Malware is not "flooding". It only s much as "changes" and not at an alarming rate neither. Happens that any piece of [individual] malware is smaller than 5Mb (as in my example) therefor what you call a flood is nothing more then a couple of droplets of water in a lake. Sometimes I do wonder whether some people actually know what a virus is. I mean, this isn't eg, milk which you can market X times with different brand names. Besides, competent anti-viruses automatically clean their own signature base from systems immune to certain malware (eg patched).
Also, thankfully, I don't get infected with new malware X times per day, in fact, I don't recall ever being infected in the last 6/7 years I've run Windows (your point of focus). I'm sure I'm not alone, so where do you put us in your equation? Surely you can't infect non-existent workstations? Cheers. On Mon, May 17, 2010 at 12:49 AM, lsi <stu...@cyberdelix.net> wrote: > Imagine you are in an enclosed space. It starts to flood. As the > water level rises, the amount of oxygen you have available falls. > Unless it stops flooding, eventually you will have no oxygen at all. > > So, the CPU, RAM, diskspace, and network bandwidth of your machine, > as well as limits imposed by integer math, are the enclosed space. > Those specify the finite processing limits of your machine. Malware > is the flood. Oxygen is what's left in your enclosed space/machine, > once your malware defences have run. > > Malware is flooding at 243% (+/- error). This is consuming the > oxygen in your machine. You can enlarge your enclosed space, with > hardware upgrades, but that's not stopping the flooding. > > Eventually you will find it's not possible to upgrade the machine > (usually a software dependency of some kind). At this point the > machine will run slower and slower. Your alternatives will be to > disconnect the machine from the internet, and partially/completely > disable malware filters; or to replace the machine. > > As you can see you're spending money on upgrades and replacements, > and losing productivity and/or capabilities (eg. internet access). > > Meanwhile, the malware is still flooding into your enclosed space. > Every second that goes by, the rate of flooding increases. Your boss > is screaming at you for spending a zillion on hardware. Your users > are whinging because everything is running like a dog. Your support > staff are running around constantly fixing machines on which the AV > has failed (yet again) to stop the latest 0-day variant. Your > company's customers are livid because you had to tell them you had a > trojan on an accounts machine and their credit card data is now on > the web. Your wife has the hump because you're never home, except in > a bad mood, your kids think you are a boarder, and the dog hates you > because you never take it for walks anymore. > > And you now need to go to your boss and ask for more money for more > upgrades. > > What are you gonna do? Are you going to let your IT run like this > forever? Do you think your boss will like it when you ask him for > more budget? > > What is your long-term strategy for fixing this problem? > > Stu > > On 16 May 2010 at 19:08, Thor (Hammer of God) wrote: > > From: "Thor (Hammer of God)" <t...@hammerofgod.com> > To: "full-disclosure@lists.grok.org.uk" < > full-disclosure@lists.grok.org.uk> > Date sent: Sun, 16 May 2010 19:08:26 +0000 > Subject: Re: [Full-disclosure] Windows' future (reprise) > > > The error in your overall thesis is your failure to identify the > difference between threat and risk. You are interacting with Symantec's > report of "x new threats" as if it actually means something, or more > specifically, that these new threats somehow translate into some new level > of risk. They don't. > > > > According to Stephen Hawking, there are new threats emerging based on the > statistical probability of the existence of aliens. Therefore, a "threat" > exists where I may be struck in the head by a falling block of green alien > poo, frozen in the atmosphere after being flushed out by a passing > pan-galactic alien survey ship. However, the actual *risk* of me being hit > in the head while walking to a matinée of The Rocky Horror Picture Show > doesn't dictate that I apply a small mixture of Purell and Teflon to my > umbrella and fill my squirt gun with alien repellent. > > > > The risk of me personally being struck by falling alien poo is *far* > lower than the risk of any one of the almost 7 billion people on the planet > being struck by falling alien poo. You may be able to calculate the risk of > my being poo'd in relation to any given human being poo'd, but no level of > math will allow you to determine what my or any other person's individual > chance of being poo'd is. > > > > Your argument would call everyone to change the way they protect > themselves from falling alien poo out of the mere existence of a threat > without really qualifying the associated risk. That does nothing for > anyone, and would only cause a rise in the cost of umbrellas and squirt guns > and would probably result in the theater putting the kibosh on Rock Horror > completely and charging people to watch Born Free. (Insert clever > association of "Born Free" with "free" open source products here. See what > I did there?) > > > > Further, the basis of this "threat" is that you would actually have to > trust what Stephen Hawking is saying in the first place. In his case, there > really isn't any way to know that he's the one saying it, is there? For all > we know, the ghost of Carl Sagan could have hacked into his computer and has > made Mr. Hawking's requests to have his Depends changed translated into "run > for your lives, the aliens are coming, the aliens are coming" when his > computer talks. > > > > My point is that you are taking threat statistics from Symantec > that don't mean anything on their own, as there is no definition of > how those threats would apply to any given system, and directly > converting them into some global level of risk - and you are doing so > to such extremes that you actually conclude that the solution is to > do away with Microsoft products based on some unproven and imagined > postulate that closed source is somehow at the core of the issue > while at the same time admitting you don't know anything about the > platform. The fact that you are actually using Windows and programs > written with Visual Studio out of convenience to you critically > damages your argument. If you as the author of this idea refuse to > migrate from Windows or applications written with Windows development > products and frameworks just because it is *not convenient* for you, > how could you possibly expect anyone supporting any infrastructure of > consequence to take your advice or even consider your ideas as > anything other than hysteria when they would have to engage in > unfathomable expense, effort and time to create a total and complete > paradigm change in their business simply to try to defend against > being hit by falling alien poo? > > > > t > > > --- > Stuart Udall > stuart a...@cyberdelix.dot net - http://www.cyberdelix.net/ > > --- > * Origin: lsi: revolution through evolution (192:168/0.2) > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/