[offtopic] Topicality debate [my 2 bits]
I hadn't checked this list for a week or so, and today was met with this deluge of posts regarding topicality [again], in response, might I offer a couple of stray thoughts? The debate and subsequent infighting has become far more disruptive now, then the occasional offtopic post. It is a simple thing to filter a particular member, but near impossible to filter the ensuing fallout from an 'offtopic' thread. I can think of a couple of ways to make things a little better for the innocent bystanders amoung us: -Self Moderating Approach Grey Areas. If you think your post could be considered off topic by some, simply prefix the subject with '[offtopic]', then it is a simple thing to filter, and your post is far less likely to be met with a negative response. Clarify what -is- on topic. Are worms/virii on topic? Possibly.. If: it is SANS top 10, and an emerging issue with potential to dramatically amplify traffic flow, Then: I want to hear about it, Else: [offtopic]. Are botnets offtopic? I would say yes, there are better and dedicated venues for those discussions. Are these endless debates about what is offtopic subject matter themselves 'offtopic', clearly they are.. prefix please. A definitive set of posting guidelines, one that leaves litlle to individual interpretation could be established, leave less up to the 'debateniqs' to rant about, by creating a clear and concise set of acceptable subject matter rules. There is the issue of sustaining readership. If window of acceptable subject matter is too narrow, appeal will decline, and with it some of the readership that we need to remain active will leave the list, hence we need some [reasonable] measure of flexibility allowed for in guidelines, [think: discretion]. As for issues that are clearly outside definitive guidelines but still of general interest, maybe a relaxed charter on Fridays? I rather enjoy Fergie's article references, just make sure to use the [offtopic] thingie. -Moderated Approach Create an nanogofftopic@ to give a vent to members. If a post is clearly offtopic and not announced as such, use a 'three strikes your out' approach, first warning and inviting review of list guidelines, then as a last measure cancelling list subscription. Include 'this is offtopic!' responders among offences, and maybe we can reduce some of the list noise. John
Re: Open Letter to D-Link about their NTP vandalism
As I replied in a comment offline, auto updating firmware is nothing new.. my cellphone updates itself, as does my satellite receiver, and many other devices as well, (the best of which, perform these tasks without our notice or appreciation). There is of course the potential for a bug causing some unforeseen catastrophy, but much of the risk could be mitigated with a bit of planning and a well designed system, (ex. old image is stored, and boot failure loads that image.. image is first downloaded, test md5, then flashed etc). Servers have been using these technologies for quite a while now, all tested and true. Also, one would expect the vendors to release updates only when necessary, with some serious QA before a release, (but if they did that in the first place, we wouldn't be having this discussion ;o) Just a thought. John - Original Message - From: "Steven M. Bellovin" <[EMAIL PROTECTED]> To: "John Underhill" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, April 11, 2006 12:24 PM Subject: Re: Open Letter to D-Link about their NTP vandalism On Tue, 11 Apr 2006 10:28:32 -0400, "John Underhill" <[EMAIL PROTECTED]> wrote: It seems to me, that the only *real* solution is for these manufacturers to implement a [responsible] strategy of automatic firmware upgrades, as it pertains to these (simple eu type) devices. How difficult would it be to have the router test a server periodically, (say once a month), and in the case of a critical flaw in the software, silently update the device? I suspect it is cost/benefit skepticism that is keeping them from doing just that. It would be a disaster. My (cable modem) ISP does that to my cable modem/NAT box. A few months ago, a buggy update made the NAT part drop all connections after 30 minutes. It took me a week or so to get enough data to nail down the problem precisely. I then had the fun of trying to get through the phone droids to reach someone who understood what "NAT" or "TCP" meant. What unusual combination of features will random upgrades break? By the way, since we're talking about D-Link, it's instructive to read the warnings on their firmware update pages. Do NOT upgrade firmware on any D-Link product over a wireless connection. Failure of the device may result. Use only hard-wired network connections. This firmware is engineered for US products only. Using this firmware on a device outside of the United States will void your warranty and may render the device unusable. Other warnings I've seen include warnings that all configuration options will be reset, version incompatibilities, and the suggestion that one should connect to a UPS before doing the upgrade, just in case. (Hmm -- there's a vicious thunderstorm approaching, and the lights are flickering. And it's time for the monthly autoupgrade!) --Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Re: Open Letter to D-Link about their NTP vandalism
