Simple question about Windows .......

Hadron Quark · External Since: Sep 10, 2006 Posts: 1621

Handover Phist <jason.TakeThisOut@jason.websterscafe.com> writes:

> Erik Funkenbusch :
>> On Thu, 28 Sep 2006 07:42:32 GMT, Mathew P. wrote:
>>
>>> You see, it should be apparent to everyone once they give the problem
>>> consideration, that malicious code, such as worms and viruses, will
>>> only be written if a vulnerability exists for the author of the code
>>> to exploit.
>>
>> And you would be wrong.
>>
>> Lots of viruses exist and propogate through no computer vulnerability
>> whatsoever, at least not one that is fixable. They spread through HUMAN
>> vulnerability. ie, executing attachments that get sent to them. There is
>
> *zing* It was at this point the thead when from viruses to social
> engineering. What you point to here isn't viruses but spam and phishing
> scams. They dont meet one of the essential criterial for viruses which
> is self-replication.

You are wrong. Yes they do. Through social engineering / manipulation a
user executes a rogue exe. After that the rest, as the say, is history.

--
C is quirky, flawed, and an enormous success
-- Dennis M. Ritchie

Hadron Quark · External Since: Sep 10, 2006 Posts: 1621

Peter Hayes <not_in_use.TakeThisOut@btinternet.com> writes:

> In <87ven8t9bc.fsf.TakeThisOut@geemail.com> Hadron Quark wrote:
>> Peter Hayes <not_in_use.TakeThisOut@btinternet.com> writes:
>>
>>> In <1hhxwxhyx297j.dlg.TakeThisOut@funkenbusch.com> Erik Funkenbusch wrote:
>>>
>>>> Hell, a few years back, there were these streams of very complicated
>>>> hoaxes going around that asked users to delete various files from
>>>> their hard drive, because they were claimed to be viruses.
>>>
>>> Of course, had Windows been as secure as Unix and its derivitives
>>> these social engineering exploits wouldn't have worked.
>>
>> That entire post obviously went right over your head.
>
> My post obviously went right over your head.
>
> If Windows were as secure as Unix and its derivitives there wouldn't be
> any viruses. If there are no viruses users wouldn't be tricked into
> deleting them so the whole hoax scenario fails.

You're inability to follow Eriks explanation is frightening. And your
last paragrpah made no sense. Maybe you're talking about something else?

Let me explain : if a user is *tricked* into executing a file as root or
as administrator then that program can do *anything* it
wants. Windows/OSX/Linux/Unix. It really doesn't matter.

Now, think about that and then come back to the thread.

Gordon · External Since: Aug 01, 2005 Posts: 465

Hadron Quark wrote:

> Let me explain : if a user is *tricked* into executing a file as root or
> as administrator then that program can do *anything* it
> wants.

But surely the point here is that the VAST majority of Windows users run
with an Administrator account - purely because they can't be fagged to log
out and log on as an Administrator - so there's no dialog box for a
password (in fact the numbers of Windows users in the MS Newsgroups who
keep asking how to auto log-on is frightening) whereas in Linux/Unix almost
every user is NOT running as root, and so would be asked for a password
before being able to execute a potential system-damaging operation....

--
Registered Linux User no 240308
PCLinuxOS 0.93 & SLED 10
gordonDOTburgessparkerATgbpcomputingDOTcoDOTuk
to email me replace the obvious!

The Ghost In The Machine · External Since: Aug 04, 2005 Posts: 3878

In comp.os.linux.advocacy, William Poaster
<wp.TakeThisOut@suseoss101.eu>
wrote
on Thu, 28 Sep 2006 13:52:49 +0100
<pan.2006.09.28.12.52.48.866483.TakeThisOut@suseoss101.eu>:
> On Thu, 28 Sep 2006 07:39:06 -0500, chrisv wrote:
>
>> Erik Funkenbusch wrote:
>>
>>>> Um, there is quite a bit the OS *can* do without overly restricting users;
>>>> inmy opinion, the most important one is the x-bit, where files received
>>>> via e-mail can't possibly be executed unless the user jumps through
>>>> several hoops to make them executable.
>>>
>>>And what makes you think that the users who execute attachments on Windows
>>>wouldn't jump through those hoops EACH AND EVERY TIME on any other OS?
>>
>> Idiot.
>
> And one major difference is, that in linux it would *only* corrupt the
> user's home partition & not the *whole* frekin' OS, unlike windows.
>

Depends on the nature of the bug. The teardrop
fragmentation kernel bug was interesting in that it brought
down the OS; however, it was also a very rare exception.
Given that bug, though, how long before someone would have
developed an exploit that would have specifically targeted
pieces of code in the kernel allowing compromisation?

