[extropy-chat] SPAM: more news

Brent Neal brentn at freeshell.org
Mon Feb 16 20:59:12 UTC 2004

 (2/16/04 11:36) Russell Evermore <nanowave at shaw.ca> wrote:

>But here's the thing. Why do I keep getting stuck on the notion that
>IE and Outlook Express may simply "appear" more vulnerable because a
>gajillon seething, anti-Microsoft, Gates bashing,
>jealous-of-the-fact-a-geeky-nerd-actually-made-it-big, vandal
>mentality hackers keep relentlessly attacking these products?

If anything, the reason why IE and OE are relentless attacked is because they have -easily- exploited bugs, thus the barrier to entry for the crackers and virus writers is low, and more of them can play the game. To characterize the work of Nimda, SoBig, MyDoom, et al. as the work of "elite, MS-hating, Linux aficionados" is neither supported by the known facts of the cases nor does make sense considering the relatively poor engineering of the viruses themselves.

In small words: It doesn't take a genius to exploit MS's flaws, therefore a whole lot of people who aren't geniuses are doing so. Statistically, the odds are on their side. Infinite monkeys, yadda yadda.

>Yes I will switch, I'll switch dammit, but may my new platforms never
>become overly popular, and may the creators of these products all look
>like Mel Gibson and Tom Cruise, and may everyone else keep on using
>Microsoft to keep this ugly hoard of orks otherwise occupied.

That's bad logic, as Bruce Schneier has pointed out. While there are certainly more -desktop- systems that run Windows, there are more servers, with more valuable information on them, that run a Unix variant of some sort.  The payoff for cracking them is higher, so we should expect that more effort would be expended on those OSes than would otherwise be expected on the basis of installed base. Yet we still see more cracks on Windows boxen than Unix boxen. The appropriate conclusion to draw is that most Unix installs, either by design, by skill in administration, or even pure blind luck, are more secure than most Windows installs. 

For more information, see Schneier's book _Secrets and Lies_, paying attention to Chapter 8.

Brent Neal
Geek of all Trades

"Specialization is for insects" -- Robert A. Heinlein

More information about the extropy-chat mailing list