Ehren Benson wrote:
> I am of course being OS Agnostic here, but any OS is only as secure as its user. It's not Microsoft's or anyone else's responsibility to make it so that all attempts by end users to make their machine as insecure as possible by being ignorant fail.
>
> In our department in the past the number of machines compromised have been probably 8 to 1 Linux due to people being irresponsible with their root password.
>
How do you say "I am of course being OS Agnostic here" and then go on to
compare Windows and Linux compromises, attempting to make Windows sound
better...???
I don't know that I agree with Steve about "the builders are to blame."
If my machine gets compromised I blame myself in the majority of
situations. 0sec/0day exploits are another story altogether...
But the problem you make sound like a bigger issue on Linux is EXACTLY
the same problem that is a *HUGE* deal on Windows. When you install
Windows, or when you load it for the first time on your newly purchased
computer the default account no matter what its called has Administrator
privileges. And since there are [let me pull a number out of thin air
here] 100 times more Windows machines as there are Linux machines, I see
it as a 100 times bigger problem. Albeit the same problem, but its the
scope that is worse. That is how you get these zombie/bot networks.
I don't doubt for a minute that there are zombie networks comprised of
Unix boxen, but I highly doubt there are 100s if not 1000s of zombified
unix networks like you have with Windows. And that's just simply
because as I said there are X number more Windows machines in existence
than there are Unix. Having said that I guess I can see why Steve says
"the builder is to blame." Or at least the realtor (marketing
department) who works for the builder.
At any rate, the blame is probably almost always going to lie in several
places not just the end user and not just Windows or Linux or OSX or
_Whatever_OS and furthermore most people aren't going to blame
themselves anyway. As a generality "users" are almost always out of
their element, they often carry a "well I didn't think that could happen
to me" attitude. Hell, even I carry that attitude and I know better!
*frustrated with your post*
./brm - a windows admin stuck inside a unix admin's body
(P.S. It has been awhile since I've installed a fresh Linux box, but it
seems like they typically make you create a non-root user during the
install.)
(P.P.S. I am currently running NO anti-virus software on my Vista
machine. Nor have I been running any for a few months. I know who to
blame if/when I get a virus, *me*)
|