Every year for the last few years a contest has been held in British Columbia, Canada. The purpose of this contest is to allow the best hackers to take a crack at browsers, mobile devices, gaming consoles and operating systems and see which they can hack the fastest. While this seems like a shady contest, the purpose of the contest is to find these vulnerabilities so that the companies can find solutions and keep their users safe.
In the operating systems category, a security expert, Charlie Miller has taken the prize for the last two years. OneITsecurity decided to interview him leading up to the march 24th event. I’ll include a link to the full interview, but to sum it up briefly, Miller basically said that he expects Snow Leopard to be an easier nut to crack than Windows 7, “Windows 7 is slightly more difficult because it has full ASLR (address space layout randomization) and a smaller attack surface (for example, no Java or Flash by default).” ASLR, according to Wikipedia, is a computer security technique which involves randomly arranging the positions of key data areas, usually including the base of the executable and position of libraries, heap, and stack, in a process’ address space. Basically, it makes security much more difficult to hack.
One thing that Miller did note was the lack of security that installing flash invites. When asked what would be the most secure combination for a browser/OS he said, “That’s a good question. Chrome or IE8 on Windows 7 with no Flash installed. There probably isn’t enough difference between the browsers to get worked up about. The main thing is not to install Flash!” While I agree about the vulnerabilities in flash, the internet minus flash would be horrible, kind of like surfing the internet on an iPhone or iPad (magical). It’s one of those things that you just need to realize the risks going into the situation.
He also went on to speak about Linux and mobile devices and which would be easier, he feels, to hack as well as hinting about the ability to hack gaming consoles. For the full interview on oneITsecurity, click here.
With all of the fuss made over Vista’s short-comings, “other companies” made a great effort to point out their strengths in the security realm, but was all of that just fantasy? Take it from a security experts own words, Windows 7 is the most secure OS out there.
Sources: TomsHardware.com, oneITsecurity
