RE: [inbox] Re: CyberInsecurity: The cost ofMonopoly

[Steve Wray <steve.wray () paradise net nz>]

> From: full-disclosure-admin () lists netsys com 
> [mailto:full-disclosure-admin () lists netsys com] On Behalf Of 
> Frank Knobbe
>
> On Mon, 2003-09-29 at 17:24, Rodrigo Barbosa wrote:
[snip]
> In both cases, Windows and Unix, the role of the admin is 
> important. But
> take the admin out of picture for the moment and just compare Unix to
> Windows from an architectural point of view. Let's even overlook those
> default setups (like IIS wide open, or a dozen daemons that don't need
> to be running). Just from an architectural point of view, I claim
> Windows is more vulnerable just due to the immense complexity.

One other thing that makes the windows architecture more vulnerable
to admin slackness is the lack of ability to do effective, bulk,
en masse administration of systems running a windowing operating
system. Its like bondage computing; you are chained to the console
(or something that may as well be the console); you have to wave your
hands at each machine in turn and click the mouse here and there,
that sort of thing. Like training a dog...

Sure, there are unix admins out there who feel that they have to
log into each machine in turn and manually type out the commands
one by one and they may get lazy and just give up, or get distracted
and forget one or two, or make typos, but, and its a big butt too;

In Unix-style OS's this is not encouraged by the architecture.
In Windowing operating systems its virtually a requirement
unless you are a true guru.

Unix style OS's typically have configuration of important security
related features, like eg firewalling, in text files.
Unix style OS's also provide a plethora of tools for manipulating
text files in scripts.
I wish I knew how to use cygwin's sed, grep et al to manipulate the
windows
registry...


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html