On Sunday 07 Sep 2003 5:19 pm, Eric Huff wrote: > > Hell, I go for a much more subtle approach. > > "How have you guys been standing up to Sobig and MSBlaster this > > week?... got any idea of what it's cost you? I sure am glad I don't > > have to worry about that, if you ever want to try out Linux, let me > > know, I have a set of CDs in the truck, I can give you if you > > want,,, you know these virus only attack MS products". > > Isn't it true that if you are "fully patched" (as painful as that is) > that these virus's don't get you? > > I'm not trying to stick up for windows in any way, but at work, our > sys is windows, and we haven't had a problem. > > Our IT guy and i talk about it, and he thinks his next small company > will use linux, but in the meantime, he keeps the system up to date > and we have had no sobig problem. > > Don't get me wrong: using microsoft programs every day sucks. I feel > handicapped at work now that i have linux at home. > > I just want to make sure i understand this.
Microsoft and Linux issue about the same number of security fixes. There are tens of thousands of MS viruses, and a handful of Linux viruses, most (all?) of which can do no harm unless you run as root. There is no way to protect an MS system to the same level as a basic Linux install running as a normal user. It is possible to make a Linux machine a lot more secure than that. On a standard MS install any executable that you run can write to any file on the disk, and even if you secure that it can still read every file on the disk. On Win9x you can't even go that far. There is no such thing as a fully patched Win95/ME machine; MS has stopped supporting them. Forget servers, they are usually fully patched, virus protected and carefully watched. The real battlefield is the desktops and home users, and that is 99% MS, and about 10%* fully patched and virus protected. That creates a large breeding ground for virii, so they will go further than if they target the 1% market. You cannot trust a closed company to release timely and adiquate patches. With Open Source the stimulus is there to do it quick and right. For 20 years MS products have not paid any attention to security, and they appear to only be giving it lip service even now. For 30 years Unix has had its eye on the ball. A fully patched machine is no ultimate protection. The FSF were hit by a trojan attack within the 1 week between an exploit being published and the fix being available. Only the clever virii are stopped by patches. Stuff that travels on floppy disks and by exchanging executables are still able to replicate on Win9x and any other MS OS that isn't locked down by the sys admin. *nix machines running as normal users are mostly imune to this vector, because there is no write access to executables. * 86.4% of all statistics are made up on the spot. -- Richard Urwin
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
