So where's all the Linux viruses? - Linux

This is a discussion on So where's all the Linux viruses? - Linux ; After takin' a swig o' grog, Erik Funkenbusch belched out this bit o' wisdom: > On Tue, 14 Oct 2008 20:26:09 -0400, Chris Ahlstrom wrote: > >> After takin' a swig o' grog, The Ghost In The Machine belched out ...

+ Reply to Thread
Page 7 of 8 FirstFirst ... 5 6 7 8 LastLast
Results 121 to 140 of 150

Thread: So where's all the Linux viruses?

  1. Re: So where's all the Linux viruses?

    After takin' a swig o' grog, Erik Funkenbusch belched out
    this bit o' wisdom:

    > On Tue, 14 Oct 2008 20:26:09 -0400, Chris Ahlstrom wrote:
    >
    >> After takin' a swig o' grog, The Ghost In The Machine belched out
    >> this bit o' wisdom:
    >>
    >>>> Yes the mechanisms are in place and Linux being built on the Unix model,
    >>>> technically, should be secure.
    >>>
    >>> No, the mechanisms are *not* in place; the above link proves it.
    >>> Otherwise, why are Apache servers being compromised more than 4 times
    >>> more than IIS ones?

    >>
    >> Uh, because they're more useful?
    >>
    >> http://computerworld.co.nz/news.nsf/...25736A000E4723
    >>
    >> Capabilities like this make Linux machines highly coveted by online
    >> attackers, and they fetch a premium in the underground marketplace
    >> for compromised machines, Amit said.

    >
    > So, in other words, by your own admission, should an attacker find it
    > useful to attach Linux, then they succeed at a high rate.


    Actually, no, Erik.

    You see, your favorite site, zone-h, only shows, as far as I can tell,
    the percentage of defacements for Linux, Windows, etc. -- as a
    proportion of total defacements.

    It says nothing about how many sites (Linux, Windows, or otherwise) were
    /unsuccessfully/ attacked.

    It could be that there are *massively* more attempts to hack Linux
    sites. I doubt it, but the point is, one does not know just how many
    instances of finding it "useful to attack Linux" there are..

    > Sounds a lot like the "If Linux were as popular a target as windows, it
    > would be compromised as often as windows" argument.


    Not at all. It sounds a lot like "Linux is a more powerful platform
    from which to launch our attacks".

    The trouble with these stats is that they make statements of this form:

    Given that there are 58% Linux web servers and 34% Windows web servers, and
    assuming they are attacked at the same rate, and that all instances
    of success are reported to our site, then Linux web servers are
    compromised 69% of the time, and Windows web servers are compromised
    22% of the time.

    In the above, Linux (Apache + Google) does appear to lose out in the
    "defacement" security metric, even after correcting for server
    prevalence. But we don't know that they are attacked at the same rate,
    nor reported with the same diligence. Maybe you get much bigger
    bragger rights (or a bigger sale in the black market) if you manage to
    crack a Linux box.

    You are getting your statistics via a self-selecting sample. A recipe
    for bias.

    --
    Just to expand on what Ross said, it is undoubtedly too much to expect
    of any distribution that it automatically detect whether or not the
    person installing it can read simple English directions, and if he
    can't, proceed without his input. That way lies madness.
    -- Shawn McMahon on debian-curiosa@l.d.o

  2. Re: So where's all the Linux viruses?

    On Wed, 15 Oct 2008 12:46:37 -0400, Chris Ahlstrom wrote:

    >>> Uh, because they're more useful?
    >>>
    >>> http://computerworld.co.nz/news.nsf/...25736A000E4723
    >>>
    >>> Capabilities like this make Linux machines highly coveted by online
    >>> attackers, and they fetch a premium in the underground marketplace
    >>> for compromised machines, Amit said.

    >>
    >> So, in other words, by your own admission, should an attacker find it
    >> useful to attach Linux, then they succeed at a high rate.

    >
    > Actually, no, Erik.


    Actually, yes.

    > You see, your favorite site, zone-h, only shows, as far as I can tell,
    > the percentage of defacements for Linux, Windows, etc. -- as a
    > proportion of total defacements.
    >
    > It says nothing about how many sites (Linux, Windows, or otherwise) were
    > /unsuccessfully/ attacked.


