On Tue, 2003-10-21 at 04:14, Bryan Phinney wrote: > On Monday 20 October 2003 09:41 pm, Cy Kurtz wrote: > > > > C'mon, I'll give you ten to one on the Windows box... ;-) > > > > no no no wait a minute! > > > > What happens when Linux becomes as popular as windows? Most people > > writing virii are aiming at windows boxen, because they are more > > numerous. People writing virii want to do as much damage as possible, so > > they are going to go after the most popular OS. > > Every time I see this comparison, I wince. Explain to me how you can compare > a single OS built by a monolithic entity that controls all of the source code > and releases only the information that puts them in the best possible light > with an OS built by literally dozens of different teams, each to their own > specifications that basically share a common kernel but have different > directory structures, package managers, peripheral drivers, etc. > > As much as I think that Linux will become a bigger target eventually, I do NOT > think that anyone can generalize and say that one virus that exploits a > vulnerability on one distribution of Linux will automatically propagate to > every distribution. Ever tried to get a package that was built to be > portable to actually port over to a different distribution? And they are > trying to make it portable and can include code specifically designed to do > so. Viruses have to be small and compact. > > Linux is not the same as Windows and comparisons of this nature only serve to > make people forget WHY MS products have a tendency to be compromised more > often and it has a lot to do with the unified environment, the same thing > that MS is quick to take credit for when it works in their favor, and anxious > to make people forget when you point out that it also works against them. > > I would not go so far as to say that Linux can not be compromised but given > the age of the system, the fact that a lot more businesses run Linux which > makes it a more attractive target for ego purposes, and the fact that with > open source, MS could have been publishing exploits on Linux, if they were > there, instead of funding dubious analyst research on ROI that nobody pays > attention to, I feel pretty confident that Linux is much more secure than > average Windows. > > The fact is that it is MUCH easier to write viruses for Linux, (something that > these "journalists" often overlook) because of the fact that the source code > is published so that virus writers can go through line by line and look for > vulnerabilities. With Windows, they have to decompile and reverse engineer > to find weak points that may end up being dead ends. Given the different > nature of open source, we should be seeing many more viruses written for > Linux than for Windows, if only because it is so much easier to do it. > > As for social engineering, based on my own experience, I would trust a Linux > user to do the smart thing well before trusting the average Windows user, but > hey, that might be just me.
I would as well, today, however as more and more of the windows world enters the world of Unix + the desire to make it as painless as possible may well increase the chances of something being haywire. There is little to stop someone from using betty or 123456 as a pasword. Warnings yes. But nothing tells them why it should be otherwise. One of the biggest security holes I've seen of late is the ability to setup auto login. Sine 9 out of 10 hacks are inside jobs.... gee. James
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
