Re: NT vs Unix on the Internet

["Joseph S. D. Yao" <jsdy () cospo osis gov>]

> > One point that has come up is along the lines of `most Internet sites
> > that have been hacked have been running Unix therefore Unix is
> > insecure'.  Can anyone point me to some figures showing what sorts of
> > sites have been broken into and what they were running, compared to
> > the Internet as a whole?

Most criminals executed have been human.  Therefore all humans are
criminals.

Sounds absurd, doesn't it?  I  w i s h  that company execs were forced
to take AND LEARN a course in elementary logic.

Most Internet systems are Unix systems.  Unix' range of securability is
much wider than MS Wind-NT's.  It can be made much more open - great if
the system is not on a network.  It can be made much more secure -
which is desirable for those systems made publicly available on the
Internet.  Unfortunately, some number of Unix systems are thrust on the
Internet without being properly secured.  I think that, considering the
vast number of Unix systems on the Internet, it is encouraging to see
how few have been reported as hacked.

Since MS Wind-NT has been more prevalent on the Internet, hackers have
turned their attentions from Unix [that being the other point: if it's
not there to hack, who wanted to try?] to MSWNT.  They have,
delightedly, pointed out many ways to compromise security and cause the
dread Blue Screen of Death, in even "secured" MSWNT systems.

Don't look for just numbers.  Numbers don't lie; but they don't give
you any meaningful interpretation of themselves.  Look for the meaning
behind the numbers.

--
Joe Yao                         jsdy () cospo osis gov - Joseph S. D. Yao
COSPO Computer Support                                          EMT-A/B
-----------------------------------------------------------------------
This message is not an official statement of COSPO policies.