Linked by David Adams on Tue 22nd Jun 2010 16:14 UTC, submitted by sjvn
Privacy, Security, Encryption A Computerworld editorial takes note of some interesting changes Dell made to the Linux page we linked to last week. They watered down some of their pro-Linux claims, but not as far as you might think.
Permalink for comment 431211
To read all comments associated with this story, please click here.
RE[5]: From the article ...
by lemur2 on Wed 23rd Jun 2010 11:28 UTC in reply to "RE[4]: From the article ..."
lemur2
Member since:
2007-02-17

"For example, Google runs a million Linux servers, and Linux runs the London Stock Exchange.

Yet there exists very little malware which targets Linux, despite the high value of many of the target machines.


That says nothing about what value those websites are to malware writers. It's effort/profit that matters to them, not actual server value.

Malware writers are mostly criminals that want to make a few million and cash out. Trying to break into a Google farm or stock exchange is an extremely difficult and risky proposition.

When there are millions of Windows users that download random crap from p2p networks and keep updates off there is no contest when it comes to which target will provide the best effort/profit ratio.
"

Fair enough. There are thousands and thousands of times the number of active threats against Windows than against Linux, so that observation backs you up. Ok then, for once, strangely enough, we are agreed.

Windows users face more than 10^3 times the level of risk of malware from that factor alone.

Couple that with the increased risk through many Windows users running as root (say conservatively a 10^1 factor there), through Windows being a monoculture (and therefore attackers knowing that a certain set of software will be installed), through the routine practice of downloading and installing unsigned files from the Internet (say another 10^2 factor here), at least a 10^1 factor through the default expectation on Windows that no-one other than the author would normally know exactly what was in a package, so that packages cannot be vetted, and from the many other ways that the normal situation in using Windows is vastly more risky than in using Linux, and these compounded risk factors quickly mount up.

In their day-to-day use of the Internet, ordinary Windows users face at least 10^7 (ten million) times the risk of getting malware than the same users would face if they were running Linux.

This fact is self-evident, it is an absolute no-brainer.

Actual malware infection rates back this up to the hilt.

Edited 2010-06-23 11:28 UTC

Reply Parent Score: -3