Full Disclosure mailing list archives
RE: CyberInsecurity: The cost of Monopoly
From: "Rick Kingslan" <rkingsla () cox net>
Date: Fri, 26 Sep 2003 23:07:14 -0500
Wow. Is this just troll bait (and I succumbed) or have you been watching too many re-runs of the "X-Files"? I'll not argue that the Windows operating systems are the target of the majority of virus', but that's typically what happens when a system is used by a known large group of people that might not be qualified to run a computer, much less secure it. And, regardless of what MS does - I doubt that they can force Mom and Dad to not screw up the security settings (though, the default out of the box sucks anyway). Do you think that virus writers will stop IF Windows ceases to be a target? Or, what seems to be your argument - if the Anti-Virus companies are eliminated, the virus writers are going to just go away, too? "Well, they're not trying to stop us anymore - I guess we should quit trying to wreak havoc and go back to being productive citizens again. Virus writing isn't fun anymore." Yeah - that's going to happen. As a response to open source, bravo. My hat is off to what has been accomplished. But, I'd like to see the same level of success as a secure platform (which, in the hands of someone with no clue how to run it - Linux is insecure, regardless of the out of the box config) when it commands a majority of the desktops. And, I don't care what the platform or OS - nothing is completely secure. Humans write code, humans make mistakes, ergo code has mistakes. Same goes for configuration settings. The 'bad guys' and 'bored kids' are going to target the largest base - and there will always be holes to compromise and exploit. Viruses have never been a threat to Open Source because the target is not yet juicy enough. And, just because I'm really curious, can you provide documentation and detail on the cited 'Microsoft Virus Support(TM)'? I've not heard of this - well, except through your posts. But, I'm open to be educated. -rtk -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Fabio Gomes de Souza Sent: Friday, September 26, 2003 8:07 PM To: Jonathan A. Zdziarski Cc: full-disclosure () lists netsys com; bugtraq () securityfocus com Subject: Re: [Full-disclosure] CyberInsecurity: The cost of Monopoly Destroying the monopoly also lets the World get rid of (Anti)Virus companies, since they are protected by Microsoft Virus Support(TM). Viruses are a threat which has been intentionally neglected by Microsoft since the AntiVirus thing became a business. A BIG business. Imagine if Microsoft removed the Virus Support. Billions of dollars would stop being moved from people's pockets to the software giants. Mega companies would simply disappear from the Market. Hundreds of people would be unemployed. Given the facts, Microsoft is simply UNABLE to fix such vulnerabilities. Vulnerabilities in Microsoft systems can only be fixed before they become a business. This rule has became worst after their antitrust trial. Virues have never been a threat for Open Source systems, since they (viruses) use vulnerabilities that get fixed by users *regardless* of some company liking or not. Diversification and Open Source is the solution for most security threats. These guys have done a GREAT WORK! Best regards, Fábio Gomes de Souza CEO GS2 Tecnologia da Informação Ltda Olinda, Brazil Jonathan A. Zdziarski escreveu:
This was released yesterday just incase nobody noticed. http://www.ccianet.org/papers/cyberinsecurity.pdf Among the authors are Bruce Schnier, Dan Geer, and Charles Pfleeger. Interesting read. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- CyberInsecurity: The cost of Monopoly Jonathan A. Zdziarski (Sep 25)
- RE: CyberInsecurity: The cost of Monopoly Marc Maiffret (Sep 25)
- RE: CyberInsecurity: The cost of Monopoly Richard M. Smith (Sep 25)
- RE: CyberInsecurity: The cost of Monopoly Jonathan A. Zdziarski (Sep 25)
- RE: CyberInsecurity: The cost of Monopoly B.K. DeLong (Sep 25)
- RE: CyberInsecurity: The cost of Monopoly Richard M. Smith (Sep 25)
- Re: CyberInsecurity: The cost of Monopoly Gregory A. Gilliss (Sep 25)
- RE: CyberInsecurity: The cost of Monopoly Mike Hoskins (Sep 26)
- RE: CyberInsecurity: The cost of Monopoly Marc Maiffret (Sep 26)
- RE: CyberInsecurity: The cost of Monopoly Marc Maiffret (Sep 25)
- Re: CyberInsecurity: The cost of Monopoly Fabio Gomes de Souza (Sep 26)
- Re: CyberInsecurity: The cost of Monopoly Paul Schmehl (Sep 26)
- RE: CyberInsecurity: The cost of Monopoly Rick Kingslan (Sep 26)
- RE: CyberInsecurity: The cost of Monopoly Bruce Ediger (Sep 26)
- Re: CyberInsecurity: The cost of Monopoly Matthew Murphy (Sep 27)
- Re: CyberInsecurity: The cost of Monopoly Rodrigo Barbosa (Sep 27)
- RE: [inbox] Re: CyberInsecurity: The cost of Monopoly Curt Purdy (Sep 28)
- Re: [inbox] Re: CyberInsecurity: The cost of Monopoly Kristian Hermansen (Sep 28)
- Re: [inbox] Re: CyberInsecurity: The cost of Monopoly Gregory A. Gilliss (Sep 29)
- Re: [inbox] Re: CyberInsecurity: The cost of Monopoly Valdis . Kletnieks (Sep 30)
- Re: [inbox] Re: CyberInsecurity: The cost of Monopoly Rodrigo Barbosa (Sep 29)
- Re: CyberInsecurity: The cost of Monopoly Gregory A. Gilliss (Sep 26)
- RE: CyberInsecurity: The cost of Monopoly Rick Kingslan (Sep 27)