On Thu, Apr 16, 2009 at 12:32:37AM +0000, security curmudgeon wrote: > "Popular" products have more published vulnerabilities, that would be > pretty easy to argue. May have to qualify "popular" to who though (the > researchers/blackhats, or the general public which makes them appealing > targets to the bad guys, etc).
Along those lines: one of the canards that I frequently find myself defusing is "X is attacked often because it's popular". It may be true that X is attacked often, and that X is popular, but that doesn't prove a causal relationship between the two. I think it much more likely that X is attacked (a) because it's weak or (b) because it's perceived to be weak. I also think it likely that "X is attacked often", that is, "more often than some other things", may not actually be the case; rather, it may well be that "everything is attacked frequently, but X succumbs more often, leading to the perception that it's disproportionately attacked. And the problem with all of this is that "why" can only be answered by those doing the attacking (or writing the automated agents which in turn do the attacking). We often do not know who they are, and even in when cases where we do, we're not in a position to ask questions -- or to necessarily believe the answers we'd get. ---Rsk _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