    Ok.

    > It could be that there are *massively* more attempts to hack Linux
    > sites. I doubt it, but the point is, one does not know just how many
    > instances of finding it "useful to attack Linux" there are..


    You keep stumbling on understanding this point.

    Windows advocates say that Windows is the target of choice for malware
    authors because it is the most popular platform. Linux advocates claim
    it's because it's more vulnerable.

    Yet when Linux is the target of choice, you somehow conveniently have a
    mental disconnect that this is exactly the same scenario. More attackes =
    more compromises, and more attacks occur because it's more popular.

    It's the same argument, yet when it applies to Linux, you somehow write it
    off.

    >> Sounds a lot like the "If Linux were as popular a target as windows, it
    >> would be compromised as often as windows" argument.

    >
    > Not at all. It sounds a lot like "Linux is a more powerful platform
    > from which to launch our attacks".


    Which, if true, would make it more popular, and thus more prone to
    compromise. Duh. How can you not understand that simple logic?

  3. Re: So where's all the Linux viruses?

    On Wed, 15 Oct 2008 21:09:42 -0400, Erik Funkenbusch wrote:

    > On Wed, 15 Oct 2008 12:46:37 -0400, Chris Ahlstrom wrote:
    >
    >>>> Uh, because they're more useful?
    >>>>
    >>>> http://computerworld.co.nz/news.nsf/...25736A000E4723
    >>>>
    >>>> Capabilities like this make Linux machines highly coveted by online
    >>>> attackers, and they fetch a premium in the underground marketplace
    >>>> for compromised machines, Amit said.
    >>>
    >>> So, in other words, by your own admission, should an attacker find it
    >>> useful to attach Linux, then they succeed at a high rate.

    >>
    >> Actually, no, Erik.

    >
    > Actually, yes.
    >
    >> You see, your favorite site, zone-h, only shows, as far as I can tell,
    >> the percentage of defacements for Linux, Windows, etc. -- as a
    >> proportion of total defacements.
    >>
    >> It says nothing about how many sites (Linux, Windows, or otherwise) were
    >> /unsuccessfully/ attacked.

    >
    > Ok.
    >
    >> It could be that there are *massively* more attempts to hack Linux
    >> sites. I doubt it, but the point is, one does not know just how many
    >> instances of finding it "useful to attack Linux" there are..

    >
    > You keep stumbling on understanding this point.
    >
    > Windows advocates say that Windows is the target of choice for malware
    > authors because it is the most popular platform. Linux advocates claim
    > it's because it's more vulnerable.
    >
    > Yet when Linux is the target of choice, you somehow conveniently have a
    > mental disconnect that this is exactly the same scenario. More attackes =
    > more compromises, and more attacks occur because it's more popular.
    >
    > It's the same argument, yet when it applies to Linux, you somehow write it
    > off.
    >
    >>> Sounds a lot like the "If Linux were as popular a target as windows, it
    >>> would be compromised as often as windows" argument.

    >>
    >> Not at all. It sounds a lot like "Linux is a more powerful platform
    >> from which to launch our attacks".

    >
    > Which, if true, would make it more popular, and thus more prone to
    > compromise. Duh. How can you not understand that simple logic?


    Get ready for LiarMutt to throw a hissy fit, kill file you and run away.

    Why?

    You are dicing and slicing him like an army of Ginsu Knives.....

    --
    Moshe Goldfarb
    Collector of soaps from around the globe.
    Please visit The Hall of Linux Idiots:
    http://linuxidiots.blogspot.com/
    Please Visit www.linsux.org

  4. Re: So where's all the Linux viruses?

    Erik Funkenbusch writes:

    > On Wed, 15 Oct 2008 12:46:37 -0400, Chris Ahlstrom wrote:
    >
    >>>> Uh, because they're more useful?
    >>>>
    >>>> http://computerworld.co.nz/news.nsf/...25736A000E4723
    >>>>
    >>>> Capabilities like this make Linux machines highly coveted by online
    >>>> attackers, and they fetch a premium in the underground marketplace
    >>>> for compromised machines, Amit said.
    >>>
    >>> So, in other words, by your own admission, should an attacker find it
    >>> useful to attach Linux, then they succeed at a high rate.

