nanog mailing list archives
Re: EBAY and AMAZON
From: Doug Barton <dougb () dougbarton us>
Date: Wed, 13 Jun 2012 06:17:28 -0700
On 06/13/2012 04:55 AM, Rich Kulawiec wrote:
But we don't. For example, passive OS fingerprinting of about a decade's worth of spam-spewing botnets indicates that they are running Windows to at least six 9's, quite possibly more -- which is a markedly higher fraction than we would expect if this hypotheis were true. Windows is not attacked because it's the most popular. Windows is attacked because it's the weakest.
Mostly right, except that it is really a weighted average of factors including installed base (read, popularity), likely success of the infection, likelihood of the infection being successfully detected by the user, likelihood of the infection being removable, overall utility of the system to the spammer once it is infected ... I'm probably forgetting a few things. But your basic point, it's not just about the popularity, is sound. The cautionary tale is that merely improving one of those factors isn't going to get the job done. Doug
Current thread:
- RE: EBAY and AMAZON, (continued)
- RE: EBAY and AMAZON Jamie Bowden (Jun 12)
- Re: EBAY and AMAZON Gary Buhrmaster (Jun 12)
- Re: EBAY and AMAZON Barry Shein (Jun 13)
- Re: EBAY and AMAZON Dave Hart (Jun 13)
- Re: EBAY and AMAZON Barry Shein (Jun 13)
- RE: EBAY and AMAZON Keith Medcalf (Jun 13)
- Re: EBAY and AMAZON Rich Kulawiec (Jun 13)
- vulnerability and popularity (was: EBAY and AMAZON) Andrew Sullivan (Jun 13)
- Re: vulnerability and popularity (was: EBAY and AMAZON) Aled Morris (Jun 13)
- Re: vulnerability and popularity (was: EBAY and AMAZON) Owen DeLong (Jun 13)
- Re: EBAY and AMAZON Doug Barton (Jun 13)
- Re: EBAY and AMAZON Jimmy Hess (Jun 12)
- Re: EBAY and AMAZON JC Dill (Jun 13)
- Re: EBAY and AMAZON valdis . kletnieks (Jun 13)
- Re: EBAY and AMAZON Jeroen van Aart (Jun 14)