On Oct 18, 2006, at 8:19 PM, Tim Newsham wrote:
Its not that simple. Windows boxes are a heckuva lot easier to
populate with the software that creates botnets. They're an open
infection vector.
I don't agree at all. There are sufficient server and client
vulnerabilities in *BSD, linux, OS X and windows. Many of the
attacks don't even rely on any software vulnerability but on the
poor judgement and bad practices of end users. These same problems
exist in the unix population. The software for all aspects of a
the malware would be substantially similar across all existing
popular platforms. The only major differentiator is the return on
investment. Writing attacks for windows makes more economical
sense for attackers.
Please. Windows is *full* of holes, and by default, it essentially
runs as "root" (or the Windows equivalent).
(Just like Linspire, which sucks too.)
I've had linux machines on the wide-open net for years with nary an
issue (save a RedHat machine in 1999 or so that got rooted when it
was sitting in my home at the end of a T1 line.)
Go ahead, put your XP machine up on a raw, unfiltered IP connection.
See how long it lasts.
jim
