Lists Home |
Date Index |
- To: firstname.lastname@example.org
- Subject: [OT] Security (Re: [xml-dev] Managing Innovation)
- From: Joe English <email@example.com>
- Date: Wed, 01 Oct 2003 09:01:24 -0700
- In-reply-to: <830178CE7378FC40BC6F1DDADCFDD1D1CEBC0B@RED-MSG-31.redmond.corp.microsoft.com>
- References: <830178CE7378FC40BC6F1DDADCFDD1D1CEBC0B@RED-MSG-31.redmond.corp.microsoft.com>
Dare Obasanjo wrote:
> > From: Joe English
> > True, Unix has had a fairly good track record of security --
> > there have only been a handful of Code
> > Red/NIMDA/Blaster/Sobig/SWEN/ etc., etc., etc.,
> > bring-down-the-entire-internet scale security breaches that I
> > can think of -- the Morris Worm in 1988, that Apache exploit
> > in 2002 --
> True, most people who exploit Unix machines prefer to use them as zombie
> machines for DDos attacks instead of the network abusing type of
> exploits that tend to show up on the Windows platform.
[ Actually, it looks like SOBIG-infected machines are also being
used as DDoS attack zombies. That and open relays for spam. ]
> Like I said, this
> reflects more on the level of sophistication of its users and market
> share than about the quality of its security model.
The fact that one of those systems has traditionally *had*
a security model counts for something too, I suspect.
Also: when a Unix box gets rooted, it's usually -- not
always, but usually -- because of an exploitable bug
found in poorly-written system software.
Windows boxes suffer their share of the same kind of
problem, but they are also subject to things like SWEN
and Word macro viruses, which are able to spread because
*the system is working exactly as designed*.
(And don't give me the usual crap about how SWEN et al.
are merely social engineering exploits. It is the design
of Windows in general, and Outlook in particular, that
makes it possible for SWEN-style attacks to be as wildly
successful as they have been. Social engineering can only
get SWEN onto a naive user's hard drive, or a virus-bearing
document into Word. Once there they can take over the host,
and that's because of Microsoft engineering.)