Windoze

I'm saying the following:
I am shocked that there are posters on a DefCon forum who actually rely on Windoze security at all. There is no such thing as a "secure" Windoze box. I can understand why someone would use a Windoze box at work, but not at home. Hell, if you absolutely need to use Windoze, install it on a *nix box using VMWare. Or, use another box and convert it to a *nix firewall/router . Don't rely on Windoze security in any way shape or form. I am not knocking Windoze users, in fact I look forward to seeing you on the wall of sheep.

I hate Spyware, The firewalle in XP cant help you

[QUOTE=TwinVega]Windows comes with a firewall, it's going to keep you safe from anything evil doers are gonna throw at you.

LOL
It sucks!!!

:)

Twinvega you should've been more sarcastic... anything IS a bold statement and you don't want to look too bold... riiiight.

Windows firewall is... well a windows firewall..Its a step up from no firewall, and is good for grandma and many out there...
-Its still built into the OS- and with the level of spyware/trojans/activeX and Internet Expl0der and such out there... it seems as if disabling the firewall/anti virus is the first action taken by malware.

Zonealarm and others like it can make people overly parnoid... or overly annoyed (ahh that stupid firewall is always hindering my <insert action>, just click ignore/unblock) or (that stupid firewall is the problem im sure... just turn it off, i don't have anything to hide anyways..)
So I'd stay away from these unless you know what your doing...(ie.. not good for grandma)

If your seriously worried about the security of your computer... firewall or otherwise
((because a firewall is just part of the PROCESS... Its not like computer/network+firewall=secure...
More complex, more vuln. its that simple.))

OpenBSD's PF is great.. it also offers help for windows boxen behind it, and has lots of power.
Also.... Simple use of a good router / NAT is a decent security investment. If your REALLY parnoid about your securtiy.. don't use windows.

i havent really looked at it (the windows firewall that is), but windows security is kind of an oxymoron.
...
minus the 'kind of'.

[qoute dynamic]Zonealarm and others like it can make people overly parnoid... or overly annoyed (ahh that stupid firewall is always hindering my <insert action>, just click ignore/unblock) or (that stupid firewall is the problem im sure... just turn it off, i don't have anything to hide anyways..)
So I'd stay away from these unless you know what your doing...(ie.. not good for grandma)[/qoute]

yeah its kind of annoying, but its all i have so i dont complain too much. I just look into all of those little boxes that pop up.

[qoute dynamic]If your seriously worried about the security of your computer... firewall or otherwise
((because a firewall is just part of the PROCESS... Its not like computer/network+firewall=secure...
More complex, more vuln. its that simple.))[/qoute]

yeah but people dont understand that. i am personaly upset by these people because they dont care to learn and then bitch about how slow their new computer is because of all the spyware/adware that is on their computer. if you dont care to learn then dont get mad when shit goes wrong, thats what i say.

[qoute dynamic]OpenBSD's PF is great.. it also offers help for windows boxen behind it, and has lots of power.
Also.... Simple use of a good router / NAT is a decent security investment. If your REALLY parnoid about your securtiy.. don't use windows.[/qoute]

whole heartedly agree.

If you think windows can't be deployed as securely as <insert other OS here> then you live in a world of shitty administrators, and if you can't do it then you should count yourself among them.

I, personally, don't use Windows at home, not because of security, but because I don't like it.

I know some VERY competent security professionals that actually PREFER Windows. Not my choice, but hey, to each his own. Your rant appears to be geared to making everyone here think you are so much 1337er than common Windows users. It has more of the effect of making you look like a sheep that says what he thinks others want to hear.

If you are going to bash an OS, any OS, then you should back it up with something better than "There is no such thing as a "secure" Windoze box."

Come on Chris, everyone knows only the GibsonOS(tm) is completely secure. Maybe this guy just hasn't hacked a Gibson yet.

It sure is April 1.


LosT

Windows Firewall

Have no desire to dive into any variation of OSx. (real or not)

Chris- I will refrain from cursing at you because I do not believe it is called for and it is not what DefCon is all about.
However, you seem to have trouble reading English, nevermind understanding computer science.
There are no administrators who rely on Windoze security. If they do, yourself included, they are dead wrong.
I agree with you that there are admins who prefer windows. I know a few of them.
However, even they have a Pix on the edge and in front of the DMZ. Again, they are not relying on Windoze security at that point.
Hell, I would go as far to say that if Windoze was really secure, there probably wouldn't even be a DefCon. If there was, there sure wouldn't be much to talk about.

No, I do not or never will claim to be 1337. It's more about the journey to achieve 1337 that inspires me.
Besides, if you are 1337, there is nothing left to learn. Wouldn't that be boring!

Quick man! Say April Fool's and save yourself!

:)

Too busy for April Fools jokes

I have take my kids down to the burger joint for some freedom fries~

This statement is true. So true, that "windoze" can be omitted or replaced with another OS and still be true.

I'm not much for opposition, but i dont think that you could say that. Simply put, DefCon is about hacking. My definition of hacking is satisfying ones curiousity through exploration and exparimentation. You dont need to have computers to have curiousity.

Well, the user can say that but it does not make their statement true. (What I expect you meant in your statement was the user's statement was false.)

Consider the math to prove what I think you mean:
Defcon 13 is in 2005.
...
Defcon 1 is in 1993.

Windows 95 was available as a beta and early release in 1994.

Windows 3.11 was really just a GUI application-suite addition to MS-DOS, so "windows security" for it would really be "MS-DOS security" not "Windows security."

DefCon preceeded windows security, and it existed before there was such a thing.

Therefore, stating, "DefCon would not exist if it were not for Windows," is a false statement, and what I think you meant to say is entirely true.

[added content]
More can be said if you look at the history of DefCon and the reason cited for the very first DefCon.

If we are being technical,,,,

The first Windows OS did not arrive until NT Workstation.
Windows 95 and 98 are simply GUI's with DOS hooks.

Please, please, please, stop typing "Windoze", it makes you look like you just learned to speak 1337.

Windows 95 is a common start base for when people started considering "Windows Security" as a specialization through which system security applications were packaged into applications that would not run in an DOS-only environment, but only run in the GUI, and used the registry.

However, if you want to go with Windows NT, then I'll accept this path too...

Even if we go with the earliest release of MS Windows NT (version 3.1) we still find it was after the first DefCon.(June 9-11, 1993) the claim is still false:

Defcon Existed before Windows NT 3.1 was available according to Microsoft.
As a result, Defcon existed before MS Windows NT 3.1 and this means the statement, "Without MS Windows there would not be a DefCon" is false.

[added content:]
[1]

Also:
DefCon is about more than Operating system -- let alone one operating system.
If DefCon people were not talking about MS Windows, maybe they would talk about some Novell product or an IBM's OS/2 revision or MacOS.