    >>
    >> Actually, no, Erik.

    >
    > Actually, yes.
    >
    >> You see, your favorite site, zone-h, only shows, as far as I can tell,
    >> the percentage of defacements for Linux, Windows, etc. -- as a
    >> proportion of total defacements.
    >>
    >> It says nothing about how many sites (Linux, Windows, or otherwise) were
    >> /unsuccessfully/ attacked.

    >
    > Ok.
    >
    >> It could be that there are *massively* more attempts to hack Linux
    >> sites. I doubt it, but the point is, one does not know just how many
    >> instances of finding it "useful to attack Linux" there are..

    >
    > You keep stumbling on understanding this point.
    >
    > Windows advocates say that Windows is the target of choice for malware
    > authors because it is the most popular platform. Linux advocates claim
    > it's because it's more vulnerable.
    >
    > Yet when Linux is the target of choice, you somehow conveniently have a
    > mental disconnect that this is exactly the same scenario. More attackes =
    > more compromises, and more attacks occur because it's more popular.
    >
    > It's the same argument, yet when it applies to Linux, you somehow write it
    > off.
    >
    >>> Sounds a lot like the "If Linux were as popular a target as windows, it
    >>> would be compromised as often as windows" argument.

    >>
    >> Not at all. It sounds a lot like "Linux is a more powerful platform
    >> from which to launch our attacks".

    >
    > Which, if true, would make it more popular, and thus more prone to
    > compromise. Duh. How can you not understand that simple logic?


    Please read the "from" header. All will become clear.

    --
    "Don't like Linux.. don't use it. Simple."
    -- Rick in comp.os.linux.advocacy, alt.os.windows-xp

  5. Re: So where's all the Linux viruses?

    Identity wrote:
    > High Plains Thumper wrote:
    >
    >
    >
    > I see the reality for you now. Why you are no more than a High
    > Plains *Bitch*. And if you think I am reading your *bitch* and
    > whine, you have got another thing coming.


    This type childish vulgar talk is an example of:

    http://www.hyphenologist.co.uk/killf..._troll_faq.htm

    Subject: 3.4 The nasty Troll

    If anyone does anything which will interfere with the troll's
    ability to cause mayhem, they can become very nasty, posting from
    obviously incorrect variations of the name etc. insults, call
    them netcops, netnannies, homosexuals.
    also

    http://www.faqs.org/faqs/linux/advocacy/faq-and-primer/

    7.6 Trespasser Disinformation Tactics [...]

    [3.] Put your opponent off guard by insulting him. The
    liberal use of profanity and vulgarisms can be very effective,
    particularly when used against you more dignified opponents. Your
    experience as a school yard bully can be handy here.

    [... and]

    34. Use of false identities. Create throw away identities to
    enter the newsgroup to spread discord and after a few days or
    weeks, stop using that identity. If you are losing an argument
    create a new identity to support the position of your main
    identity. If things are getting slow, create a few identities
    counter to your primary identity. Start a n-on-1 argument with
    your primary identity being outnumbered. Then have each of your
    new identities be convinced by your primary identity to the error
    of their ways.


    --
    HPT
    Quando omni flunkus moritati
    (If all else fails, play dead)
    - "Red" Green

  6. Re: So where's all the Linux viruses?

    High Plains Thumper wrote:



    You want to keep running your mouth talk to me Thumpy about the Vista
    kernel.





    Address Space Load Randomization

    Despite measures like Data Execution Prevention and enhanced compiler
    error checking, malware authors continue to find buffer overflow
    vulnerabilities that allow them to infect network-facing processes like
    Internet Explorer®, Windows services, and third-party applications to
    gain a foothold on a system. Once they have managed to infect a process,
    however, they must use Windows APIs to accomplish their ultimate goal of
    reading user data or establishing a permanent presence by modifying user
    or system configuration settings.

    Connecting an application with API entry points exported by DLLs is
    something usually handled by the operating system loader, but these
    types of malware infection don't get the benefit of the loader's
    services. This hasn't posed a problem for malware on previous versions
    of Windows because for any given Windows release, system executable
    images and DLLs always load at the same location, allowing malware to
    assume that APIs reside at fixed addresses.

