Sean DALY
Fri, 13 Mar 2009 05:31:46 -0700
I have to disagree. Although describing all systems as potentially vulnerable is factually correct, it's not informative in the context of massive botnets. It's the difference between discussing a rare contagious disease and a flu epidemic. Although the precautions to take in both cases will be similar, the specific advice to combat the epidemic will be far more useful.
The starting point is indeed to patch and use a firewall. (These two tasks happen to be ridiculously easy on OSX.) Next is to not install software whose source you are not sure of, in particular from unsolicited e-mail. Antivirus: vital for Windows, I've never needed an antivirus product for OSX or GNU/Linux PCs (I suppose that could change). Wifi networks: four years ago I had the only secure network in my neighborhood; this year 8 of the 10 networks I see (11 of 14 with the EeePC) have at least WEP security, so there has been progress. As OSX marketshare is climbing steeply (less steeply since Christmas though), and GNU/Linux marketshare of netbooks (the growth category) is between 10% and 40% depending on whom you speak with, we will be in a position a year from now to know if vulnerability is proportional to marketshare. For my part, I'll put my money on 99% of botnets by volume (number of clients) still running on a version of Windows. Sean. On Fri, Mar 13, 2009 at 12:59 PM, Peter Bowyer <pe...@bowyer.org> wrote: > 2009/3/13 Rob Myers <r...@robmyers.org>: >> On Fri, Mar 13, 2009 at 10:01 AM, Peter Bowyer <pe...@bowyer.org> wrote: >>> 2009/3/13 Rob Myers <r...@robmyers.org>: >>>> On Fri, Mar 13, 2009 at 8:35 AM, Steve Jolly <st...@jollys.org> wrote: >>>> >>>>> Not sure I'm convinced - all operating systems have their vulnerabilities; >>>> >>>> All machines have their *theoretical* vulnerabilities. Only Windows >>>> has vast botnets built on them, or any effective malware threats >>>> exploiting them in the wild. >>> >>> And a great way to change that is to allow users of other OSs to >>> believe and act as if they're not vulnerable. >> >> If forewarned is forearmed, this applies to knowing which platform is >> the greater theoretical and practical security risk. >> >> It does not justify hiding that information with a false equivalency > > If you're going to tell a naive computer user one thing, what would it > be? I'd say it should be something like 'all computers are vulnerable > to security breaches, take suitable precautions'. > > Discussions about the relative vulnerability of their computer > compared with the others on the planet can come later, and shouldn't > affect their reaction to the above. > > > -- > Peter Bowyer > Email: pe...@bowyer.org > Follow me on Twitter: twitter.com/peeebeee > - > Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please > visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. > Unofficial list archive: > http://www.mail-archive.com/backstage@lists.bbc.co.uk/ > - Sent via the backstage.bbc.co.uk discussion group. To unsubscribe, please visit http://backstage.bbc.co.uk/archives/2005/01/mailing_list.html. Unofficial list archive: http://www.mail-archive.com/backstage@lists.bbc.co.uk/