It seems to me, that the only *real* solution is for these manufacturers to implement a [responsible] strategy of automatic firmware upgrades, as it pertains to these (simple eu type) devices. How difficult would it be to have the router test a server periodically, (say once a month), and in the case of a critical flaw in the software, silently update the device? I suspect it is cost/benefit skepticism that is keeping them from doing just that. John - Original Message - From: "Mike Tancsa" <[EMAIL PROTECTED]> To: "Simon Lyall" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, April 11, 2006 9:05 AM Subject: Re: Open Letter to D-Link about their NTP vandalism At 08:36 PM 10/04/2006, Simon Lyall wrote: I've said in other forums the only solution for this sort of software is to return the wrong time (by several months). The owner might actually notice then and fix the problem. Of our customers who have such routers, I would say 90% would not know the unit even kept time, let alone the correct or incorrect time. ---Mike
Re: Time to check the rate limits on your mail servers
Creating an invincible mail client, still only addresses the symptom, and not the disease. I would contend that any attempts made to harden a mail client, will, (and have always been..), be countered with a new exploit, a new method of exploiting the system. The only way to really control spam, is to make it unprofitable, both for the hosting providers, and websites that use this as a form of mass marketing. If say, a 'top 100 domains' (or 10,000, if need be..), list of offending websites were assembled, continually updated, and used universally to null route the websites paying for these services, (and in some cases, entire blocks owned by unscrupulous service providers hosting these websites, in the case that are continually proffering these services to offending parties..), it would soon become the case that if you use spam to mass market your product, you risk losing your access to a portion of the internet. Of course, there are many lists of this kind, but what is lacking, is the willingness to launch a coordinated effort, or agreement on a proven and effective criteria for identifying how this could/should be regulated. I have heard the argument that we are not in the business of determining what should be permitted on the internet, and for the most part I would tend to agree, but I view this as a technical and not an ethical issue, and when seen in that context, the solutions seem obvious. Control spam? Attack it at the source, -follow the money- and make those that would profit from the abuse of the system accountable by denying them services. John - Original Message - From: "Miller, Mark" <[EMAIL PROTECTED]> To: Sent: Thursday, February 03, 2005 3:37 PM Subject: RE: Time to check the rate limits on your mail servers How come it is always about controlling the symptoms and not the illness? The vast majority of these "spam drones" are compromised WINDOWS machines. If the operating system and dominant email applications so easily allows the users' machines to be taken over by a third party, then there is something wrong with the operating system and the mail applications. It occurs to me that the solution is not to limit the range of destruction, but to defuse the bomb. Perhaps the focus for a solution should move up the model to layer 7. - Mark -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, February 03, 2005 8:47 AM To: nanog@merit.edu Subject: Re: Time to check the rate limits on your mail servers > Do you let your customers send an unlimited number of emails per > day? Per hour? Per minute? If so, then why? Doing that - especially now when this article has hit the popular press and there's going to be lots more people doing the same thing - is going to be equivalent of hanging out a "block my email" sign. I don't understand your comment. This is an arms race. The spammers and botnet builders are attempting to make their bots use the exact same email transmission channels as your customers' email clients. They are getting better at doing this as time goes on. I think we are at the point where the technical expertise of the botnet builders is greater than the technical expertise of most people working in email operations. ...
Re: (newbie) BGP For Dummies?
