What is the inevitable result of poor Windows security records?

It is simple to claim that a heated debate has been held on Microsoft's poor Windows security record, but the fact is that such a debate has never been conducted. Here, there are indeed two camps, and they do not agree with each other's point of view, but it is not a real debate. The debate means that both parties will discuss certain issues. While one party tries to discuss the problems caused by the security principles, including the reasons for using these principles, the other party has repeatedly heard that there is no logical foundation, in addition, when you refuse to conduct in-depth review on the issue, there will be no "debate.

Security awareness camp

The first camp (because I prefer to support them) is composed of people who have an in-depth understanding of security technical principles and are aware that relevance does not mean a causal relationship. They know that many key factors can be used to improve security. These key factors include:

1. Establish a sustainable, responsible, and transparent development plan.

2. Establish a layered defense policy.

3. Authorize and protect users.

4. monitor key resources.

5. Find useful methods from the public evaluation.

6. Quickly, effectively, and transparently handle discovered vulnerabilities.

7. face new security challenges in an honest and innovative way.

8. test the effectiveness of the solution.

9. Not floating on the surface, but a deep understanding of the nature of the problem.

10. The minimum permission mode is implemented by default.

Many in the first camp think that Microsoft Windows is a leading material in software security. They do not agree that the poor security of Microsoft Windows is caused by the use of the same operating system in most regions around the world, and the so-called benefits are only very unreliable.

Camp without security awareness

The second camp contains people who use the so-called self-evident security concepts to prove their own prejudices. To some extent, these concepts become meaningful and effective security principles, basically relying on luck. If you have time, one or two of the following principles may go to the exclusive list. However, most other ideas are not valuable:

1. The better the product, the higher the security.

2. Normal operation means no test is required.

3. For security hackers, my computer has no value.

4. Keep the system design confidential to ensure security.

5. the more popular the software is, the less secure it is.

6. The more security functions and security applications the more secure the application is.

7. Only bad people who need to hide things need to pay attention to privacy.

8. Only security experts need to pay attention to security.

9. Security and availability are opposites.

10. The number of vulnerabilities is a key criterion for security.

Many people in the second camp are loyal supporters of Microsoft and believe that Windows is better than all competitors and alternatives. Although in general, refuted statements may lead to logical errors, and the unsupported ones may be kicked out, they often support the entire process. There is a connection between accepting the explicit or implicit security principles of errors and sticking to a basically absurd argument to support an unprotected operating system.

Microsoft Windows in terms of security

In most cases, what is an effective security design, whether influenced by good ideas or bad ideas, is quite obvious. In many cases, the links in the article can be used to explain each point in view.

The design principles of Microsoft Windows violate a lot of excellent ideas, and we can even call them "Design Principles ". Microsoft's strategy involves a lot of bad ideas. Microsoft's Windows security depends on third-party software, which is a choice of Microsoft rather than a safer alternative.

I think this may lead to some debates. Most readers may be surprised to find that I am not very impressed with security parameters and find that Microsoft Windows, the flagship operating system, has neglected an important security vulnerability for eight years. However

I have supported Microsoft once or twice since I pointed out that other software vendors may be imperfect in recording and motivation.

After all, I have more than ten years of professional experience and ideas in this field. Therefore, to avoid the impact on some readers due to security problems in Microsoft Windows, I decided to explain it in a simple language:

I believe Microsoft Windows is incorrect for almost any purpose. This is an incredible poorly-designed operating system that includes numerous levels of poorly designed features, in many cases like using a Band-Aid to handle big wounds on your neck, it does not provide any effective security functions. To a large extent, it provides psychological comfort. What Microsoft Windows has said is a lie, which mainly belongs to personal imagination.

It can be called bias if you want, but it comes from people who know Microsoft Windows and a considerable number of alternatives at both the professional and personal levels.

Edit recommendations]