Roberto C. Sanchez wrote:
Kamaraju Kusumanchi wrote:
On Friday 21 April 2006 04:19, Johannes Wiedersich wrote:
Also linux viruses occur only very seldom -- probably because of linux's
different security approach.
Could it be because there are less number of desktop users using Linux than
windows?
raju
No. It is because Linux was designed from the very beginning to:
- support multiple users
- have a sane security policy
- operate on (dangerous) public networks
OTOH, Windows was designed to:
- support a single user (not just at a time, but on the whole system)
- have no security policy whatsoever
- operate on Microsoft's also-ran version of AOL/CompuServe/Prodigy
Of course, you can look at Apache and IIS as good comparison. Apache
has 66+ % of the web server market (depending on how you measure).
However, the percentage of compromises/viruses/whatever are mostly
toward IIS. Also, even if Linux and Mac had only 1% of the desktop
market each, and there are (optimistically) about 30,000 windows
viruses, where are the 300+ Mac viruses and 300+ Linux viruses that
should be out there?
That says nothing of the server market, where Linux has much more than 1%.
-Roberto
Honestly, Roberto, while I wouldn't dispute the basic contention that
Linux and any other UNIX-based OS's are more secure by design than
flavors of Windows, there is a smugness in the tone of your reply that
bothers me. Most Windows malware that affects desktop users exploits
security holes that Microsoft has already patched, in many cases months
before the exploit appears. Windows malware is as successful as it is
at least as much because of user inattention as because of any other
factors. The typical Aunt Matilda Windows User is someone who hears
"virus" and opens a can of chicken soup. Contrast that with the typical
Desktop Linux User, who even if he or she is not a tech god/guru, is at
least sophisticated enough to read some documentation, download and burn
a bootable ISO, and install an alternative operating system. Aunt
Matilda is only vaguely aware of what an operating system is, and has no
idea that any alternatives exist.
The point is that Linux users as things stand now are a self-selecting
bunch, and as such are more aware of and informed about the basics of
system administration and security than Windows users, who range from
the savvy and sophisticated to ... well, Aunt Matilda. Were that not
the case, I have yet to be convinced that Linux OS's would be more
protected from being p'wned than Windows OS's. Surely you subscribe to
Debian's Security Announcements? Surely you are aware of the hundreds
... no, thousands ... of vulnerabilities discovered in apps that are
practically ubiquitous across most or all Linux distributions, including
all of the most popular? Many of these vulnerabilities are every bit as
dangerous and exploitable as anything that exists in the Windows world,
many of these will cede control of (at the very least) your user account
to any script kiddie who comes along. The difference is that these
vulnerabilities are fixed and *the fixes are applied* in the Linux
world, while the fixes are too often left unapplied in Windows. Any
computer, no matter how well designed the OS that runs it, is only as
secure as the person administering it. The fact that Windows is not
terribly well designed coupled with the overwhelmingly uninformed
Windows user base makes it a particularly attractive and easily
exploitable target. But the better design of most Linux OS's would not,
in and of itself, be enough to prevent much the same thing happening to
Linux if or when its user base becomes equally as clueless.
--
Michael M. ++ Portland, OR ++ USA
"No live organism can continue for long to exist sanely under conditions of absolute
reality; even larks and katydids are supposed, by some, to dream." --S. Jackson
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
