[Gllug] hello
Bruce Richardson
itsbruce at workshy.org
Wed Aug 11 12:23:12 UTC 2010
On Wed, Aug 11, 2010 at 12:33:35PM +0100, John wrote:
>
> Surely the majority of servers as Linux ones, not Windows. If writing
> viruses was a numbers game then we should see more Linux server viruses
> than Windows ones.
The primary vector for malware is the desktop, not the server. If your
office Windows servers are compromised, it's probably because of an
attack launched from a compromised desktop.
>
> A better explanation is that Linux, like Unix before it, was designed
> as a multi-user networked OS. Windows, on the other hand, was designed
> as a straightforward, standalone, single-user OS (something that I
> think it does quite well). The difference, then, is that security is
> built into the basics of Linux, whereas it's had to be bolted onto
> Windows,
That's not entirely accurate. Modern Windows OSen derive from Windows
NT, not 9x; NT was designed from the start to be a multiuser OS and
its security model, even before Active Directory, was more complex and
sophisticated than that of Linux. Much Linux advocate dissing of
Windows is based on the 9x heritage and uttered in ignorance of the
capabilities of the NT-based product line.
That said, the grafting of the 9x UI and userspace onto the NT base
wasn't done well, with the compromises made to satisfy home users and
"power users" (aka "arseholes with red braces") having caused particular
problems. UAC has actually made things worse; it's annoying enough to
make most users want to turn it off, some of it's design decisions force
you to grant programmes escalated privileges when you don't want to
(http://www.zdnet.com/blog/security/hacker-microsoft-duke-it-out-over-vista-design-flaw/29)
and the whole technology does seem to have been developed with the
attitude that the desktop user is the ultimate decision-maker, leaving
too many ways for malware to escalate privileges.
--
Bruce
Remember you're a Womble.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 204 bytes
Desc: Digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20100811/52934695/attachment.pgp>
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list