I'd wager it might take awhile, but it could be done.
Of course the bug itself was patched in 4 hours anyway,
once it was discovered.

Most of the bugs nowadays are in daemons or browsers.
If a bug compromises a browser, there's not a lot it can
do save corrupt the user's home partition and various other
things such as /tmp -- which might be an issue if said bug
gets cute about /tmp/.X11-unix/X0 but that structure's so
old X probably has a well-worn defense already. Besides,
it's owned by root. Smile

Daemons have more privileges but the typical daemon
runs as root, forks off N subcopies of itself, each of
which sets what user it should run as (in apache's case,
either nobody or www), and only then prepare to serve.
Compromisation of the www acount might lose one's website
but it, in theory, can't take over the system.

If a daemon needs a privileged server socket, the
root creates it prior to fork (children inherit file
descriptors). This might lead to a race condition but
I rather doubt it; the socket doesn't do much at the
process level until accept() is called (the kernel might
hold a few packets, though, depending on what is specified
during listen(); presumably listen() is called by the
prime daemon as it's running as root).

--
#191, ewill3.TakeThisOut@earthlink.net
/dev/brain: Permission denied

Mathew P. · External Since: Feb 27, 2006 Posts: 277

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2006-09-28, ray spake thusly:
> On Thu, 28 Sep 2006 07:42:32 +0000, Mathew P. wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> I have something to ask the group. Much has been said, at great
>> length on the topic, with very long and verbose posts. Really,
>> at it's most simple, basic level, it's a very straightforward
>> single sentence that defines the Windows experience:
>>
>> ######################
>> Why do rapid spreading, self replicating, successful viruses and
>> other malicious code exist for the Windows operating system?
>> ######################
>>
>> That's really the basic question, isn't it?
>>
>> You see, it should be apparent to everyone once they give the problem
>> consideration, that malicious code, such as worms and viruses, will
>> only be written if a vulnerability exists for the author of the code
>> to exploit. This vulnerability if found, will only be exploited if
>> there is a return on the investment of the time and effort required
>> to develop the strategy and coding of the malicious software. This
>> leads to the inescapable conclusion that this OS's environment
>> offers significant windows of opportunity (so to speak) for the
>> authors of this kind of code to harvest that return on investment,
>> whatever it may be.
>>
>> Before any voice is given to the argument, "it's because windows
>> is used more than any other system", just set that thought aside
>> for a moment and consider the above paragraph.
>>
>> And reconsider the basic, one line question that leads to all
>> other questions such as why anti-virus software is absolutely essential
>> in a windows system:
>>
>> ######################
>> Why do rapid spreading, self replicating, successful viruses and
>> other malicious code exist for the Windows operating system?
>> ######################
>>
>> This really *is* the bottom line.
>>
>> Regards,
>>
>> Mathew
>>
>>
>>
>
> IMHO it's irrelevant 'why'. The fact is that MS systems are highly
> vulnerable whereas others are not.

I must disagree. The reason for the problem is the beginning to finding
a solution, and is therefore, *extremely* relevant. The fact is that
the question remains a valid one:

######################
Why do rapid spreading, self replicating, successful viruses and
other malicious code exist for the Windows operating system?
######################

This question addresses multiple issues in one sentence, and, as I
said, is really the bottom line.

My cat scratches his ears vigourously for no apparent reason. The
fact is that as an animal, he is extremely vulnerable to various
parasites. I will need to take him to the vet to understand why
he scraches so much, because I understand the relevance of
the information. The fact that he scratches is not so important
as the reason that parasites find him an especially good host.

