begin quoting Lan Barnes as of Tue, Feb 01, 2005 at 11:53:23AM -0800: > On Tue, Feb 01, 2005 at 11:48:09AM -0800, Todd Walton wrote: > > On Tue, 1 Feb 2005 10:53:18 -0800, Stewart Stremler <[EMAIL PROTECTED]> > > wrote: > > > If all of those MSWindows users were to start using Linux today, we'd > > > have the same virus problem in fairly short order. > > > > Wow. That's a really good point. I hadn't thought of that. > > Actually I don't think it is a very good point. This is a rehash of the > popularity leads to security exploits argument that has only just been > (yet again) hashed out. Historical evidence contradicts this.
Bzzzzt. This is _not_ a rehash of "popularity leads to security exploits", and I agree that historical evidence doesn't support the popularity argument. Stupid, careless, or unmotiviated users lead to security exploits. It's a matter of people confusing popularity with unsafe behavior; a large population will generally engage in more acts unsafe behavior, and so it may /appear/ that the problem is popularity. Many people confuse correlation with causation, so this is a common confusion. Pretty much the only way to keep a stupid user from compromising their own system is to not let them do anything. Deny them root access. Do not let them install any software. Do not let them write their own software. . . ...you might just as well take away their computer, turn it off, take it apart, and bury the pieces. Which is the traditional solution for a "totally safe" system. Give me a user population that (1) exchanges binary programs among themselves that are run as a matter of course, (2) demand convenient hooks in email and browser applications that run downloaded executables and/or run application suites on data files, and (3) provide the administrator password whenever prompted (by the system), and I'll show you a user population that cannot be prevented from being taken advantage of. > "Common sense" takes another hit ... No appeal to common sense was made. -Stewart "It's uncommon for me to make sense" Stremler -- KPLUG-List mailing list [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
