A friend of me approached me as soon as I came online this morning, asking me if I wanted to have a great laugh. Of course I wanted, it’s a great way of starting the day. I then got asked to visit the German version of ZETA-OS.com and read their latest update. I did, but I didn’t laugh, not at all. The article reminded me of the article that I wrote two days ago, and that the BeOS distributions all together have a market share of less then 0,01%.

First of all, my German is not perfect. I am not a native speaking German and there is even things in the article that I didn’t understand. Before I continue, please read an old article published at TheRegister.co.uk.

magnussoft writes: “Die Architektur der Software vereitelt das ein System von außen durchsucht wird, ohne dass der Betreiber davon Kenntnis erlangt.“, something that I understand as it is not possible to examine ZETA from the outside without notifying the user due to the architecture of this software. There is no firewall solution available for the BeOS platform, nor for incoming or outgoing traffic, so how would the user be notified when somebody is snoozing around?

The article continues with: “magnussoft ZETA ist „immun“ gegen bösartige Angriffe aus dem Internet. Nicht nur staatliche Kontrolle, sondern auch Dialer, Trojaner oder anderweitige Hackerangriffe sind schon in der Basisinstallation chancenlos“, something that I translate as magnussoft ZETA is “immune” against harmful attacks from the internet. Not only governmental control, also dialer, trojans or other sorts of hack attacks are already without any chance of doing harm in the base installation. This might be true, by default all network services/servers are turned off and therefore many hack attacks are not possible. You cannot then access your ZETA system through telnet, ftp or ssh, but as so often users are their own enemies and can have their reasons for turning these services on. Both the telnet and ftp services are known for sending both username and password in clear text over the Internet, and hackers can easily pick them up and log in to the system, and then both spy and delete data on your system. This is not something that is ZETA specific, it is true for all operating systems. It is probably also the reason why telnet is not preinstalled in Vista and something that a user with admin rights later must install.  SSH is secure, in the same extent as other operating systems making use of OpenSSH are.

As you port and implement standards like OpenSSH, Samba and CUPS, they must be maintained when developers are releasing security updates. Is your way of providing service packages optimal? Both Windows, MacOS X and Linux have their inbuilt update managers, telling users when an update is made available. Having to visit a website frequently to check for updates is probably something most users will not do. But computers are not only hacked, what about laptops that get stolen? Vista has BitDefender and MacOS X it’s FileVault. What do you provide?

My say on this is that magnussoft ZETA 1.5 will probably be more secure then any previous BeOS release. Why? With the introduction of multiuser support, users don’t have to run as root any more. Previous versions of ZETA and all versions of BeOS have been single-user operating systems meaning that the user ran with root privileges. magnussoft should continue developing ZETA in the direction of a more secure user experience: Wireless securities (WEP is not secure any more, WPA is considered far more secure. Perhaps also implement 802.1x?), a VPN client, a SFTP client, and a continued development of multiuser, to also support parental control as in Vista and MacOS X? Perhaps also get an antivirus software? The reason why I use antivirus software on my Mac and Linux installation, is not cause I am afraid of getting viruses on these systems, but rather to avoid spreading viruses to Windows users, who often are friends and colleagues!

Regarding ZETA being “immune”: Hackers are strange beings, they want to their names/nicknames to get known and get famous in their communities. And what is probably the best way of getting famous? Hack the operating system that most people uses, and that is Windows. Approximately 93% of the machines that access the Internet are making use of a Windows operating system. The “recent” popularity has made MacOS more vurnable, just read about Month of Apple Bugs. The BeOS platform doesn’t even have 0,01% market share of the computers accessing the Internet, why should any hacker try to make a dialer or trojaner? This kind of security is often called Security through obscurity. It doesn’t really mean that your system is secure, only that no hacker cares about you.