Linked by David Adams on Mon 6th Oct 2003 19:34 UTC
Bugs & Viruses It's an oft-repeated maxim that one of the reasons that Windows operating systems are plagued by so many viruses, worms, and security exploits is because they are so popular. Extrapolating on this, many have remarked that if Linux, MacOS, or other OSes become more popular, they will attract the attention of virus writers. That may be true, but the increased attention will not necessarily yield the same quantity of viruses and other exploits, says a Register article. Update: Rebuttal article.
Permalink for comment
To read all comments associated with this story, please click here.
Re: Marc Wilson
by Bascule on Mon 6th Oct 2003 21:54 UTC

"Exploitability in Windows lies primarily in the enormous home market, where Windows is most likely terribly configured from a security standpoint."

The above is an assertion contrary to reported facts. For example: SQLSlammer, U.S. Department of State, almost every corporate network using Windows at least once in the past year.


No, the above assertion is certainly correct, even if your interpretation of it is not. Compare the number of hosts infected by the Slammer worm to the number of home users compromised by other worms such as MSBlast and Welchia, neither of which are problems if DCOM has been disabled, but of course no home users are likely to have done that.

"A Windows machine configured with a proper security policy and user permissions is no more or less exploitable than a similar Linux system."

The above assertion is contrary to all reported evidence and does not present any evidence in support.


Please name a critical security feature that is present in the mainline Linux kernel which Windows is lacking.

It is incorrect to assume that the scrutiny level of Evolution code is less than that of Outlook code, or vice versa. After all, the only people looking at Outlook code are those working for MS.

It's not necessary to have access to the source in order to scruitinze a program for security vulnerabilities. The majority of IIS vulnerabilities have been discovered by eEye, who does not have access to the IIS source code.

"Read your mail with Pine? [snip] Why hasn't anyone written a mass mailing worm that exploits this Pine vulnerability? Possibly because no one cares enough... "

Possibly because it's already been fixed.

http://rhn.redhat.com/errata/RHSA-2003-273.html

Open source means that people at more than one company can analyze source code, test for vulnerabilities and fix them before they are exploited.


I can't believe the foolishness of this comment... the fact that a version of Pine which isn't affected by this security vulnerability exist means... that thousands of systems with a vulnerable copy of Pine installed are no longer vulnerable?

Patches were available for the vulnerabilities exploited by the Slammer worm, Welchia and MSBlast, Code Red, Nimda, etc. before any of these worms were in the wild. Yet these worms managed to propagate, but by your total lack of logic this simply shouldn't be, should it?