Alexander’s Blog

According to netmarket.com, here is the latest operating system market share breakdown. If it weren’t for Mac’s 5% market share, Windows (91.09%) would pretty much be the only OS used around the world. With all the press Linux gets, it’s practically non-existent at 0.86% and has almost the same market share as Android (0.27%)…..less than 1%. Keep in mind, Android is used on mobile devices and is not a desktop OS.

Out of the Windows operating systems, Windows XP is still the most widely used OS. However, Windows 7 is moving up pretty quickly and have already moved ahead of Windows Vista.

Windows XP = 60.03%

Windows 7 = 17.10%

Windows Vista = 13.35%

Mac OS X 10.6 = 2.72%

Mac OS X 10.5 = 1.67%

Java ME = 0.95%

Other = 4.02%

For some reason Apple and Linux users have a tendency to believe that their computers are immune from viruses and malware. I am not sure who spread this rumor (some people suggest it was Apple but I have no proof of that), but I can assure you that it is not true. I have blogged several times over the years about Macintosh security issues. The only reason you don’t hear much about Macintosh and Linux security exploits and read about attacks on Windows-based PCs is that Microsoft Windows runs on about 90% of the computers in the world. The bad guys have very little interest on finding security holes in operating systems that are run by a small percentage of people around the globe.

A recent post on ZDNet, written by Ed Bott, discusses some serious security issues in Linux and Macintosh. Here’s a portion of his blog post:

“Every time I write about Windows security software, I get a predictable flood of responses from Linux advocates who claim that they don’t need any such protection. Today comes a shining example of why they’re wrong.

If you downloaded and installed the open-source Unreal IRC server in the last 8 months or so, you’ve been pwned. Here’s the official announcement:

Hi all,

This is very embarrassing…

We found out that the Unreal3.2.8.1.tar.gz file on our mirrors has been replaced quite a while ago with a version with a backdoor (trojan) in it.

This backdoor allows a person to execute ANY command with the privileges of the user running the ircd. The backdoor can be executed regardless of any user restrictions (so even if you have passworded server or hub that doesn’t allow any users in).

Two additional details in the announcement added extra helpings of irony:

It appears the replacement of the .tar.gz occurred in November 2009 (at least on some mirrors). It seems nobody noticed it until now.

Right. Because even server administrators believe that open source and Linux software are impregnable by design, the official download of a widely distributed server product has been infected with a backdoor that gives bad guys complete ownership of the system. Oops.

And my favorite part:

The Windows (SSL and non-ssl) versions are NOT affected.

Again, that’s right. A similarly infected Windows file in the wild would be detected within days if not hours after a routine virus scan by someone checking the download before installing it.”

Ed goes on to talk about Macintosh security issues. You can read his entire post here.

TechRepublic’s Editor in Chief, Jason Hiner, has done a very detailed analysis on why Linux has miserably failed to take over the desktop market from Windows. He writes:

In the decade since it was first proclaimed as the “Windows killer,” Linux on the desktop has made virtually no progress in real adoption numbers. According to market share trackers (based on real PC activity and not just sales) such Net Applications, StatCounter, W3Counter, and others, the market share of Linux has been hovering around just 1-2% of total PC operating system installations for a decade.

In his article, Jason also gives reasons why he believes Linux has not been the “Windows killer” that a lot of people have been predicting.

Despite this consistent evidence that Linux desktops were going nowhere, pundits, analysts and Linux enthusiasts have been repeatedly predicting that Linux was on the verge of a breakthrough on the desktop. At the end of nearly every year, some writer or publication has prognosticated that the following year would be “The year of the Linux desktop.”

While Linux has made progress in the servers and mobile devices arena, it has failed to conquer the desktop world. You can read Jason’s complete analysis on TechRepublic’s Web site here.

If your laptop is stolen, it sure would be nice to be able to track it. Well, the researchers at the University of Washington (UW) along with the researchers at the University of California, San Diego have developed an open source software package, called Adeona (the Roman goddess of safe returns) to do exactly that. It uses state-of-the-art cryptography so you, the owner of the laptop, will be only person who can track your stolen laptop. If you are wondering about the cost of such valuable software, worry not….it’s FREE.

Adeona uses the Internet as a homing beacon by occasionally sending the laptop’s IP address and related information to OpenDHT, a free online storage network. By using the IP address, you can get a general idea where the laptop might be located. The tool works on laptops and desktops running Windows, Macintosh and Linux.

If you are using Macintosh you would like this tool even better because Adeona will use the computer’s internal camera to take a photo and send it to the server. The photo, along with the general location of your stolen laptop, could be valuable for law enforcement authorities to help you track your laptop.easy

The program is very easy to install and takes only 3.8MB on a Windows computer. The software consists of Adeona Client, which periodically sends private updates regarding your laptop to a remote storage location on the Internet. The Adeona Recovery Tools is the component that helps you retrieve the updates that were sent by your laptop. Of course, you want to install both the components. You will be prompted to provide a password. This password will ensure that only you will be able to reteive the information about the laptop.

Once you have installed the product, make sure that you back up the file created by the setup program on your desktop. The file is called adeona-retrievecredentials.ost and it contains the location-finding credentials of your laptop.

NOTE: Unfortunately, the extension .ost will confuse some people because it is used by Microsoft’s Outlook as an offline storage file. To read the contents of the file do not double-click it, instead you can open it in Notepad to read the content.

Here’s the message you will see at the completion of installation.

To retrieve a lost or stolen laptop you execute the Run Adeona Recovery tool from the Start menu. You will be prompted to enter your password. You may have to wait an hour before you do a retrieval after you install the software on your computer. In my evaluation of the software, I was able to get the location information relatively quickly, within 20 minutes or so after the installation. The retrieved location information will look something like this. I am using fake IP addresses in the example.

Retrieved location information:
update time: 10/03/2008,10:38 (PDT)
internal ip: 10.5.15.20
external ip: 192.168.9.8
access point: (n/a)
Nearby routers:
1 0.000ms 10.5.15.1 (MYROUTER)
===============================
Press any key to continue . . .

You can use one of the several free tools to look up the IP address information, such as IPLookup.

Check out this link for more details. You can download the tool at http://adeona.cs.washington.edu/.

The Windows Security and Directory Services for UNIX Guide focuses on the use of Microsoft Windows Server 2003 or Windows 2000 Server Active Directory directory service to provide centralized authentication and authorization services for users in a network that includes both UNIX-based and Windows-based computers.

The Windows Security and Directory Services for UNIX Guide provides guidance in selecting the best solution to meet the authentication and authorization needs of your organization. The guide also explains the best practices and the major issues that you are likely to face as you implement the solution that is most appropriate for your organization.

Click here to download this complete guide from Microsoft.