    The Windows Vista Address Space Load Randomization (ASLR) feature makes
    it impossible for malware to know where APIs are located by loading
    system DLLs and executables at a different location every time the
    system boots. Early in the boot process, the Memory Manager picks a
    random DLL image-load bias from one of 256 64KB-aligned addresses in the
    16MB region at the top of the user-mode address space. As DLLs that have
    the new dynamic-relocation flag in their image header load into a
    process, the Memory Manager packs them into memory starting at the
    image-load bias address and working its way down.

    Executables that have the flag set get a similar treatment, loading at a
    random 64KB-aligned point within 16MB of the base load address stored in
    their image header. Further, if a given DLL or executable loads again
    after being unloaded by all the processes using it, the Memory Manager
    reselects a random location at which to load it. Figure 7 shows an
    example address-space layout for a 32-bit Windows Vista system,
    including the areas from which ASLR picks the image-load bias and
    executable load address


  7. Re: So where's all the Linux viruses?

    After takin' a swig o' grog, Erik Funkenbusch belched out
    this bit o' wisdom:

    > On Wed, 15 Oct 2008 12:46:37 -0400, Chris Ahlstrom wrote:
    >
    >> It could be that there are *massively* more attempts to hack Linux
    >> sites. I doubt it, but the point is, one does not know just how many
    >> instances of finding it "useful to attack Linux" there are..

    >
    > You keep stumbling on understanding this point.
    >
    > Windows advocates say that Windows is the target of choice for malware
    > authors because it is the most popular platform. Linux advocates claim
    > it's because it's more vulnerable.
    >
    > Yet when Linux is the target of choice, you somehow conveniently have a
    > mental disconnect that this is exactly the same scenario. More attackes =
    > more compromises, and more attacks occur because it's more popular.


    You're confusing attacks on the client side with attacks on the server
    side.

    > It's the same argument, yet when it applies to Linux, you somehow write it
    > off.


    It's not the same argument. On the client side, Windows is a gaping
    festering sore. On the server side, Windows (IIS) is much better, and,
    at least in the context of zone-h, even a bit better than Linux
    (Apache).

    >>> Sounds a lot like the "If Linux were as popular a target as windows, it
    >>> would be compromised as often as windows" argument.

    >>
    >> Not at all. It sounds a lot like "Linux is a more powerful platform
    >> from which to launch our attacks".

    >
    > Which, if true, would make it more popular, and thus more prone to
    > compromise. Duh. How can you not understand that simple logic?


    Because, Erik, I am not eager to pursue an agenda that goes counter to
    observation. As I noted, there's a bit of nuance (heh heh) that
    differentiates the client side from the server side.

    Which do you think is easier to recruite: thousands of GNU/Linux or
    Windows clients, or a few GNU/Linux or Windows servers? Which ones give
    you the most bank for your cracking buck?

    --
    You're using a keyboard! How quaint!

  8. Re: So where's all the Linux viruses?

    Identity wrote:
    > High Plains Thumper wrote:
    >
    >
    >
    > You want to keep running your mouth talk to me Thumpy about
    > the Vista kernel.
    >
    >
    >
    >
    >
    >
    > Address Space Load Randomization
    >
    > [snip]
    >
    > The Windows Vista Address Space Load Randomization (ASLR)
    > feature makes it impossible for malware to know where APIs are
    > located by loading system DLLs and executables at a different
    > location every time the system boots. Early in the boot
    > process, the Memory Manager picks a random DLL image-load bias
    > from one of 256 64KB-aligned addresses in the 16MB region at
    > the top of the user-mode address space. As DLLs that have the
    > new dynamic-relocation flag in their image header load into a
    > process, the Memory Manager packs them into memory starting
    > at the image-load bias address and working its way down.


    Oh, yeah ....

    http://www.computerworld.com.au/inde...0;fp;16;fpid;1

    Vista laid low by new malware figures
    27 percent of PCs running Vista compromised by at least one piece
    of malware
    John E. Dunn (Techworld.com) 20/05/2008 07:15:10

    It looks as if Vista's reputation for improved security could be
    heading for the pages of history. PC Tools has renewed last
    week's attack on the platform with new figures that appear to
    back up its claim that Vista is almost as vulnerable as its
    predecessors.