This is a bit dated, but a good place to start.. BGP4 Case Studies - Sam Halabi http://www.cs.fsu.edu/courses/netdesign/halabi/halabi-bgp4-case-studies-tutorial.pdf#search='halabi%20bgp%20cisco' For a forum try: http://isp-lists.isp-planet.com/isp-routing/ Internet.com has a number of forums in this genre, just poke around their website a bit.. John - Original Message - From: "David E. Smith" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, December 10, 2004 3:35 PM Subject: (newbie) BGP For Dummies? "Hi, long-time listener, first-time caller..." Can anyone recommend a good forum for BGP questions? I've got my copy of the O'Reilly book handy, but having never really worked with BGP before, I find it's not really the best novice-level work. (Or, if questions about weird inter-AS routing scenarios are on-topic here, I'd be glad to bounce my problems around on NANOG.) Thanks! David Smith MVN.net
Re: Big List of network owners?
Again guys.. just in the thinking out loud stage.. But it does surprise me that this information is not freely available, and accessible to all without hindrance, registration or obligations of any kind. There is the argument that this information could be used by the wrong people to do the wrong thing, but I am guessing many of those people already have this data. Arguably, the people most likely to be causing problems, are the very ones who seek anonymity through a process that is apparently not as defined and regulated as it needs to be in order to assure proper identification and subsequent accountability. It is all about that accountability, action and response. If badhosting.com insists on harboring CWS, spam engines, and the like, wouldn't it be better if everyone knew, down to the last host, every address they own? If this information were freely available, posted in plain view, script friendly, and a dynamic resource, I suspect a lot of problems could, (at least in part), be made to disappear, or at the very least, automated tracking systems, and abuse reports could be made to be more reliable. Every enterprise is absolutely dependent on its financial viability, if the owner of badhosting.com woke up on Monday morning to find half of north america was no longer visible to his clients, he would either a) grow a conscience, or, b) go out of business - either one would be just fine with me. John - Original Message - From: "william(at)elan.net" <[EMAIL PROTECTED]> To: "John Underhill" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, October 28, 2004 6:02 PM Subject: Re: Big List of network owners? Please describe exactly what you want to do with the data. If its specific action based on some network name or per their ASN, I can probably deliver it (assuming this function has community value for more then just your needs). But providing entire list - is too open for abuse and also may violate RIR policies for not redistributing bulk whois data in "bulk form". If you want to do it yourself - feel free to contact every RIR (its only 4 of them) and sign for bulk whois agreements (and RIPE and APNIC already provide their whois database free actually if you look around) and write scripts and program to put it all in the database format that you want. On Thu, 28 Oct 2004, John Underhill wrote: I realize that there may be no way to contact many of these people, but, it is a step towards identifying problem networks. If badhosting.com is responsible for a given percentage of the garbage that comes through our pipes, and I can leverage user input to identify this, then I can use this to create more responsive filtering policies.. - Original Message ----- From: "Gary E. Miller" <[EMAIL PROTECTED]> To: "John Underhill" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, October 28, 2004 5:15 PM Subject: Re: Big List of network owners? > > -----BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Yo John! > > On Thu, 28 Oct 2004, John Underhill wrote: > >> ... but I am looking for a >> way to make it more reflexive, automated, and give the users a more >> direct >> course of action that releases our help desk from some of the burden.. > > And that is exactly why it will not happen. A lot of the registrars > have gone over to the other side. Ever try to get any domain contact > info out of nameking? > > RGDS > GARY > - --- > Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 > [EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676 > > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.2.3 (GNU/Linux) > > iD8DBQFBgWGE8KZibdeR3qURAhOxAJ95psP3g0yjv1Wr6vz5yPQPuCaE4gCdEP/e > erE90DWlIxpcUFLljcMW98k= > =dvcd > -END PGP SIGNATURE-
Re: Big List of network owners?
I realize that there may be no way to contact many of these people, but, it is a step towards identifying problem networks. If badhosting.com is responsible for a given percentage of the garbage that comes through our pipes, and I can leverage user input to identify this, then I can use this to create more responsive filtering policies.. - Original Message - From: "Gary E. Miller" <[EMAIL PROTECTED]> To: "John Underhill" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, October 28, 2004 5:15 PM Subject: Re: Big List of network owners? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yo John! On Thu, 28 Oct 2004, John Underhill wrote: ... but I am looking for a way to make it more reflexive, automated, and give the users a more direct course of action that releases our help desk from some of the burden.. And that is exactly why it will not happen. A lot of the registrars have gone over to the other side. Ever try to get any domain contact info out of nameking? RGDS GARY - --- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 [EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFBgWGE8KZibdeR3qURAhOxAJ95psP3g0yjv1Wr6vz5yPQPuCaE4gCdEP/e erE90DWlIxpcUFLljcMW98k= =dvcd -END PGP SIGNATURE-
Re: Big List of network owners?
