[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Linux (in)security (Was: Re: [Full-Disclosure] Re: No Subject)

To: Paul Schmehl <pauls@utdallas.edu>
Subject: Re: Linux (in)security (Was: Re: [Full-Disclosure] Re: No Subject)
From: Ron DuFresne <dufresne@winternet.com>
Date: Thu, 23 Oct 2003 12:04:31 -0500 (CDT)

On Wed, 22 Oct 2003, Paul Schmehl wrote:

> --On Wednesday, October 22, 2003 6:00 PM -0600 Bruce Ediger
> <eballen1@qwest.net> wrote:
> >
> > The real questions go something like:
> >
> > "Source code for Unix viruses has been available for years, from sources
> > almost too numerous to mention.  Why haven't Unix viruses become epidemic
> > the way that Windows viruses have?"
> >
> The usual argument is that Windows is more ubiquitous than Unix and is
> therefore the target of choice.  I would argue that the *real* reason is
> that Windows is more ubiquitous as a *desktop* operating system and is
> therefore the target of choice.  However, that's changing.  Linux is
> gaining in the desktop space and so is Mac OS X, which is really "exposed"
> for the first time.  By that I mean that previous Mac OSes weren't as
> easily attacked remotely because they used Appletalk rather than TCP/IP.
> (Yes, Macophiles, I know TCP/IP was available before OS X.)
>
> The real key to prevalence of malware, IMNSHO, is the ease of attack *and*
> the potential pool of victims.  People think it's really stupid to "surf"
> the Internet using an administrator account on Windows.  Well what do you
> think the neophyte Linux users are doing?  I seriously doubt you'll find
> many that have a regular account and use su or sudo to do administrative
> tasks.  They're bound to run in to something sooner or later that they find
> irritating (like being prompted for root's password every time they try to
> run up2date on RedHat) and they'll do the same thing they always do on a
> desktop system.  They'll start logging in as root because they don't get
> "pestered" by all those warning messages and they can install software any
> time they want.  (Mind you, Windows still has a long way to go in that
> regard.  MS doesn't make it easy to run as an unprivileged user, that's for
> sure.)

I think the key there is the phrase "ease of attack".  Combined with a
poor patching stradgy on the part of the vendor who only bandaids the
issues <how many outlook/IE problems have to muster in before the core
issues are fixed?  Hom many times must DCOM and/or RPC be attacked before
the issue is fixed at the core of the problem?  shatter bugs in key
apps...>


        [SNIP]

Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: Linux (in)security (Was: Re: [Full-Disclosure] Re: No Subject)
  - From: Paul Schmehl <pauls@utdallas.edu>

Prev by Date: [Full-Disclosure] Shatter XP
Next by Date: Re: [Full-Disclosure] RE: Linux (in)security
Previous by thread: Re: Linux (in)security (Was: Re: [Full-Disclosure] Re: No Subject)
Next by thread: Re: Linux (in)security (Was: Re: [Full-Disclosure] Re: No Subject)
Index(es):
- Date
- Thread