Computer Question: Security, Windows XP vs Windows 7 Ultimate

July 5, 2011

[Yosemitest]

I'm thinking about buying an IMac, and due to my military friends and other reasons,
I might want a copy of Windows XP or Windows 7 on it with Parallels Desktop 6 for Mac
to go between the Windows Operating System and the Snow Leopard or OS X Lion .

I realize that the Apple/Mac Operating System has very few security problems, and that I'd be inviting all those security problems into my MAC by running windows in it.


QUESTION: Is Windows 7 Ultimate worth the extra cost to buy a full version copy, over Windows XP SP3 full version?
I'm experienced with Windows XP, but I'm NOT experienced with Windows 7.

Also, if I'm going to run Windows XP or Windows 7 in an IMac, what firewall/security system should I buy?

Sincerely, Yosemitest

[Yosemitest]

Thanks, you agree with post #85

[cynwoody]

I want to keep using my old files with TurboTax

Another neat thing about virtual machines is, you can have two, three, many virtual machines on the same Mac. All they take up is disk space (and RAM, but only when they're running). You could put your TurboTax and other sensitve stuff in one VM and keep all the rest in another and only start up the TurboTax machine when you actually need it.

And, I'm pretty sure TurboTax exists for the Mac, anyway, so maybe converting to Mac native is the way to go.

I want to keep using my notes in MY Documents on FR with political and religious responses.

Stuff like that is probably a prime candidate for conversion to Mac native, depending on what you've been using to keep your notes.

[Yosemitest]

So what security would you recommend if I use Windows 7 with Parallels under IMac?
Would Online Armor++ be enough or would you use Eset, Zone Alarm?

[Yosemitest]

Thanks. As long as I can, I'll use this laptop.
But eventually I need to learn to use the IMac, and dump Microsoft.
I don't have the money to build a second system, or the time, with garden work and helping out with aging parents.
I don't surf especially hazardous places on the web, but I'm sure I've got the government's attention with my comments on FR, against this Marxist, Muslim, Illegal Immigrant we have defiling the White House.
Thanks again.

[Yosemitest]

Most of the notes are on Notepad or Word.

[Yosemitest]

One other question:

Have you heard about Intego VirusBarrier X6 and is it any good?

[raygun]

Online Armour is a great software for security if you’re intrested in a premium purchase and subscription expense.

The subject is quite contentious, but my recommendation for no purchase / subscription expense product is Comodo Internet Security FREE. They do have a licensed version, but the extra bell and whistle IMHO can be done w/out. Unless the user absolutely needs someoby to hold their hand (24/7 phone support may have its merits)

It has all the protection of FWBuilder, IPTables and Squid for ‘Nix systems. Its AV is very good. Quite frankly, if anything gets through a properly configured Comodo firewall & HIPS (host intrusion protection) it is because the user allowed that to happen and they deserve their malware infection. Just like the law, ignorance is no excuse.

That nowtisthstanding, Comdodo does require some user expertice with regards to configuration for ultimate protection. The neophyte user settings are pretty good though. Configuring Comodo for maximum protection will force the user to become intimately familiar with normal functionality of their system. THAT is the first defense against becoming hijacked and infested.

No sane user would rely on a ‘blackbox’ for their security and anti-malware software though; it is naivete at its most foolish epitome.

I would strongly recommend against using Zone Alarm for a firewall.

[Yosemitest]

Why don't you like Zone Alarm?
Thanks for your time.

[conservatism_IS_compassion]

"The only thing that matters is how hard it is for me to keep my computer exclusively under my control."

I agree. I just want a system that I don't have to spend sooooooooo much time defending from malware. Most of my friends that have switch to the IMac/Apple are very happy. But many of them still need a Windows based platform to respond to some of the task the military requires of them, such as responding to home family when overseas, or e-mail attachments. But slowly they're weeding out Microsoft, and eventually won't need it anymore.

It is natural for a multiuser operating system to have better robustness than an OS which is initially designed with the naive assumption that the owner of the computer will actually be in direct control of all inputs. Even sneakernet communication via floppy disks put paid to that idea. And as for the enormously powerful, thus unavoidable, Internet . . .

Mac OS X, as you likely know, is reallyo trulio Unix. Pretty much the gold standard for robustness, in my understanding.

I'm not sure I've seen your handle on Swordmaker's Apple threads, so I'll mention that as you contemplate the switch to a Mac you could do worse than to tune in. That thread is about Mac security and the Skype issue, a good place to start if you're not already on board. In Reply #11 on that thread, Swordmaker advises on how to switch your routine operations account to a standard, rather than an Administrative, user in order to limit the vulnerability of your system.

[Oceander]

Do you know which particular rootkit you have? I did a little googling around and there is a rootkit detector/remover that might help called gmer.

