On 9/3/2011 5:42 PM, Dennis E. Hamilton wrote: > Criminals do attack servers. Regularly. And for as long as the internet has > been the vehicle for attacks. Some of the successful attacks do get > reported. The vulnerability is often a configuration and system-management > one, not a defect in operational software. > > Do you recall Google reporting a major penetration that had evidently gone on > for some time? Do you recall reports of user information, identity, and > password information having been stolen from a variety of significant systems. > > The kinds of server based compromises tend to be different. > > Apparently the most profitable attack on clients these days is for co-opting > the clients into zombie armies that can be used in coordinated attacks on > vulnerable systems as well as unwitting hosts for phishing attacks and > distribution of spam. Because thousands of clients are brought under control > in this manner, their botnet services are then hired out to criminals. That > is how scale matters at the client level. > > - Dennis > > -----Original Message----- > From: Tom Davies [mailto:[email protected]] > Sent: Saturday, September 03, 2011 13:47 > To: [email protected] > Subject: Re: [libreoffice-users] Re: JRE older installs - Windows - > nowonline- no need for Oracleaccount > > Hi :) > No, that is the point i am disagreeing with. If Gnu&Linux, Bsd and other > Unix-based OSes were equally vulnerable then we would see a lot more servers > being compromised. Affecting several thousand servers would have a vastly > higher impact then affecting that many desktops wouldn't it? So, why bother > with desktops if servers are just as vulnerable? For the same effort more > data > could be collected and more disruption could be caused by aiming at servers. > So > why bother with creating malware for desktops at all? When not just target > servers? > > > Compare with other sorts of crime. Imagine no corporate crime, no fraud, no > scams just about 50%-20% of everyone getting mugged for loose change on the > way > home a couple of times a year. It's low hanging fruit but just not worth the > investment of time and effort so people go for bigger targets to get more > cash. > Why doesn't this happen with malware? Why not several thousand servers > instead > of just desktops? > Regards from > Tom :) > > > > > ________________________________ > From: David <[email protected]> > To: [email protected] > Sent: Sat, 3 September, 2011 21:11:30 > Subject: Re: [libreoffice-users] Re: JRE older installs - Windows - > nowonline- > no need for Oracleaccount > > On 9/3/2011 4:02 PM, planas wrote: > > BIG <snip> > > <snip /> > > Security by obscurity. So few people use Linux that Linux is not significant > enough > to be of value to the 'bad guys' out there. > > Should Linux ever become common enough that more than about 50 million > people, > [1] in a world of 5 Billion people, use it - then it might become *worth the > effort*. > > What do you think? > > [1] "Linux Counter Summary Report" > > <http://counter.li.org/reports/short.php>
What 'bothers' me about this is the smug that do not accept that this is a real threat to us all. Which was my point. No one is 'bullet proof'. -- David -- For unsubscribe instructions e-mail to: [email protected] Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette List archive: http://listarchives.libreoffice.org/global/users/ All messages sent to this list will be publicly archived and cannot be deleted