Perhaps I should have made my inquiry/intentions a little more specific. Just in the thinking out loud stage here, but.. I would like to put an interactive help system together. One where, the user would have the option to forward some types of complaints directly to the hosting provider/ISP through a web portal. Form data would be collected, trends analyzed, if a particular address space is consistently behaving irresponsibly, it would be forwarded to an agent for further investigation. At which point, depending on the type of, and number of problems, further steps could be taken to correct the problem, ex administrative contact, resolving a hijack site to a warning page, or worst case: filtering that network entirely. We already do this to some degree, but I am looking for a way to make it more reflexive, automated, and give the users a more direct course of action that releases our help desk from some of the burden.. John - Original Message - From: "Gary E. Miller" <[EMAIL PROTECTED]> To: "Randy Bush" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, October 28, 2004 2:33 PM Subject: Re: Big List of network owners? -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Yo Randy! On Thu, 28 Oct 2004, Randy Bush wrote: in general, we try not to make life that easy for spammers and scammers Too late. That horse ran out the barn when Verisgn sold their whois data. At this point keeping the data hard to get just makes it harder on abuse admins. RGDS GARY - --- Gary E. Miller Rellim 20340 Empire Blvd, Suite E-3, Bend, OR 97701 [EMAIL PROTECTED] Tel:+1(541)382-8588 Fax: +1(541)382-8676 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFBgTuA8KZibdeR3qURAmPcAJkBi4c4szOnNXrh0GJJdpvrhf+mrwCdFtoQ ED7OtcZFcxoVkSuUhnsFOOI= =EMDd -END PGP SIGNATURE-
Big List of network owners?
I have been looking around, but haven't found it yet.. Is there a text list of who owns what netblock worldwide? ISP/Location/Contact. I am not looking for anything searchable, but rather, a large, up to date list that I can import to a database.. Thanks John
Re: WashingtonPost computer security stories
Maybe you should browse through the SANS archives, plenty of bind, sendmail, apache, nfs, etc. exploits.. http://www.sans.org/top20/ The problem with *nix, is more with misconfiguration then coding flaws, but this should not be underestimated. Given the current tendency towards global outsourcing, the people with the required skills to properly configure/maintain server systems, are often the same people who find themselves on the front lines of sweeping company layoffs, as their jobs are outsourced to inexperienced and under qualified support personnel. A large computer company I once worked for, recently laid off their UNIX frontline. They outsourced the entire department, and the outsourcing company hired people off the street to fill the positions. A colleague had told me that the interview for this job was just a meet and greet, there was no technical requirement, and no experience necessary. In fact, he had to train his replacements, and sadly, many of them did not posses even the most basic skills, let alone the ability to configure and troubleshoot terabyte sized storage systems. As for Linux for the home user, well.. it is getting better, but has a long way to go before it becomes as polished and intuitive as XP. Overall I would have to say XP serves its purpose well. It is easy to use, highly automated, and if maintained well - a stable OS. As for my detractors, I would argue that I don't feel using MS has caused me to lose my mental acuity, devalued my engineering skills, or caused me any sustained brain damage. It is just a choice, and as far as my personal pc goes, I prefer the clear facility and simplicity of XP. J. - Original Message - From: "David Lesher" <[EMAIL PROTECTED]> To: "nanog list" <[EMAIL PROTECTED]> Sent: Sunday, August 15, 2004 3:19 PM Subject: Re: WashingtonPost computer security stories > > > Note these appear to be WINDOWS security articles. > I've not found a mention of non-windows vulnerabilities.. > > Hmmm... > > > -- > A host is a host from coast to [EMAIL PROTECTED] > & no one will talk to a host that's close[v].(301) 56-LINUX > Unless the host (that isn't close).pob 1433 > is busy, hung or dead20915-1433
Re: Quick question.
