Firewall Wizards mailing list archives
Re: Worms, Air Gaps and Responsibility
From: Adam Shostack <adam () homeport org>
Date: Fri, 7 May 2004 14:35:40 -0400
On Fri, May 07, 2004 at 10:51:22AM -0400, Melson, Paul wrote: | > -----Original Message----- | > The Windows v. Linux security debate isn't about inhernet | > security issues, its about total attack surface. The per | > capita attack surface on Windows OSs continues to decrease | > while the Linux systems seem to stay about the same. But | > the aggregate attack surface for Windows systems is much | > higher because of their market penetration. I do expect | > the market penetration for Linux systems to increase in | > the next 5-10 years where its aggregate attack surface | > will be much larger than Microsoft's . | The issue, simply put, is that Microsoft products make use of a large | amount of shared code both at build time and at run time. Microsoft has | used this model to streamline the user interface and the result has been | products that appeal to end users and businesses for their flexibility | and ease of use. Microsoft is not alone in this, and it is not an | inherently "bad" model of software development. However, while it can | yield better performance and interoperability, historically, it has also | been linked to both stability and security problems. [...] | But what I do know is the end result appears to be that the shared code | paradigm used by Microsoft results in a vuln-to-vector ratio that is | geometrically greater than that of the compartmental development | paradigm. We have seen first-hand over the past year how a single flaw I don't think this analysis goes far enough. I think the core problem is that Microsoft tends towards high network exposure in ways that are very hard to fix. The number of things that run over 137/139 is way too high. You turn on IIS, you get FTP and gopher. Your email program is a web browser. So's your word processor. Your spreadsheet contains a networked first person flyer. (Ok, so I exaggerate slightly for effect.) The point is that Microsoft systems have, historically, had a much, much broader attack surface, which is less configurable than UNIX systems. And this makes them easier to attack. The shared code base is a mixed blessing: on the one hand, if they could get a web browser right, doing that once is cheaper than doing it 4 times. But getting web browsers "right" seems to be a hard problem, and the open source community hasn't done it either. Adam _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Worms, Air Gaps and Responsibility, (continued)
- Re: Worms, Air Gaps and Responsibility Paul D. Robertson (May 07)
- Re: Worms, Air Gaps and Responsibility Bennett Todd (May 07)
- Re: Worms, Air Gaps and Responsibility Patrick M. Hausen (May 05)
- RE: Worms, Air Gaps and Responsibility Thomas W Shinder (May 07)
- Re: Worms, Air Gaps and Responsibility Devdas Bhagat (May 07)
- Re: Worms, Air Gaps and Responsibility Gwendolynn ferch Elydyr (May 07)
- Re: Worms, Air Gaps and Responsibility Devdas Bhagat (May 07)
- Re: Worms, Air Gaps and Responsibility Devdas Bhagat (May 07)
- RE: Worms, Air Gaps and Responsibility R. DuFresne (May 07)
- RE: Worms, Air Gaps and Responsibility R. DuFresne (May 07)
- RE: Worms, Air Gaps and Responsibility Melson, Paul (May 07)
- Re: Worms, Air Gaps and Responsibility Adam Shostack (May 07)
- Message not available
- RE: Worms, Air Gaps and Responsibility Marcus J. Ranum (May 07)
- RE: Worms, Air Gaps and Responsibility Gwendolynn ferch Elydyr (May 10)
- RE: Worms, Air Gaps and Responsibility Victor Williams (May 11)
- RE: Worms, Air Gaps and Responsibility Paul D. Robertson (May 12)
- RE: Worms, Air Gaps and Responsibility Paul D. Robertson (May 13)