This analogy should serve to make it clearer why, and to what
extent, the question is important.

regards,

Mathew

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQFFHAWQlkJ5K/IU2ToRAk3wAJ4uggUAcgf7N2e92Lodzi0zUOocrwCfevv1
fLDvxbFHshV9caM2uOzddow=
=gga1
-----END PGP SIGNATURE-----

--
"Always do the right thing: It will delight / Aluminum Foil Deflector Beanies
some and astound the rest" - Mark Twain / Psychotronic protection, low prices

ray · External Since: Nov 13, 2004 Posts: 3387

>>
>> IMHO it's irrelevant 'why'. The fact is that MS systems are highly
>> vulnerable whereas others are not.
>
> I must disagree. The reason for the problem is the beginning to finding
> a solution, and is therefore, *extremely* relevant. The fact is that
> the question remains a valid one:
>
> ######################
> Why do rapid spreading, self replicating, successful viruses and
> other malicious code exist for the Windows operating system?
> ######################
>
> This question addresses multiple issues in one sentence, and, as I
> said, is really the bottom line.

This is a Linux Advocacy group. It is not our responsibility to fix MSs
shortcomings.

>
> My cat scratches his ears vigourously for no apparent reason. The
> fact is that as an animal, he is extremely vulnerable to various
> parasites. I will need to take him to the vet to understand why
> he scraches so much, because I understand the relevance of
> the information. The fact that he scratches is not so important
> as the reason that parasites find him an especially good host.
>
> This analogy should serve to make it clearer why, and to what
> extent, the question is important.
>
> regards,
>
> Mathew
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.7 (GNU/Linux)
>
> iD8DBQFFHAWQlkJ5K/IU2ToRAk3wAJ4uggUAcgf7N2e92Lodzi0zUOocrwCfevv1
> fLDvxbFHshV9caM2uOzddow=
> =gga1
> -----END PGP SIGNATURE-----

Erik Funkenbusch · External Since: May 27, 2005 Posts: 2403

On Thu, 28 Sep 2006 13:52:49 +0100, William Poaster wrote:

> On Thu, 28 Sep 2006 07:39:06 -0500, chrisv wrote:
>
>> Erik Funkenbusch wrote:
>>
>>>> Um, there is quite a bit the OS *can* do without overly restricting users;
>>>> inmy opinion, the most important one is the x-bit, where files received
>>>> via e-mail can't possibly be executed unless the user jumps through
>>>> several hoops to make them executable.
>>>
>>>And what makes you think that the users who execute attachments on Windows
>>>wouldn't jump through those hoops EACH AND EVERY TIME on any other OS?
>>
>> Idiot.
>
> And one major difference is, that in linux it would *only* corrupt the
> user's home partition & not the *whole* frekin' OS, unlike windows.

That's not all it can do. For instance, it could send out spam to millions
of users, or it could replicate itself, or cause a DDoS. It can steal
passwords, harvest email addresses, and a whole host of other tasks... none
of which require one iota of special privilege.

Of course, that's not taking into account that such viruses or trojans can
try to exploit any known local privilege elevation vulnerability as well.

Tim Smith · External Since: Apr 26, 2004 Posts: 2707

In article <y5dfumy4qch1.dlg.TakeThisOut@funkenbusch.com>,
Erik Funkenbusch <erik.TakeThisOut@despam-funkenbusch.com> wrote:
> > And one major difference is, that in linux it would *only* corrupt the
> > user's home partition & not the *whole* frekin' OS, unlike windows.
>
> That's not all it can do. For instance, it could send out spam to millions
> of users, or it could replicate itself, or cause a DDoS. It can steal
> passwords, harvest email addresses, and a whole host of other tasks... none
> of which require one iota of special privilege.
>
> Of course, that's not taking into account that such viruses or trojans can
> try to exploit any known local privilege elevation vulnerability as well.

It's also not taking into account the fact that the user's home
directory is the place where the items of value to the average user are
kept.

--
--Tim Smith

Erik Funkenbusch · External Since: May 27, 2005 Posts: 2403

On 28 Sep 2006 12:51:29 GMT, Peter Hayes wrote:

> To excuse Microsoft through historical baggage and a lack of foresight
> isn't valid. They had two major opportunities to beef up security, the
> release of Windows 95 and the release of NT4, or perhaps even NT3.51.

While I don't excuse Microsoft's lack of foresight in certain areas, It's
now simply a fact that the situation exists and has to be dealt with.

> By 1990 viruses were becoming widespread, usually spread on floppies.
> Five years later the release of Windows 95 was a pivotal moment - a new
> OS with a new UI, a new kernel, and a new opportunity for Microsoft to
> develop security policies and make a fresh start. They didn't, and from
> that decision flows the trillions of $$$ lost to no purpose.