> If a CPU dies, it's unlikely to come back up without removing the bad > CPU, especially if the CPU has become unreliable rather than dying > completely. Even if CPU 0 is good and the BIOS has no problems > booting the OS, the SMP aware OS will quite probably hit problems > with the bad CPU. Not necessarily. There have been a number of innovations in recent years in the area of integrated fault tolerance, including bios level controls over component monitoring / management. Some of the more upscale Compaq G3 servers for instance, can remove a processor from operation if it exceeds a threshold of critical errors, (this is also true for memory). Alphas can boot even if the bootstrap processor fails at system start, and simply selects the next available processor.. they also have hot swap processor capabilities, (again for the time being -upscale..). Add onto this features like hot swap 'raid memory' and pci, redundant pwr, fans, and drives, and systems can be made to withstand many common component failures, with little or no interruption in service. With the advent of technologies like hyperthreading, manufacturers are being driven by market demands to create more reliable SMP drivers, and I think it is likely that simultaneous multi-threading will eventually become the standard. > > a duallie will keep the system up when a faulty process hogs 100% > > CPU, because the second one is still available. That also increases > > availability ratio. Well it depends.. The real differentiation is if the system is truly 'symetric', that is; dual processor, I/O and memory bus. If both processors share the same resources, competition between processors for regions of memory and acquiring locks on the pci bus, severely constrain the available resources for each processor. So that if a process runs amock on a single bus architecture, the second processor will not have the resources it needs to run effectively.. > application is not going to take down the machine on any modern OS[2] > and anyway can be dealt with with resource limits, SMP or not, > presuming your OS supports resource limits. > > The real problem with SMP is kernel complexity. Drivers that are rock > solid in single-processor can have bugs that are only triggered under > SMP. Threaded applications can also become unreliable on SMP systems. > > The extra power of an SMP system might be a bonus, but trying to > argue their benefits on the basis of reliability is misguided. > > > Michel. > > 1. Now, they may still be very reliable, and more than reliable > enough for your needs, but they are still not as reliable as the > exact same machine with terminators in all CPU sockets/slots bar one > ;) The fault-tolerant systems are outrageously expensive. > > 2. Unless you're running MacOS 9 or Windows 3.11 on your server.. - > dont think either supports SMP though ;). > > regards, > -- > Paul Jakma [EMAIL PROTECTED] [EMAIL PROTECTED] Key ID: 64A2FF6A > Fortune: > A Linux machine! because a 486 is a terrible thing to waste! > (By [EMAIL PROTECTED], Joe Sloan)
Re: Spyware becomes increasingly malicious
Ok.. but has BSD been attacked on the scale that MS code has? I would argue no, not even close. Do you believe BSD is invulnerable to attack? Hardly.. Unless you want to go back to text based browsers and kernals that fit on a floppy, it is extermely difficult to eliminate all vulnerabilities in the code of a sophisticated OS. The more complex the system, the easier it is to break, and with the level of automation currently expected by most users, this requires a very complex build. Could MS be made more secure, of course. Do I think they are actively working on the problem, yes. If Novell or Mac had risen to the top of the OS heap, would they be catching all the viruses now? I think they would. Really, my point was not to argue this, but that there is no justification for malicious code, that you can't simply pawn it off on MS as being the real problem. By doing that, you are saying that people creating spyware and viruses are not culpable for their actions, that they should be allowed to create havoc and destroy systems, because really they are only leveraging 'features' built into the operating system. - Original Message - From: "Niels Bakker" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, July 14, 2004 3:31 PM Subject: Re: Spyware becomes increasingly malicious > > >> Sorry, it was a _technical_ question - is MAC OS known as having pests > >> and ad-ware in the comparable numbers (if any)? > > * [EMAIL PROTECTED] (John Underhill) [Wed 14 Jul 2004, 19:45 CEST]: > > This is spurious logic. You are suggesting that Mac is a more secure > > operating system, and I would suggest that it is probably far less > > secure, because it has not had to withstand years of unearthing > > vulnerabilities in the code. > > It has. Darwin is based on years of development in BSD code. > > > -- Niels. > > -- > Today's subliminal thought is:
Re: Spyware becomes increasingly malicious
