Firewall Wizards mailing list archives
Re: Worms, Air Gaps and Responsibility
From: Gwendolynn ferch Elydyr <gwen () reptiles org>
Date: Fri, 7 May 2004 12:51:27 -0400 (EDT)
On Fri, 7 May 2004, Devdas Bhagat wrote:
Just because the exploits will come in faster, does not mean that they will all have the same targets numerically. One enterprise can standardise on a specific distribution and version. The next enterprise may choose something else. All that is needed is that they can exchange data in some standardised format(s).
"All" is an impressive way of trivializing something which isn't at all straightforward. I think that we can all think of "standards" which are fascinating in their implementation. As an example, OpenOffice just finished opening up a Word document for me - and disposing of all of the images, tables, and formatting in the document... "exchange data"? Maybe. Beyond that, your arguement that it's better to run more obsure software, since fewer miscreants will write exploits for it seems like a rewording of "Well - if they can't see it, they won't exploit it" - and we all know how well relying on security through obscurity works.
And these will be targets only if they are all compiled to the same binary. Desktops need not be running any services either. Additionally, you can put a firewall on each desktop that restricts communication to specific hosts and ports.
Uhhhh. I'm not at all sure how you've managed to presume that binaries must be identical in order to be successfully exploited. That misses out on an astounding number of possible issues.
Again, look at the roles played by the two systems. If they were in the same application space, then a comparison could be valid. How many attacks occur against MS Windows servers as against MS Windows desktops? Most of the worms hit *desktops*. How many corresponding attacks have their been against Linux desktops?
If they were in the same application space, you'd have to talk about the same classes of application and functionality, as well. You'd also have to address the range of users treating their computer as a dumb toaster, and paying about the same attention to the security of their computer as they pay to the security of their toaster. Linux is by-and-large an enthusiasts desktop - you have to be enthused to slog through the various "features" ;> That means that your average Linux user is more likely to be informed about the potential issues with their desktop than the average windows user. If you had the same distribution of uneducated users running linux, I think your arguement would fail. [0]
While recommending moving away from Windows might represent a security ploy in the short term, the long term costs would be prohibitive for larger organizations that move away, and then move back, to Microsoft.Not necessarily. Not everyone needs to move to RedHat. There are also other players in the same space including but not limited to SuSE (now Novell), Mandrake, Debian and its spinoffs, Gentoo, FreeBSD (not a Linux distribution, but still in the same category), Sun's Java desktop.....
Uh... I think you're misreading ;> That wasn't "everybody move to RedHat". It was "changing your OS regularly for security reasons is an untenable model". cheers! [0] ... and really - any arguement that says "Technology <foo> will solve all your problems" is disingenious ========================================================================== "A cat spends her life conflicted between a deep, passionate and profound desire for fish and an equally deep, passionate and profound desire to avoid getting wet. This is the defining metaphor of my life right now." _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Worms, Air Gaps and Responsibility, (continued)
- Re: Worms, Air Gaps and Responsibility George Capehart (May 07)
- RE: Worms, Air Gaps and Responsibility Marcus J. Ranum (May 06)
- Re: Worms, Air Gaps and Responsibility Crispin Cowan (May 07)
- Re: Worms, Air Gaps and Responsibility Paul D. Robertson (May 07)
- Re: Worms, Air Gaps and Responsibility Gwendolynn ferch Elydyr (May 07)
- Re: Worms, Air Gaps and Responsibility Paul D. Robertson (May 07)
- Re: Worms, Air Gaps and Responsibility Bennett Todd (May 07)
- Re: Worms, Air Gaps and Responsibility Devdas Bhagat (May 07)
- Re: Worms, Air Gaps and Responsibility Gwendolynn ferch Elydyr (May 07)
- Re: Worms, Air Gaps and Responsibility Devdas Bhagat (May 07)
- Re: Worms, Air Gaps and Responsibility Adam Shostack (May 07)
- Message not available
- RE: Worms, Air Gaps and Responsibility Marcus J. Ranum (May 07)
- RE: Worms, Air Gaps and Responsibility Gwendolynn ferch Elydyr (May 10)
- RE: Worms, Air Gaps and Responsibility Victor Williams (May 11)