| Bob Hoekstra 2004-10-25, 8:55 pm |
| Stefano Lanzavecchia wrote:
>
>
> If you try hard enough you'll find that many e-mail readers can be forced to
> do that. Microsoft is not the only software producer whose products contain
> code that suffers from buffer overflow exploits. Microsoft is only the most
> targeted because it's the most popular. If one day Solaris dominated the
> market you can rest assured that hackers would find it much more interesting
> for their games. And would discover many interesting ways to make
> everybody's lives a bit miserable.
> If one runs a web server written in APL, he won't fall prey of all the IIS5
> exploits. But if somebody wanted to ruin his day it wouldn't take long to
> discover ways for this to happen.
Aaarrggghhhh!!!! Bollocks Stef.
1. Microsoft was the one that started this whole business of automatic execution of
content in emails. They were convinced that the average user wanted the convenience
and disregarded the warnings that they were given by many people. I know of no other
company (I may be wrong) who produce email readers that will, by default, execute any
damn thing that is presented to it. Not content with that, this blanket
execution-by-default was also included in word processors, spreadsheets, etc without
any thought given to security. Bloody ridiculous. Only relatively recently have a
rash of security patches come out. Amazing how they are now the company seen as
"security aware" when they caused problems that they were warned about repeatedly.
2. Microsoft operating systems are targeted most frequently by crackers (not hackers)
is because they are the easiest to break into. In fact, the majority of these
breakins are performed by script kiddies. As far as larger web sites (and email
servers, ftp servers, etc) go, UNIX-like operating systems _do_ dominate: only Mickey
Mouse web sites (and desk tops) run on Mickey Mouse operating systems. Plenty of
people attack UNIX-based sites. Their success rate is lower because UNIX is
inherently more secure/stable/whatever. To illustrate this, NovaWeb's 3 (Solaris) web
servers have now been running for 917, 843 and 232 days (the last was a controlled
shutdown, not a system failure, to replace a failed disk). During that time we have
not had a single successful attack or any other stop or delay in our service. We have
had many hits.
3. If you run ANY web server other than IIS (whatever version) you won't fall prey to
IIS (whatever version) exploits. I have been running apache for years and have never,
AFAIK, fallen prey to any exploit. True, I'm not a prime target, but my web server
was getting hit by many of the viruses that have spread havoc amongst PCs over the
last few years, at one point to the tune of several hundred hits per day, without any
concern on my part other than the size of the log files.
4. We always get around to the same thing. Try reading the "In This Issue" of the Dec
2003 ;login: (http://www.usenix.org/publications/...3-12/index.html),
particularly from the CyberInsecurity section on page 3, for the scary truth about
Windows, Microsoft, and Security. This is an unbiased editorial.
Now please reread my previous posting. I have no intention of turning this into yet
another tiresome argument, but I have to respond to blatant ignorance.
Bob H
--
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GO/! d- s++:+ a+ C++(++++) US++++$ UB++ U*++ P+++ L+++ E--- W+++ N++ w--- O-
M+ V- PS+ PE+ Y+ PGP t+ 5++ X R* tv+ b+ DI++ D G e(*) h++/-- r+++ y?
------END GEEK CODE BLOCK------
-----------------------------------------------------
Bob Hoekstra: APL & Unix Consultant
Telephone: +44 1483 771028
Mobile: +44 7710 562345
Email: Bob.Hoekstra@HoekstraSystems.ltd.uk
-----------------------------------------------------
|