    According to analysis from the Australian company's ThreatFire
    user base, 58,000 PCs running Vista were compromised by at least
    one piece of malware over the six months to May 2008, equivalent
    to 27 percent of all Vista machines probed. Vista made up 12.6
    percent, or 190,692, of the 1,513,502 machines running Windows in
    the user base.

    In total, Vista suffered 121,380 instances of malware from its
    190,000 user base, a rate of malware detection per system is
    proportionally lower than that of XP, which saw 1,319,144 malware
    infections from a user base of 1,297,828 machines, but it
    indicates a problem that is worse than Microsoft has been
    admitting to.
    Oh yeah. OTOH:

    http://www.theregister.co.uk/2008/03...left_standing/

    Only Ubuntu left standing, as Flash vuln fells Vista in Pwn2Own
    hacking contest

    Contestant overcomes bout of 'hacktile dysfunction'
    By Dan Goodin in Vancouver → More by this author
    Published Saturday 29th March 2008 21:27 GMT

    CanSecWest A laptop running a fully patched version of
    Microsoft's Vista operating system was the second and final
    machine to fall in a hacking contest that pitted the security of
    Windows, OS X and Ubuntu Linux. With both a Windows and Mac
    machine felled, only the Linux box remained standing following
    the three-day competition.
    OSX and Vista pwned by Ubuntu! Debian security unsurpassed.

    --
    HPT
    Quando omni flunkus moritati
    (If all else fails, play dead)
    - "Red" Green

  9. Re: So where's all the Linux viruses?

    Chris Ahlstrom wrote:
    >
    > Didn't I do you already? You should wait for it.
    >


    OMG SELF NUKE BWAHAHAHAHAH


  10. Re: So where's all the Linux viruses?

    On Fri, 17 Oct 2008 22:34:16 +0000 (UTC), owl wrote:

    > Chris Ahlstrom wrote:
    >>
    >> Didn't I do you already? You should wait for it.
    >>

    >
    > OMG SELF NUKE BWAHAHAHAHAH


    I told you it's the COLA gangbang.
    You need a score card to keep track of the romances around here.

    One thing is for certain, William Poaster seems to always be last at the
    gangbang.

    --
    Moshe Goldfarb
    Collector of soaps from around the globe.
    Please visit The Hall of Linux Idiots:
    http://linuxidiots.blogspot.com/
    Please Visit www.linsux.org

  11. Re: So where's all the Linux viruses?

    After takin' a swig o' grog, owl belched out
    this bit o' wisdom:

    > Chris Ahlstrom wrote:
    >>
    >> Didn't I do you already? You should wait for it.

    >
    > OMG SELF NUKE BWAHAHAHAHAH


    Either way, I take it in the shorts because that "Bee" jerk is posting
    under /my/ name.

    --
    I'm all for computer dating, but I wouldn't want one to marry my sister.

  12. Re: So where's all the Linux viruses?

    Chris Ahlstrom wrote:
    > After takin' a swig o' grog, owl belched out
    > this bit o' wisdom:
    >
    >> Chris Ahlstrom wrote:
    >>>
    >>> Didn't I do you already? You should wait for it.

    >>
    >> OMG SELF NUKE BWAHAHAHAHAH

    >
    > Either way, I take it in the shorts because that "Bee" jerk is posting
    > under /my/ name.
    >


    not to worry. wintard's not fooling anybody.


  13. Re: So where's all the Linux viruses?

    owl wrote:
    > Chris Ahlstrom wrote:
    >> After takin' a swig o' grog, owl belched out
    >> this bit o' wisdom:
    >>
    >>> Chris Ahlstrom wrote:
    >>>> Didn't I do you already? You should wait for it.
    >>> OMG SELF NUKE BWAHAHAHAHAH

    >> Either way, I take it in the shorts because that "Bee" jerk is posting
    >> under /my/ name.
    >>

    >
    > not to worry. wintard's not fooling anybody.
    >


    Just another Linux-pimp

  14. Re: So where's all the Linux viruses?

    Chris Ahlstrom wrote:
    > After takin' a swig o' grog, owl belched out
    > this bit o' wisdom:
    >
    >> Chris Ahlstrom wrote:
    >>> Didn't I do you already? You should wait for it.