Windows 95 was hardly any such thing. In fact, it was a stopgap measure.
It was never supposed to last as long as it did, it was a "bridge" to get
people onto NT, wit a 3-5 year lifespan. It ended up being close to 8
years before a large portion of people had upgraded to NT based systems.

NT provided significantly more security, but that didn't stop the attackers
from getting more creative.

> The Linux/Unix security paradigm was well in place by 1995 and Microsoft
> chose to ignore it, presumably for short term marketing purposes. Social
> engineering exploits aside, they are fully liable for financial losses
> greater than the GDP of several third world nations. Yet they are
> allowed to get away with it. Sheesh...

I prmoise you, some day, probably some day soon, your "Linux/Unix security
paradigm" will be revealed for the ineffective charade it really is. It
won't stop determined malware.

Erik Funkenbusch · External Since: May 27, 2005 Posts: 2403

On Thu, 28 Sep 2006 11:41:59 -0400, JDS wrote:

> On Thu, 28 Sep 2006 16:31:46 +0200, Hadron Quark wrote:
>
>> When I have to. Dont believe me? NVidia and truecrypt. Why do you ask?
>
> Because you are making a false blanket statement that "the end user" must
> compile stuff as root to install it.
>
> Not true.
>
> Your NVIDIA driver is a perfect example. You can *optionally* compile it
> yourself but there are binaries available, from trusted sources, for most
> major distros. No compile necessary, just pointy-clicky-install-y.
>
> Just another trip down the "Linux is not ready for the average user" path
> of FUD, I guess.

Trusted sources? You mean like when the Red Hat TCP Wrappers archive was
contaminated on a "trusted server", or when flaws in CVS put the entire
Linux code base at risk from being tampered with?

Erik Funkenbusch · External Since: May 27, 2005 Posts: 2403

On Thu, 28 Sep 2006 16:42:50 +0200, Richard Rasker wrote:

> If he were right, we'd have seen at least a few hundred successful social
> engineering Linux viruses by now.

No we wouldn't. The kind of users that get exploited by social engineering
don't really exist on Linux, and the attackers know that. Not only that,
there is simply no reward for the risk.

> We haven't. Not a single one. We haven't
> even seen any jump-through-several-hoops Windows viruses postulated by
> Erik.

Yes, we have. Here's a few examples:

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q322993
http://news.zdnet.co.uk/hardware/emergingtech/0,39020357,2087838,00.htm

> And why is that? No, not because Windows is the dominant OS, but
> because it's largely trivial to infect a Windows machine, even with lots
> of "defenses" in place. One wrong click, and you're buggered, period.
> Linux isn't built like that. And because making things difficult *does*
> deter most people from doing it.

Bullshit. Linux has been largely immune because of it's relative obscurity
and higher than average technical ability of its users. MacOS has been
largely immune because the tools don't exist for hacking systems on PPC as
much as they do on x86. I predict we'll see a few major attacks on MacOS
in the next 2 years.

Erik Funkenbusch · External Since: May 27, 2005 Posts: 2403

On 28 Sep 2006 15:27:25 GMT, Peter Hayes wrote:

>> You're inability to follow Eriks explanation is frightening. And your
>> last paragrpah made no sense. Maybe you're talking about something
>> else?
>
> I'm talking about Erik's comment, quoted at the top of this post, that "
> Hell, a few years back, there were these streams of very complicated
> hoaxes going around that asked users to delete various files from their
> hard drive, because they were claimed to be viruses." And I responded
> that if viruses didn't exist these "delete virus msvc60.dll" or whatever
> spoof e-mails wouldn't exist because nobody would believe them, or even
> understand them. Now what's simpler than that?