There is a new MBR rootkit floating around that has received attention from MS as well as from several of the security folks such as Marco Giuliani at Webroot, who has an entry on the rootkit here. One of the comments on that entry states that the gmer tool appears to be effective against this new rootkit. You might give that a try.

Also, rootkits that get to XP will not necessarily get to Win7 or even Vista. Again, as per Marco Giuliani's entry, the new rootkit does not appear to be compatible with Vista or Win7, but most likely only XP or Win 2003, so if you were to run Win7 or Vista, you should not have the same difficulties with rootkits that you're having now with XP.

[Justa]

64-bit computing isn’t “poppycock”. That alone is worth the move to W7.

[Yosemitest]

Sounds good. Thanks for the link.

[Turbopilot]

It looks like you can do everything you want to do on a Mac. To read and edit your documents (MS Office files) on a Mac, you’ll need to download OpenOffice (free) or buy Apple iWork ($50) or MS Office for Mac ($200 and up, unless you’re a student). Your pictures will all open natively. My old saved TurboTax files are PDFs, which will open on a Mac. TurboTax will also run on a Mac from either the CD version or the web-based version.

Since you just want Windows for comfort as opposed to there being an app that needs Windows to run, I wouldn’t spend money on a new version. Just use whatever version of XP you already have lying around. All your stuff going forward will be from your Mac so you really only care about backwards compatibility, not forwards compatibility. For security, there are a few good free suggestions in this thread, but you can just set up my Windows VM installation so that it can’t access the internet. You can do all your email and web browsing on the Mac, and manually move files back and forth if there is a need to do something in the Windows VM. Then you don’t have to worry about security at all.

[antiRepublicrat]

Mainstream full Windows support is minimum five years after release, or two years after the release of the successor product. Microsoft offers extended support five more years, or two years after the second successor product. Security fixes are available to the public during this period. That means you will get at least security fixes for Windows 7 through minimum 2019.

Microsoft has problems, but their long-term support for systems is very good, far better than Apple.

[antiRepublicrat]

Sometimes old, poorly-written software has a problem with newer OS versions.

My oldest remembrance of this was the Atari. The OS had various “entry points” for programs to do things, but many developers went directly into the inner OS locations to do things. Atari updates the OS, changing the internals but retaining the documented entry points. Suddenly things stop working.

In Windows I remember the move to FAT32. One program written in the FAT16 days wouldn’t install because it looked at the hard drive directly to determine free space. A FAT32 drive freaked it out, the error handling resulting in the program reporting no free space. This wouldn’t have happened had the program just properly asked the OS for the amount of free space.

Drivers are a different deal though, almost always OS version specific.

[discostu]

Ghost is a pretty awesome tool. One of the few things Symantec hasn’t screwed up.

[cynwoody]

Most of the notes are on Notepad or Word.

You should be good to go, then. A good free Notepad replacement on the Mac is TextWrangler.

If your Office needs are reasonably basic (no fancy VBA-based Excel applications, for instance), you should look at OpenOffice and LibreOffice. LibreOffice is a recent fork of OpenOffice (see the Wikipedia). A group of OpenOffice developers decided they didn't like the direction Oracle was taking with the assets it had acquired in its acquisition of Sun. OpenOffice / LibreOffice document files are interchangeable with Microsoft Office (as long as you avoid certain advanced features, such as macros).

Another Mac pointer: I rarely use the Dock. I keep it hidden below the bottom of the laptop monitor, configured to appear only if I move the mouse there. I might check it once in a while to access the wastebasket or check status.

To launch apps, I use Spotlight. I type Cmd-Spacebar. The Spotlight textbox appears in the upper right. Then I type a few characters of the app's name (e.g., F-i-r or C-h-r), whereupon Spotlight instantly locates the app (Firefox or Google Chrome in this example). Then I hit Enter, and the app launches. Spotlight learns what you tend to look for and prioritizes what you are likely to choose when there are multiple matches. I find using it much easier than managing the Dock or rummaging through the Applications folder.

Another handy use of Spotlight is difficult words. Cmd-Spacebar and type an obscure word. Spotlight will pop a Definition link to the top. Hit return, and the Mac Dictionary opens to the definition.

[raygun]

Independent test lab results.

See http://www.matousec.com/ for more information.

I believe they scored around 37% which I found shocking at the time I was using it. My knowledge is an outgrowth of discovering that both Zone Alarm and Norton System Works Professional 2003 would not install on a Windows Server 2003 Standard. I was able to obtain that O/S gratis due to Microsofts philanthropic program Dreamsparks which entails students licensed copies of various Microsoft titles free of charge. At the time I was taking a college course in Microsft Server Management. I also was able to obtain licenses for Visual Studio 2008 Professoinal, SQL Server 2008 and several others, all for free as a student.