    >> OMG SELF NUKE BWAHAHAHAHAH

    >
    > Either way, I take it in the shorts because that "Bee" jerk is posting
    > under /my/ name.
    >


    Fool, it was just in passing. You needed a steel toed boot in John Brown
    behind parts.

  15. Re: So where's all the Linux viruses?

    owl wrote:
    > Chris Ahlstrom wrote:
    >> Didn't I do you already? You should wait for it.
    >>

    >
    > OMG SELF NUKE BWAHAHAHAHAH
    >


    I got a little owl out of the barn on the chase. :-P

  16. Re: So where's all the Linux viruses?

    In article ,
    chrisv wrote:

    > Megadave wrote:
    >
    > > Keep your crap over in your ghetto, Petey... no one wants your **** in
    > > CSMA here.

    >
    > Keep your Sn^Hhit in your "ghetto", Mac-tard.


    Shut the **** up, Needledick the Bug****er... I want **** from you I'll
    squeeze your head...
    --
    Blinky the Shark is a putz, but he's right about one thing:
    http://improve-usenet.org/

  17. Re: So where's all the Linux viruses?

    On Mon, 13 Oct 2008 13:16:15 +0000, Firey Bird wrote:

    > Why aren't there many Linux viruses? Some people claim it's because
    > Linux is a "small target". There aren't nearly as many Linux boxes as
    > there are Windows machines, so the virus writers go for the bigger
    > target. If the number of Linux machines increased substantially, so
    > this wisdom goes, the number of Linux viruses would very quickly rise as
    > the virus writers homed in on the next big thing.


    this is the oft-whimpered line, yes.

    > That's a load of old cobblers, say I.


    And yes, it is, although "a load of old cobblers" is probably overly
    polite.


    One might note that even if we agree Linux is not all that popular as a
    desktop OS, it is still in wide use in cell phones, PDAs and suchlike -
    devices which do, in fact, get their fair share of malware. Add to this
    the servers and desktops - even while ignoring the number of devices
    where Linux is used but comparatively immune due to lack of connectivity,
    as in many embedded systems - and it may not _equal_ the number of
    Windows installs, but it's hardly 100:1, either, as even just Ubuntu's
    download numbers argue.

    What the Wintrolls never seem to grasp is that Windows is a monoculture.
    There are a paltry few 64-bit Windows installs out there, but all in all,
    Windows means one kernel, running on one CPU, with one security model,
    one built-in browser, etc, etc, etc; or, if you prefer to phrase it this
    way, an exploit crafted for _a_ Windows box is almost certain to be
    applicable to the vast majority of Windows boxen, as long as it is based
    around common components such as IE, WMP, OE and so forth.

    Linux has no such commonalities. Sure, FireFox is popular, but so are
    Konqueror and a number of other options. Sure, Evolution is popular, but
    so are KMail and a number of other options. Sure, 2.6.x is popular, but
    so is 2.4. Sure, the default security tools are popular, but so are
    things such as SELinux. And so on and so forth.

    A diverse "bioculture" provides many more opportunities to recognize,
    prevent and cure an invading disease; a monoculture allows any disease
    which can infect it to run rampant through its population.

    It's really as simple as that: Windows makes a vastly _easier_ target for
    compromising; as a result, it gets compromised more often and more
    dramatically.


  18. Re: So where's all the Linux viruses?

    [snips]

    On Mon, 13 Oct 2008 19:52:11 -0700, The Ghost In The Machine wrote:

    >> If you step into a Vista NG, you see hardly any posts about malware
    >> issues. But again, like I said, nothing is bullet proof, not even
    >> Linux.

    >
    > Vista is. ;-) Especially when paired with good AV and a NAT router,


    I'm sorry, I must have missed something. The argument, as I read it, is
    that Linux users are just as vulnerable to malware as Vista users. Let's
    see if this is, in fact, the case.

    My Linux boxen do not run AV. Nor do they care if they have a NAT
    router. Thus to be "as vulnerable", we'd have to compare apples and
    apples - Vista, with no AV, anti-spyware, anti-hijack or other tools, no
    NAT router, no additional protection of any sort whatsoever, that being
    the equivalent to a commonplace Linux desktop box.

    No, not even Vista's built-in firewall; a default Ubuntu install, for
    example, has no firewall, so again, let's compare equivalents: disable
    the Vista firewall.