> MS do not publish full system specs, and they use undocumented features > themself. Ok, say MS puplished their code tomorow, what do you think would happen? All the crackers and virus writers of the world would join hands and sing 'joy to the world' and forgive MS for their tresspasses? I suggest that many of these virus writers are not motivated by an elitist ideaology, but rather by financial gain, and the sense of empowerment borne of damaging a global system. I agree that MS, like many large companies, have not always behaved in an ethical manner, and have been driven largely by bottom line economics, but what is done is done, and that doesn't absolve virus and spyware writers of the damage they are doing to the internet community. > So, what other companies are doing? Yes, correct, they are experimenting, > searching for the undocumented features. > They found it, and no one can separate bugs and undocumented features. > These are all results of MS approach _I am doing everything myself and do > not want others to compete with me_. > Ok, so please do not complain on those who uses your undocumented features, > undocumented API (and ohh, it is not my API, it is a bug... as they are > saying now). Are you sure that it is a bug, but not a backhole created by MS > for themself? I am not. So MS has undocumented 'features', so what? When you install their software you agree to a licence, and that you are using their software bound by their terms and conditions. Am I afraid big brother is watching, that MS is spying on me? Not really, nothing to see. Do I think that some of these practices are unethical? Yes, they probably are, but when I agreed to that licence I gave up my right to complain. Arguably, the internet would not be where it is today without MS, and that this design principle of automating as many processes as possible is what has made the internet a universally accessable medium, and that this automation creates security vulnerabilities is simply the trade off made for that accessability. > Or - after others found this backhole, they decided to seal it. You can not > prove that it is a bug, as I can not prove that it was a feature. > > Any undocumented API is not different from a bug - it is just something > which is not documented but exists. > Just as MS is working on new undocumented API's. Of course, they are - > hackers, spyware designers and MS developers... I do not see a difference. I see a very distinct difference, and that is that I have made a choice to use the MS product, that I have given my consent to them by way of a licence agreement, if they clearly abuse that trust, I will choose an alternative product, that is free enterprise in action. But I did not give the hacker and spyware writer permission to invade my privacy and damage my systems. Using MS products is not an open invitation to criminals to disrupt my networks, or absolution for criminal acts. > Please, specify a difference between 'flaw in the code' and 'backhole > created for their own purposes'. If they claim 'our developers use only > specified API' and 'we specify and document every system call and every > function which can be used legally, from technical point of view', then I > agree. But they never did and never would. if they do it, they lost their > monopoly. Result - full zoo of pets, pests, and other animals in every home > computer running Windoze. > > May be, this particular feature was a bug, I can agree - but I do not see a > difference (still). MS has a monopoly, it's true, but the reason for that monopoly is not entirely because of unfair business practices, it also has a lot to do with their original design mission. That was and still is, to make their OS as easy to use as possible. You and I may know how to use linux, but up until a couple of years ago, this was just too complex an operating system for the average home user. That much of the MS code is undocumented, is probably a good thing, because it makes the virus writers work more difficult. Do I think that these undocumented features serve some devious purpose? If someone can come up with hard evidence of that, I will change operating systems. > Sorry, it was a _technical_ question - is MAC OS known as having pests and > ad-ware in the comparable numbers (if any)? This is spurious logic. You are suggesting that Mac is a more secure operating system, and I would suggest that it is probably far less secure, because it has not had to withstand years of unearthing vulnerabilities in the code. I have heard an OS compared to a sphere, the larger the sphere the more surface area: the larger the OS, the more area to protect. The last time I installed Red Hat, it weighed in at nearly 2 gigs, Mac around the same. Now, you can fit a 1000 page novel in a 3 meg file, so consider, there are millions of pages of code in an OS, and regardless of your operating system of choice, there are innumerable flaws that beg exploitation. The only