Since I was both long-term unemployed and a student, I nneded to find suitable alternatives for AV & firewall that were free. That's when I discovered that both Norton & Zone Alarm actually fared quite poorly. An AV that scored rather well is Rising. However, investigation reveals that it phones home to China for its AV def updates. You'll do well also with Lavasoft's latest incarnation of Ad-Aware (also free). The boys at Wilders Security forum were speaking very highly of its AV engine a while back. The engine was acquired from another company that had a very high reputation. It is a solid piece of technology.

Malwarebytes is another solid technology to have installed purely for serendipity reasons. Its not so good at prevention, but it scores the highest in removal ability. Its always good to have as a backstop when another anti-malware squawks but can't remove the offense. One never needs to run its manual scan for any real reason except when adjunct AV can not remove a particular infection. One never wants to have to install anything when one is already infected.

I'm very happy with Comodo. I have no interest to get into a political imbroglio concerning it and its competetor's fanbois, nor the business squabble between Matousec and the owners of Online Armour (which frankly I find disgusting), and all the Comdodo competetor fanbois screaming ad hominem at Matousec becuase their pet software fails testing by Matousec.

My security is backstopped with SpyBot Search & Destroy v1.62 and Windows Defender, along with periodic update of HOST file from http://winhelp2002.mvps.org/hosts.htm (which appears to be down at this time). The entries in HOST from mvps.org will prevent navigation to known malware sites. Moreover, Spybot's real-time protection transparently blocks download of cookies from known malware sites. Moreover, its immunize feature adds its own URLs into the HOST file and enters those into the browser restricted zone.

In conjunction with this I have the Content_IE5 folder blocked in Comodo for all executables and archive files thereby protecting me from virtually any drive-by download attack. Furthermore, SVCHost has been hardened so that it can not be tricked to execute anything without permission out of any temp folder.

After a year and 1/2 of operation, the security baseline for the O/S and all applications have been sufficiently established that anything makes the slightest move on my system and Comodo will alert somethings up. Those things that Comdodo monitors and alerts on are:

• interprocess memory access
• windows / WinEvent hooks
• device driver installations
• process termination
• Window messages
• DNS/RPC client service
• protected com interfaces
• protected registry keys
• protected files/folders
• physical memory direct access (DA)
• computer monitor DA
• HDD DA
• keyboard DA

Security is maintained via hash which is stored in local safe file list. Files that are unrecognized are automatically referenced in the cloud for malicious behavior. Both the host and cloud computing utilize heuristic detection for malicious behavior. Files that remain unrecognized all under the purvue of Comodo's sandboxing technology which virtualizes as much of the system as is configured to occur. Its up to the user to either manually declare the unrecognized software as trusted, or await update from the cloud that the software is non-malicious.

The firewall is likewise just as robust allowing establishment of global rules for both inbound / outbound screening. It is a true stateful inspection technology, and so unsolicited connection attempts are dropped transparent to the user. Were Comodo firewall excells is in its notificatio of outbound connection attempts. It informs in detail what is attempting connection, where its attempting connection to and what specific IP protocols are being implemented for the connection.

As I indicate Comodo is very comprehensive and very robust. And its FREE. The support forums are outstanding. However, the more proficient, adept and competent the user is specifically concerning networking, internet connectivity protocol, and fundamental operating system functionality the greater degree of hardening that the user will be able to configure. That being said, the default neophyte user config is way better than nothing, and heads and shoulders above all but the highest fee based products.

The two noteworthy competitors in that regard: Online Armour and Swiss based Avira. You could go Comodo sans the AV at installation time and run with Avira and you'd be rock solid. But I'd question why waste the money? Reliance on AV means its already gotton through the HIPS and firewall and now has a beachhead on your system. The user is in trouble at that point regardless of how effective the AV is.

[Swordmaker]

It’s OK, but I don’t recommend running any AV on Macs. Unless you are desirous of preventing the re-transmission of Windows viruses in forwarded emails, there is currently little purpose in running one on an OSX Mac. There are Zero known self-relocating, self-installing, self-transmitting viruses for OSX and only 22 Trojans in five families, all of which are easily avoided and identified by the OS itself which will warn the user if he attempts to download, install, or run one of them. Apple pushes updates to that Trojan identifying system since the MacDefender Trojan reared it’s head. I’m not sure about Intego but at least one of the free Mac AV solutions TURNED OFF the native anti Trojan protection so THEIR AV could report finding some Mac malware... Turning it off was necessary because the OSX Trojan protection intercepted the malware before the AV could see it!

[Swordmaker]

Self-relocating=self-replicating. Dang auto-correcting dictionary.