 |
 |
Ehren Benson wrote: > I am of course being OS Agnostic here, but any OS is only as secure as its user. It's not Microsoft's or anyone else's responsibility to make it so that all attempts by end users to make their machine as insecure as possible by being ignorant fail. > > In our department in the past the number of machines compromised have been probably 8 to 1 Linux due to people being irresponsible with their root password. > How do you say "I am of course being OS Agnostic here" and then go on to compare Windows and Linux compromises, attempting to make Windows sound better...??? I don't know that I agree with Steve about "the builders are to blame." If my machine gets compromised I blame myself in the majority of situations. 0sec/0day exploits are another story altogether... But the problem you make sound like a bigger issue on Linux is EXACTLY the same problem that is a *HUGE* deal on Windows. When you install Windows, or when you load it for the first time on your newly purchased computer the default account no matter what its called has Administrator privileges. And since there are [let me pull a number out of thin air here] 100 times more Windows machines as there are Linux machines, I see it as a 100 times bigger problem. Albeit the same problem, but its the scope that is worse. That is how you get these zombie/bot networks. I don't doubt for a minute that there are zombie networks comprised of Unix boxen, but I highly doubt there are 100s if not 1000s of zombified unix networks like you have with Windows. And that's just simply because as I said there are X number more Windows machines in existence than there are Unix. Having said that I guess I can see why Steve says "the builder is to blame." Or at least the realtor (marketing department) who works for the builder. At any rate, the blame is probably almost always going to lie in several places not just the end user and not just Windows or Linux or OSX or _Whatever_OS and furthermore most people aren't going to blame themselves anyway. As a generality "users" are almost always out of their element, they often carry a "well I didn't think that could happen to me" attitude. Hell, even I carry that attitude and I know better! *frustrated with your post* ./brm - a windows admin stuck inside a unix admin's body (P.S. It has been awhile since I've installed a fresh Linux box, but it seems like they typically make you create a non-root user during the install.) (P.P.S. I am currently running NO anti-virus software on my Vista machine. Nor have I been running any for a few months. I know who to blame if/when I get a virus, *me*)