The point was simply that complexity is no deterent. Suppose the list of
instructions were to instead install a cool screen saver, or view naked
pictures of paris hilton, or a great e-card from your grandson, or to show
your patriotic support of the troops. Social engineering works because it
convinces them to do things they normally wouldn't do.

markzoom · External Since: Dec 31, 2004 Posts: 143

The Ghost In The Machine wrote:
> In comp.os.linux.advocacy, ray
> <ray DeleteThis @zianet.com>
> wrote
> on Thu, 28 Sep 2006 16:15:24 -0600
> <pan.2006.09.28.22.15.23.218320 DeleteThis @zianet.com>:
> >
> >>>
> >>> IMHO it's irrelevant 'why'. The fact is that MS systems are highly
> >>> vulnerable whereas others are not.
> >>
> >> I must disagree. The reason for the problem is the beginning to finding
> >> a solution, and is therefore, *extremely* relevant. The fact is that
> >> the question remains a valid one:
> >>
> >> ######################
> >> Why do rapid spreading, self replicating, successful viruses and
> >> other malicious code exist for the Windows operating system?
> >> ######################
> >>
> >> This question addresses multiple issues in one sentence, and, as I
> >> said, is really the bottom line.
> >
> > This is a Linux Advocacy group. It is not our responsibility to fix MSs
> > shortcomings.
>
> No, but we do probably need to advocate a solution that
> might eliminate or work around them for the user. Smile

>
> Fortunately for us (and for the users), Linux and many
> Linux distros do exactly that. How many viruses have
> infected Linux machines?
>
> I can count three:
>
> - Bliss
> - a derivative of Bliss
> - Li0n
>
> and none really propagated all that much -- if at all.
>
> http://www.viruslibrary.com/virusinfo/Linux.htm
>
> does list a few, however.
>
> Linux.OSF.8759 is a true virus; it infects ELF executables. For
> some reason it skips all files ending in "ps" (not ".ps").
>
> Linux.RST is another such virus.
>
> The rest are various flavors of worm, attacking system daemons.
>
> A scan using the builtin search engine uncovers a few more, a total of
> 20 in all. One of the more interesting ones is Linux.Zipworm, which
> searches for zip archives and inserts itself thereinto. This is why
> md5sums are so important. Smile

>
> Yep, better patch our Linux systems. Those 20 viruses
> look extremely dangerous.
>
> Now...
>
> Clicking on "Virus Information" suggests 5505 highly active
> viruses. Three guesses which system, and one *knows* it's
> bad when one has names such as 92_69.1148, 33.525, AAA.807,
> I-Worm.NetSky.y, Bleah.c, and Backdoor.Win32.AckCmd
> through Backdoor.Win32.XRat.j.

Hmmm.... That's about 272 windows viruses for every Linux one, 272-1 is
not that far from the ratio of Linux users to M$ ones....

>
> (There's even two entries for Bagoes. This could be a bug in the
> information sytem.)
>
> Amazing. 20 versus more than 5000. And Winvocates such as
> http://www.vnunet.com/vnunet/news/2116855/linux-lined-virus-target
> have the nerve to call Linux unsafe.
>
> http://www.theregister.co.uk/2003/10/06/linux_vs_windows_viruses/
> calls him on it. Smile

>
> (Of course there will be more *attempts*, human nature
> being what it is. I for one don't see them being all
> that successful.)
>
> [rest snipped]
>
> --
> #191, ewill3 DeleteThis @earthlink.net
> People think that libraries are safe. They're wrong. They have ideas.
> (Also occasionally ectoplasmic slime and cute librarians.)

Erik Funkenbusch · External Since: May 27, 2005 Posts: 2403

On Thu, 28 Sep 2006 14:26:19 +0000 (UTC), thad01.RemoveThis@tux.glaci.remove-this.com
wrote:

> I'm not about to jump in on this argument... too difficult to get
> objective measures to ever convince anyone one way or the other.
> But this is an opportune time to mention a related anecdote:

It was rather easy to prove. Note the date the CVE was created, then note
the date of the released patch and security bulletin. Subtract one from
the other. Of course that doesn't prove when the flaw was ACTUALLY
discovered, but it does provide a minimum timeframe.

> Years ago, I used to lurk on the Apache dev mailing list (I was
> developing apache modules at the time). One day someone posted that
> he had discovered a potential vulnerability. About five minutes
> later another developer posted the (rather simple) fix for it
> including a patch file for easy installation. I (and others on the
> list I expect) immediately compiled and installed it. It was checked
> in and part of the nightly build before the day was out.

Great. If you're capable of doing that, which most users aren't. And most
users aren't following the mailing lists, or the daily builds. In fact,
most users only update when their system tells them there's a new patch
(and often times even then, they dont). How long before your patch makes
it down to the Red Hat or SUSE or Debian automatic update? Several days at
a minimum in most cases, often a week or more.

