Linked by Thom Holwerda on Wed 15th Apr 2009 09:54 UTC
Bugs & Viruses Whenever the Conficker worm comes up here on OSNews (or any other site for that matter) there are always a number of people who point their fingers towards Redmond, stating that it's their fault Conifcker got out. While Microsoft has had some pretty lax responses to security threats in the past, it handled the whole Conficker thing perfectly, releasing a patch even before Conficker existed, and pushing it through Windows Update. In any case, this made me wonder about Linux distributions and security. What if a big security hole pops up in a Linux distribution - who will the Redmond-finger-pointing people hold responsible?
Permalink for comment 358737
To read all comments associated with this story, please click here.
RE: Don't know who to blame...
by ssa2204 on Wed 15th Apr 2009 22:14 UTC in reply to "Don't know who to blame..."
ssa2204
Member since:
2006-04-22

...but I don't see any reason why Confiker/any-other epidemic is so impossible in Linux world. You see, creating such epidemic is a lot of work, so author wants something in return. For example a few hundreds of thousands of zombie boxes waiting for his command. That does not happen easily in Windows world and since Linux user-base is MUCH lower and Linux users are kinda smarter it simply not so cost-effective to attack Linux guys.

So it's time to panic! Hehe (:


I would both agree and disagree. I am not a developer, and certainly can not begin to understand a lot of the underlying code that is involved with such worms. But my understanding has always been that the Windows platform has always been attractive not just because of it's popularity, but also because the install base remains the same; program or service x, y, or z will always be named and located in the same place. Someone could write some script for Ubuntu, but it would most often not affect my Opensuse, and vice versa.

You are correct though in that time spent demands reward. In the past few years a lot of the motivation for malicious code has moved beyond the simple kids messing around to a more professional/organized unit. Back in 2003 I remember reading how the mob in New York was moving away from classic crimes to cyber crimes because of both the profit as well as the risk. Where there is money, one will find a way. If Ubuntu ever become massively popular, you would be guaranteed that people would be motivated to attack, but in the end they could only attack just one distro.

In the end though, why don't we really just lay the blame where it belongs; on those that have chosen to devote their time to causing grief upon others. No collection of 1 and 0's will ever be 110% secure, just as no alarm system on a house or car can be.

Reply Parent Score: 2