It's both the code and the popularity. Script kiddies (the majority of the crackers out there), use pre-built exploits that others have developed. Those tend to be built to attack the most commonly available systems. The people who develop those cracks also tend to go after the most commonly available systems. The weaknesses in the code makes the number of attacks larger, and more severe. The most popular OS in the world won't attract as many crackers if it is also very "hardened." (Just the _really serious_ crackers.) The weakest OS in the world won't attract many crackers if there are very few instances in use. Unfortunately, MS has hit on the worst possible combination: very popular and pretty weak code.
Mark Post -----Original Message----- From: Ryan Ware [mailto:[EMAIL PROTECTED]] Sent: Monday, September 09, 2002 11:09 AM To: [EMAIL PROTECTED] Subject: Re: InfoWorld Article - Lead Windows developer bugged by security > MVS B1 SUPPORT: Selected MVS/ESA products, collectively called a > trusted computing base (TCB), were evaluated by the United States > Department of Defense's National Computer Security Center (NCSC), > found to meet the criteria for a B1 level of trusted system, and> Microsoft has only achieved a C2. And I agree with you I don't understand why people think it is the popularity of a system that makes it vulnerable, its the code. IPC 2002
