Linked by Thom Holwerda on Wed 15th Apr 2009 09:54 UTC
Bugs & Viruses Whenever the Conficker worm comes up here on OSNews (or any other site for that matter) there are always a number of people who point their fingers towards Redmond, stating that it's their fault Conifcker got out. While Microsoft has had some pretty lax responses to security threats in the past, it handled the whole Conficker thing perfectly, releasing a patch even before Conficker existed, and pushing it through Windows Update. In any case, this made me wonder about Linux distributions and security. What if a big security hole pops up in a Linux distribution - who will the Redmond-finger-pointing people hold responsible?
E-mail Print r 1   · Read More · 71 Comment(s)
Thread beginning with comment 358633
To read all comments associated with this story, please click here.
I blame Microsoft
by averycfay on Wed 15th Apr 2009 11:04 UTC
Member since:

If you can blame "Microsoft" for the Conficker worm, then who do you blame when it comes to a Linux distribution?

First, here's why I blame Microsoft:

The vulnerability was in the RPC server service. This is a service that's completely unneeded for 99% of computers running windows. Why is it enabled by default? That's retarded.

If the default was off, then conficker would barely be a blip on the internet radar especially since computers that actually use the server service are usually administers by semi-competent admins--not home users that have never installed a security update.

So, what if this were a linux vulnerability?

I don't know. For a long time now, the default settings for almost any linux distribution is to not have anything listening on the network (except ssh, which they *should* change... enabling ssh if you need it isn't that hard).

Reply Score: 11

RE: I blame Microsoft - mandriva blocks it
by jabbotts on Wed 15th Apr 2009 13:25 in reply to "I blame Microsoft"
jabbotts Member since:

Mandriva installs with the network closed down and a friendly GUI to allow SSH or other common network services. Other distros are different though. Debian Stable installs with the network wide open but it's expecting more of a server install. Ubuntu has it's network defaults though I'm not as familiar with the distro.

Reply Parent Score: 2