What's more, doesn't this seem like the perfect opportunity for someone to
sneak in a backdoor? With thousands of people compiling a patch with Zero
due dilligence? A suitably subtle one might not be caught right away and
might present yet another window of opportunity for attack.

> From discovery to installation on my production system, there was
> probably at most a 15 minute turn-around time. For anyone not
> subscribed to the public dev list, it was still substantially less
> then 24 hours from discovery to released update.

Who installs nightly builds?

Erik Funkenbusch · External Since: May 27, 2005 Posts: 2403

On Thu, 28 Sep 2006 14:39:46 GMT, Handover Phist wrote:

> Erik Funkenbusch :
>> On Thu, 28 Sep 2006 07:42:32 GMT, Mathew P. wrote:
>>
>>> You see, it should be apparent to everyone once they give the problem
>>> consideration, that malicious code, such as worms and viruses, will
>>> only be written if a vulnerability exists for the author of the code
>>> to exploit.
>>
>> And you would be wrong.
>>
>> Lots of viruses exist and propogate through no computer vulnerability
>> whatsoever, at least not one that is fixable. They spread through HUMAN
>> vulnerability. ie, executing attachments that get sent to them. There is
>
> *zing* It was at this point the thead when from viruses to social
> engineering. What you point to here isn't viruses but spam and phishing
> scams. They dont meet one of the essential criterial for viruses which
> is self-replication.

No, i'm not. I'm talking about viruses and trojans. Root privileges are
not required to replicate.

Erik Funkenbusch · External Since: May 27, 2005 Posts: 2403

On Thu, 28 Sep 2006 09:30:31 -0700, Jim Richardson wrote:

> Unfortunately, that does nothing for the "click the attached jpeg to see
> the nekkid chick" problem, since the attachment isn't on the filesystem
> in that sense yet. The windows shell "helpfully" executes whatever you
> throw at it.

The shell cannot execute something if it's not on the filesystem.

Mathew P. · External Since: Feb 27, 2006 Posts: 277

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2006-09-28, JDS spake thusly:
> On Thu, 28 Sep 2006 13:51:11 +0200, Hadron Quark wrote:
>
>> You can be sure as hell that *if* Linux ever gets more than 2% of the
>> desktop share then the virus writers will turn their gaze towards it.
>
> How about the server market share? Most of the websites on the WWW
> run on Apache on Linux. That's a pretty big market share. Where are the
> viruses for those systems?

I think it's somewhat amusing that many xxxx sites, if not most, don't
use windows server.

regards,

Mathew

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.7 (GNU/Linux)

iD8DBQFFHBanlkJ5K/IU2ToRAvclAKC2/B/0QD54iyfZ38uHkTbs0sUj6gCgyzRo
u0LNeVUZcNAAntS9CgplnK0=
=1thO
-----END PGP SIGNATURE-----

--
"Always do the right thing: It will delight / Aluminum Foil Deflector Beanies
some and astound the rest" - Mark Twain / Psychotronic protection, low prices

Jim Richardson · External Since: Jan 15, 2005 Posts: 1227

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 28 Sep 2006 18:38:32 GMT,
Mathew P. <Mathew RemoveThis @COLA.com> wrote:
>
> On 2006-09-28, JDS spake thusly:
>> On Thu, 28 Sep 2006 13:51:11 +0200, Hadron Quark wrote:
>>
>>> You can be sure as hell that *if* Linux ever gets more than 2% of the
>>> desktop share then the virus writers will turn their gaze towards it.
>>
>> How about the server market share? Most of the websites on the WWW
>> run on Apache on Linux. That's a pretty big market share. Where are the
>> viruses for those systems?
>
> I think it's somewhat amusing that many porn sites, if not most, don't
> use windows server.
>

because they need to maximise profits. It takes fewer machines running
apache to do the same work as machines running IIS &etc.

