On Thu, Jan 15, 2009 at 3:02 PM, Eric Scoles <[email protected]> wrote: > > > On 2009-01-15, Dave Henn <[email protected]> wrote: >> >> >> One way to nearly eliminate malware is to do away with Windows once >> and for all, or to demand that MS overhaul it so that the malware >> can't take advantage of its security holes. There is little, if any, >> malware for Unix-based OSs, such as Mac OS X and the various Linuxes >> (Linuxi?), and what there is requires the user to give it permission >> to run. Unix has been around a long time and is installed on millions >> of servers, yet no malware of significance. > > Unless you count the server-side component of Storm.
I'll have to look that up. > >> >> ... >> Acceptance is the problem, again. While Ubuntu is helping bring lesser >> geeks and even non-geeks into the Linux world, and the Vista problems >> urged people to look at alternatives like Mac OS X and Linux, there is >> still a huge amount of inertia confronting any massive OS change, not >> to mention the economic incentive millions of techies have to stand in >> the way of a truly secure OS. > > Mass-acceptance of OS X would simply move much of the malware to OS X. Ditto > desktop Ubuntu. True, it's a bit harder to get root than it is to get > Windows superuser status, but it may not be as much harder as > you think. There's an annual competition to hack OS X. Participants are > pointed at a fully-patched Mini with default security options. The system is > routinely compromised in less than an hour's effort, from scratch. > Every account I've read has indicated that the "compromise" required user assistance of one form or another. OS X is basically a Unix/Linux, which is why I was trying not to set it apart too much. Again, I'll read up on Storm and look into what Dana's talking about. But this just gets us to your other, more important points about the social/cultural components to malware. And the application/plug-in based exploits vs. OS based exploits - as you say, that's going to be huge. Still, it would be nice to get rid of thousands of risks we already know about. -- Dave Henn [email protected] --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "R-SPEC: The Rochester Speculative Literature Association" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/r-spec?hl=en -~----------~----~----~----~------~----~------~--~---
