Full Disclosure mailing list archives
Re: Linux (in)security (Was: Re: Re: No Subject)
From: Ron DuFresne <dufresne () winternet com>
Date: Thu, 23 Oct 2003 12:04:31 -0500 (CDT)
On Wed, 22 Oct 2003, Paul Schmehl wrote:
--On Wednesday, October 22, 2003 6:00 PM -0600 Bruce Ediger <eballen1 () qwest net> wrote:The real questions go something like: "Source code for Unix viruses has been available for years, from sources almost too numerous to mention. Why haven't Unix viruses become epidemic the way that Windows viruses have?"The usual argument is that Windows is more ubiquitous than Unix and is therefore the target of choice. I would argue that the *real* reason is that Windows is more ubiquitous as a *desktop* operating system and is therefore the target of choice. However, that's changing. Linux is gaining in the desktop space and so is Mac OS X, which is really "exposed" for the first time. By that I mean that previous Mac OSes weren't as easily attacked remotely because they used Appletalk rather than TCP/IP. (Yes, Macophiles, I know TCP/IP was available before OS X.) The real key to prevalence of malware, IMNSHO, is the ease of attack *and* the potential pool of victims. People think it's really stupid to "surf" the Internet using an administrator account on Windows. Well what do you think the neophyte Linux users are doing? I seriously doubt you'll find many that have a regular account and use su or sudo to do administrative tasks. They're bound to run in to something sooner or later that they find irritating (like being prompted for root's password every time they try to run up2date on RedHat) and they'll do the same thing they always do on a desktop system. They'll start logging in as root because they don't get "pestered" by all those warning messages and they can install software any time they want. (Mind you, Windows still has a long way to go in that regard. MS doesn't make it easy to run as an unprivileged user, that's for sure.)
I think the key there is the phrase "ease of attack". Combined with a poor patching stradgy on the part of the vendor who only bandaids the issues <how many outlook/IE problems have to muster in before the core issues are fixed? Hom many times must DCOM and/or RPC be attacked before the issue is fixed at the core of the problem? shatter bugs in key apps...> [SNIP] Thanks, Ron DuFresne ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Re: No Subject, (continued)
- Re: Re: No Subject Michal Zalewski (Oct 21)
- Re: Re: No Subject Paul Schmehl (Oct 21)
- Re: Re: No Subject Byron Copeland (Oct 21)
- Re: Re: No Subject Peter Busser (Oct 22)
- Linux (in)security (Was: Re: Re: No Subject) Peter Busser (Oct 22)
- Re: Linux (in)security (Was: Re: Re: No Subject) Bruce Ediger (Oct 22)
- Re: Linux (in)security (Was: Re: Re: No Subject) Darren Reed (Oct 22)
- Re: Linux (in)security (Was: Re: Re: No Subject) Gary Flynn (Oct 22)
- Re: Linux (in)security (Was: Re: Re: No Subject) Ron DuFresne (Oct 23)
- Re: Linux (in)security (Was: Re: Re: No Subject) Paul Schmehl (Oct 22)
- Re: Linux (in)security (Was: Re: Re: No Subject) Ron DuFresne (Oct 23)
- Re: Linux (in)security (Was: Re: Re: No Subject) George Capehart (Oct 23)