Full Disclosure mailing list archives
Re: [inbox] Re: Show me the Virrii!
From: "Exibar" <exibar () thelair com>
Date: Wed, 7 Jan 2004 13:44:57 -0500
----- Original Message ----- From: "Curt Purdy" <techman () inu net> To: "'Exibar'" <exibar () thelair com>; <John.Airey () rnib org uk>; <full-disclosure () lists netsys com> Sent: Wednesday, January 07, 2004 12:18 PM Subject: RE: [inbox] Re: [Full-disclosure] Show me the Virrii!
Exibar wrote:Why do you ultimately blame Windows/DOS for the virus problem? This is simply not true. Are there not SQL worms? Was it not a SQL worm that was the fastest to spread in history? Are there not many Linux worms and viruses, and more being written each day? Are there not viruses and/or worms that exploit Cisco products?Jeeze, you know how many pages I had to delete off the end of this thing? It doesn't take remembering PINE to know how to clean up your act. OK, to business. Your points: the SQL worm exploited ONLY MS SQL. The cisco worm exploited IIS that was the web interface in their DSL routers. Yes, there are a few Linux worms but the numbers are tiny vs. MS. And
that
is NOT because MS is so prevelant, although of course that is a factor as explained in the seminal work "Cyberinsecurity: The Cost of Monopoly".
The
primary reason for so many MS virii is the poorly written code that has evolved into their current elephants of OS's. All is not lost for MS, but it will take a ground-up rewrite to solve the problems. Unfortunately they seem to be taking the opposite tack of
taking
W2K, the best OS they have come up with yet, and folded it into XP, the biggest pile of dog doo since 3.1 and telling customers they can't get 2K even if they prefer it.
I'm in no way saying that Microsoft writes perfect code. Nothing is perfect. My point is simply that if Linux was the preferred OS of millions of people, that the number of Windows "malware" would be much much smaller and the number of Linux "malware" would be at the same number that Windows is currently. It's all a matter of the VX'r getting the most bang for their buck. The poorly written code only makes it easier to write a piece of malware for a closed source program. It's just as easy to write a piece of malware for an open source program. How many Apache bugs were exploited in the past couple months? Quite a few, I'll even bet a dime for a dollar that there have been MORE apache exploits and/or vulns than IIS in the past 4 months.... Most bang for the buck.... Sorry about the pages of quoted old message before guys :-) Exibar _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: Show me the Virrii!, (continued)
- RE: Show me the Virrii! VBuster (Jan 05)
- RE: Show me the Virrii! Richard Gadsden (Jan 06)
- Re: Show me the Virrii! Donze, Erich (Jan 06)
- RE: Show me the Virrii! Elsner, Donald, ALABS (Jan 06)
- RE: Show me the Virrii! John LaCour (Jan 06)
- RE: Show me the Virrii! John . Airey (Jan 07)
- Re: Show me the Virrii! Exibar (Jan 07)
- Re: Show me the Virrii! michael williamson (Jan 07)
- Re: Show me the Virrii! Exibar (Jan 07)
- RE: [inbox] Re: Show me the Virrii! Curt Purdy (Jan 07)
- Re: [inbox] Re: Show me the Virrii! Exibar (Jan 07)
- Re: Show me the Virrii! Exibar (Jan 07)
- Re: Show me the Virrii! Exibar (Jan 07)
- Re: Show me the Virrii! Exibar (Jan 07)
- RE: Show me the Virrii! doyle043 (Jan 07)
- RE: Show me the Virrii! Nick FitzGerald (Jan 07)
- Re: Show me the Virrii! Nick FitzGerald (Jan 07)
- Re: Show me the Virrii! Jeremiah Cornelius (Jan 07)