    Oh, and of course, Linux has no UAC, so we'd best disable that, too.

    Once you compare Vista and Linux in _equivalent_ settings, you'll soon
    discover that while neither are _immune_ to attack, Vista is considerably
    less immune.

    It is only when you add on the hand-holding - the firewall, the UAC, the
    NAT router, the AV, the anti-spyware, etc, etc, etc, that Vista even
    begins to approach the safety of Linux... and this ignores the little
    detail that Linux has a lot of additional security tools which can be
    enabled as well: firewalls and SELinux and anti-intrusion tools and so
    forth.

    Yes, one can add armour to a pinto and make it resistant to gunfire; this
    doesn't mean it is sensible to compare it to a tank, particularly while
    ignoring the fact the tank, as well, can have additional armour and other
    defences added.


  19. Re: So where's all the Linux viruses?

    On Tue, 14 Oct 2008 19:00:21 -0700, COLA Loon's Nick-list Keeper wrote:

    > On Oct 14, 8:31Â*pm, Identity wrote:
    >>
    >> You people are *clowns*. I never knew that a dial-up connection could
    >> be so powerful. You know, I could easily get an access number in
    >> Mississippi.

    >
    > Who you think yer crappin? You've got dialup because you can't afford
    > anything faster. You have to kite a check for cash at the gas station
    > and run to the bank on payday to cover it, remember?
    >
    >> 24hrs huh? I expect the loony-ness in that NG to happen. But this
    >> ****ing cesspool called Amityville.Linux.Advocacy is just below it and
    >> not by much.

    >
    > You're at the bottom of the cesspool's drain, slurping up the thick
    > stuff, bozo. You love it here.
    >
    >> I may look and see if this one NNTP service that didn't work with
    >> Vista, because it's software was not Vista compliant may be Vista
    >> compliant. They were working on it. And no one could track on headers.
    >> There is nothing to key on, just to **** with this NG and the regulars
    >> in it. :-P

    >
    > They'll know you: your lack of style is easily identified.


    An NNTP service which isn't "Vista compliant"? Now that's rich.


  20. Re: So where's all the Linux viruses?

    [snips]

    On Mon, 13 Oct 2008 20:30:43 -0700, The Ghost In The Machine wrote:

    > Absolutely correct. For starters, many Web servers are required (by
    > HTTP 1.1, aka RFC2046) to implement the Host: header, which allows for
    > some very creative web structures -- and of course the service of
    > thousands of light-duty webhosts from a single server farm, presumably
    > such as GoDaddy's.
    >
    > This is an OS-agnostic issue; I would be very surprised if IIS did not
    > have a virtual hosts capability.


    It does, and has had for as long as I can recall - at least as far back
    as 2000.

    > So is Linux more secure? An interesting question.


    Not really. These folks persist in confusing "more secure" with
    "absolutely secure". Did site X get defaced? Good for it. Did 100
    other sites get defaced? Good for them. To be meaningful, though, we
    need to know how many servers (not sites) there actually are on each
    side, how many got compromised on each side, and how many of those were
    due to improper administration - as *no* OS is going to survive an
    incompetent admin who manages to open umpteen security risks and/or
    disabling extant security tools.

    Server-side, one would hope most folks are competent. Desktop-side,
    however, one can generally assume the user is *not* a competent sysadmin,
    but rather simply a user. This makes for a more interesting comparison.

    Comparing those, the simplest question one might ask is, "does your OS
    require all sorts of hand-holding, such as AV apps and the like, or can
    it actually survive, facing the world, without such things - and without
    even a firewall?"

    Linux certainly can. Can Vista? Disable the firewall, the AV, the UAC,
    etc, etc, etc, put it on an equal footing and put it on the net with a
    public IP. How long will it live? As long as a default Ubuntu setup
    would?

    I rather doubt it. It relies on the band-aids, the UAC, the AV, the
    firewall, instead of relying on a solid design and sensible approach to
    what is active and exposed. Linux goes exactly the opposite way,
    assuming if you need a band-aid, you should fix the underlying problem
    instead.

    Neither is perfect, but the entire methodology of one is completely out
    to lunch, and has been since its inception.


+ Reply to Thread
Page 7 of 8 FirstFirst ... 5 6 7 8 LastLast