolWebSearch though.
Filtergate is one I quite like - very good at removing ads of all types from web pages without breaking too many of them. Only when I use someone else's computer do I realise just how much clutter there is on some of the web sites I use that I never usualy see!
S'far as I know (but I should ask the old VMS crew who after the HP-Compaq merger are now colleagues ;-) the "VMS -> WNT" Ceasar-1 was an after-the-fact observation rather than a deliberate construction. I'd always believed the "IBM -> HAL" thing was deliberate (and of course WNT has a HAL as the machine-dep/machine-indep interface layer, right? ;-)
The afu FAQ gives the IBM->HAL thing as a "U*", i.e. Unknown and Unknowable; it acknowledges that Arthur C Clarke has publicly denied the derivation, but also gives airplay to reasons why such a denial need not be the last and final word on the subject.
I'm reminded of the engineering codenames for the first PowerPC Apple Macs - in reaction to their own marketing department's tendency to hype, they'd named the three models after great scientific hoaxes - Piltdown Man (or PDM), Cold Fusion, and Sagan. Apparently, the pre-eminent then-living astronomical populariser considered it a gross slur on his reputation - worth Billions and Billions of dollars ;-) - to be associated with hoaxes, and set his legal eagles onto the Apple Corporation. Who withdrew the codename. And replaced it with BHA. Which did not, not, *not* in any way shape or form, stand for "Butt Head Astronomer". No siree.
No - the fault is mine. Let me try a boil-down version.
Windows starts with the idea that all programs are benign. It expects they're all acting in the interests of the single person who owns and operates the PC. If anyone finds a way of sneaking some program or piece of program onto the machine, that malicious software will have the right to access and change any existing information anywhere on the PC, and do anything a legitimate program could.
For example: it can search for files which have sixteen digits in a row in them (maybe with spaces at every 4th position); it can then connect to some other machine Out There and send a copy of that file, which contains a likely credit card number and maybe other information which makes it easier to use that card number fraudelently. Or it can launch a program which will accept an incoming connection from a Bad source of control, which causes the PC to send spam or other nasty traffic to other machines. And it can attach these bits of program to all the existing programs - because it has the right to write to any file, including the ones where programs are stored.
Unix starts with the other idea: that there's a restricted set of things which "ordinary" users can do using "ordinary" programs, and only when they explicitly say "I'm acting as the Administrator of this system right now" - typically by logging in under a different username - can they write to program files, scan the contents of all files, or add "always launch this program when starting the system" entries.
It's not an absolute defence - the example of setting up a "listen for commands from Out There" program isn't forbidden under most Unixes[1]. But it is a fundamental difference in the way the two systems are designed and run in practice. Later versions of Windows have the capability to be better-defended, but typically aren't set up to take broad advantage of those capabilities.
Future versions of Windows will further increase the amount of defence - including using some new hardware features developed under the "Trusted Computing" banner. Unfortunately for the industry at large, as a consequence of MS's legally proven abuse of their dominant market position, there's much suspicion of the motives behind their adoption of this technology...
HTH - Stefek
[1]On my OpenBSD boxes, I run /home mounted with the "noexecute" option, so "by default" when running as ordinary-mortal I can only execute programs from partitions which I don't have write-access to, such as / and /usr. But it's still not an absolute defence, merely another hurdle for a determined attacker to overcome. As with physical security, the (unmutual ;-) aim is not to make one's computer/house impregnable, but to make it harder than other peoples' computers/houses to break into!
I adopt a similar discipline on my XP box - the user under which I log in normally doesn't have Admin rights, has only read access to most of the files in the directory where I install programs, and so on. It's a pain to run this way - far too many programs assume they can scribble in their install directories, and it's a PITA to track down which file they'd like to write to and open up that particular one. MS Office sins this way, even though it's supposedly "Win XP compatible" - having first installed it as God, every time I ran an Office app as Mortal it spent about 4 dialogue boxes trying to install/customise something or other in the place-I-install-programs directory. I only managed to shut it up by upping the privileges of my "ordinary" user to Godlike status briefly, to allow it to do its Magick Customisation or whatever, and having returned the Ordinary user to Mere Mortal status the Office apps no longer whinge on startup. But the effort to run in this reduced-privilege way is well beyond the "can I be arsed" threshold for sensible people...
OK, I'm lost already. Look, I'm saving all these posts and promise I shall read, mrk and whoatnot when I get back. At the moment my brain hurts just trying to remember how many socks to take to Wales ...
You don't really need to follow any links, some of which look a bit dubious, the few lines Google shows you should be enough.
Add klez to the list to see a specific example.
Go to an AV vendor's site and search for 'klez'. Read the specifications.
Klez is just the best-known of the viruses that used that particular exploit, there were others.
formatting link
site is fairly safe. Usually.
It's not just numbers of installations, as several people have said. Most of the world's servers, permanently connected to the Internet, run Linux or a BSD variant, or Solaris. When servers crash in bulk, it's almost always the minority Microsoft ones, and almost always the Microsoft web server software that's responsible. Apache (the world's most popular web server) running on Windows is much safer than Microsoft's IIS, and Apache running on Linux or Unix is safer still. Not completely safe, but then nothing is.
This is harder to document. See
formatting link
popularity of web servers.
Google for 'Code Red' and 'Nimda' for various analyses of these worms. I don't know of a site which offers quick side-by-side comparisons of Windows and *nix vulnerabilities. I've supported a Windows server (not, thank the Lord, an Internet-facing one, but an Internet-connected one) for the last five years, so I am personally aware of the relative virus threats, having had to stay informed of them.
The two operating system families are built from different starting points. It's a bit like two cars, one designed from scratch with safety in mind and the other having big soft bumpers and extra airbags bolted onto a standard chassis. Better, but still not as good as one designed right.
Not in connection with something like Outlook. I'm fairly certain that nobody has ever written an email client running under Linux which allows the user to immediately execute code received in emails, let alone does it automatically. It is certainly possible to do such a thing, and not very difficult. I think the word 'stupid' is the very least that could be applied to someone who did it deliberately (opinion). The Outlook designers did (fact).
I'm sorry, I do apologise if Stefek feels snubbed. He's not, I really HAVE saved it and shall give his post - and others' - their due concentration when I have time. There's no point in skimming over something so long, well constructed and potentially helpful. We leave tomorrow and there's an awful lot to do, I shouldn't be here (on the pc) now ...
Thanks for pointing out my flippancy, it wasn't intended to be dismissive.
They're better, but they're still broken. (BTW, I don't just mean spaces in the IT sense, but in the sense of what kind of access to internals a user has.)
A great deal of Windows runs in kernel mode, meaning that a user can crash the O/S (which should not be possible) and more importantly, that a user mode hack has kernel level access to the O/S. The graphics subsystem being an excellent example.
Any system where the user habitually has to run as an administrator in order to do any work is broken. And PC software authors are *still* churning it out.
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.