If it made financial sense to run IIS/W2k3, they would. They're all
about money, even the ones that are little more than virus/trojan front
ends.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFHCgxd90bcYOAWPYRAotvAKDK+OrENLbI2OHSHyC6DQPX4awK5wCfTKa9
zoUTzR+acQs5VERUn7NMDD0=
=ZLXR
-----END PGP SIGNATURE-----

--
Jim Richardson http://www.eskimo.com/~warlock
Nothing says "loser" like "nymshifter".
--chrisv on C.O.L.A

Hadron Quark · External Since: Sep 10, 2006 Posts: 1621

Jim Richardson <warlock.TakeThisOut@eskimo.com> writes:

> On Thu, 28 Sep 2006 15:28:25 +0200,
> Hadron Quark <qadronhuark.TakeThisOut@geemail.com> wrote:
>> Peter Hayes <not_in_use.TakeThisOut@btinternet.com> writes:
>>
>>> In <pan.2006.09.28.11.08.13.631323.TakeThisOut@linetec.nl> Richard Rasker wrote:
>>>
>>>> For a large part, Microsoft can't be blamed any more - these design
>>>> decisions have a historical background, in that Microsoft didn't
>>>> foresee networking going beyond perhaps a handful of trusted machines
>>>> on a trusted network; also, they didn't foresee that people would
>>>> start making viruses. Their stuff was designed for a non-networked one-
>>>> person computer, and now they can't change it, lest they render most
>>>> of current, popular software useless in one stroke.
>>>
>>> To excuse Microsoft through historical baggage and a lack of foresight
>>> isn't valid. They had two major opportunities to beef up security, the
>>> release of Windows 95 and the release of NT4, or perhaps even NT3.51.
>>
>> Users running executables can have no "security" defense.
>>
>
> look into selinux and app-armor (mostly selinux in this context,
> app-armor is aimed elsewhere)
>
>> Why don't you understand this basic issue which Erik has gone to great
>> lengths to explain?
>>
>
> you mean the bit about how having to make a file executable before you
> can run it? (ma! I need to make this picture executable so I can view
> it!)

Yes. Thank you. And you are missing the point too. For the 100th time :
when the user *knowingly* wants to execute the attachment he/she will
find a way.

Jim Richardson · External Since: Jan 15, 2005 Posts: 1227

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, 28 Sep 2006 19:18:20 +0200,
Hadron Quark <qadronhuark.TakeThisOut@geemail.com> wrote:
> Jim Richardson <warlock.TakeThisOut@eskimo.com> writes:
>
>> On Thu, 28 Sep 2006 15:28:25 +0200,
>> Hadron Quark <qadronhuark.TakeThisOut@geemail.com> wrote:
>>> Peter Hayes <not_in_use.TakeThisOut@btinternet.com> writes:
>>>
>>>> In <pan.2006.09.28.11.08.13.631323.TakeThisOut@linetec.nl> Richard Rasker wrote:
>>>>
>>>>> For a large part, Microsoft can't be blamed any more - these design
>>>>> decisions have a historical background, in that Microsoft didn't
>>>>> foresee networking going beyond perhaps a handful of trusted machines
>>>>> on a trusted network; also, they didn't foresee that people would
>>>>> start making viruses. Their stuff was designed for a non-networked one-
>>>>> person computer, and now they can't change it, lest they render most
>>>>> of current, popular software useless in one stroke.
>>>>
>>>> To excuse Microsoft through historical baggage and a lack of foresight
>>>> isn't valid. They had two major opportunities to beef up security, the
>>>> release of Windows 95 and the release of NT4, or perhaps even NT3.51.
>>>
>>> Users running executables can have no "security" defense.
>>>
>>
>> look into selinux and app-armor (mostly selinux in this context,
>> app-armor is aimed elsewhere)
>>
>>> Why don't you understand this basic issue which Erik has gone to great
>>> lengths to explain?
>>>
>>
>> you mean the bit about how having to make a file executable before you
>> can run it? (ma! I need to make this picture executable so I can view
>> it!)
>
> Yes. Thank you. And you are missing the point too. For the 100th time :
> when the user *knowingly* wants to execute the attachment he/she will
> find a way.

and yet, that's not the way the majority of the "i love you" and the
like viral/trojan swarms emitting from MS machines work. They conflate
open and execute, to the user's detriment.

Something you seem bent on ignoring.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFFHCeld90bcYOAWPYRAuLiAJ9BJf8xL2cPmVg6bEKf7iyVuRTjGwCggkVk
JphlGgQHuBOcX0WaHcGtavg=
=nhiC
-----END PGP SIGNATURE-----

--
Jim Richardson http://www.eskimo.com/~warlock
Nothing says "loser" like "nymshifter".
--chrisv on C.O.L.A