Linked by David Adams on Mon 6th Oct 2003 19:34 UTC
Bugs & Viruses It's an oft-repeated maxim that one of the reasons that Windows operating systems are plagued by so many viruses, worms, and security exploits is because they are so popular. Extrapolating on this, many have remarked that if Linux, MacOS, or other OSes become more popular, they will attract the attention of virus writers. That may be true, but the increased attention will not necessarily yield the same quantity of viruses and other exploits, says a Register article. Update: Rebuttal article.
Permalink for comment
To read all comments associated with this story, please click here.
Re: Re: Marc Wilson
by Mark Wilson on Tue 7th Oct 2003 03:50 UTC

Bascule wrote:

"Compare the number of hosts infected by the Slammer worm to the number of home users compromised by other worms such as MSBlast and Welchia, neither of which are problems if DCOM has been disabled, but of course no home users are likely to have done that."

You don't have anything to back up your arguments.

Now you're talking about the number of hosts vs. home users. Slammer disabled ATM machine networks, among other pernicious effects. Welchia is what hit the U.S. State Dept. And yes, MS does ship their product with security features turned off.

B: "Please name a critical security feature that is present in the mainline Linux kernel which Windows is lacking."

So you've acknowledged that you don't have any evidence to support your argument. I refer you to the article for a comparison of Windows and Linux security features. For example, from the article:

Article: "Even if the OS has been set up correctly, with an Administrator account and a non-privileged user account, things are still not copasetic. On a Windows system, programs installed by a non-Administrative user can still add DLLs and other system files that can be run at a level of permission that damages the system itself."

B: "It's not necessary to have access to the source in order to scruitinze a program for security vulnerabilities. The majority of IIS vulnerabilities have been discovered by eEye, who does not have access to the IIS source code."

It's better to have access to the source code than not. Your example proves my point that having more than one company's employees looking at source code makes it easier to find vulnerabilities before an exploit is developed. It's harder to find vulnerabilities before they are exploited if you don't have access to the source.

"I can't believe the foolishness of this comment... the fact that a version of Pine which isn't affected by this security vulnerability exist means... that thousands of systems with a vulnerable copy of Pine installed are no longer vulnerable?"

I can't believe the foolishness of your comment. You seem to like to create "straw man" arguments by misconstruing what my words said and then argue against that (without facts). If a program has a security flaw, discovered by whatever means, then it should be fixed. No one, least of all me, has ever argued that a particular piece of software is definitely 100% secure now. Stating this truth does not, however, lead to the conclusion that security is impossible and that all OSs are equally vulnerable. But I think you know that already because I doubt that your persistence in advancing silly arguments is based on your being stupid.

"Patches were available for the vulnerabilities exploited by the Slammer worm, Welchia and MSBlast, Code Red, Nimda, etc. before any of these worms were in the wild. Yet these worms managed to propagate, but by your total lack of logic this simply shouldn't be, should it?"

Thank you for the recitation of several of the more costly MS viruses and worms. As has been widely reported, including today, MS patches frequently reopen old security holes and create new ones; MS patches are difficult to install, particularly over a network; MS patches have a history of crashing systems (until the 1.1 release of the patch); etc. Even MS has admitted that their patching approach doesn't work.


Mark Wilson