Mircosoft Vs. Linux & Mac OSX
Results 1 to 4 of 4

Thread: Mircosoft Vs. Linux & Mac OSX

  1. #1
    The Recidivist
    Join Date
    Nov 2002
    Posts
    460

    Mircosoft Vs. Linux & Mac OSX

    Just a link that was brought up in Unerror Irc ( irc.unerror.net) that some peeps here might find a good read.
    Its a article on why Linux is actually quite better and the reasons why concerning virus.

    http://www.theregister.co.uk/content/56/33226.html

    hjack
    "Where the tree of knowledge stands, there is always paradise": thus speak the oldest and the youngest serpents.
    - Friedrich Nietzsche

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Interesting read. But there are some falicies in some of the statements. One that struck me was this one:

    First, look at the two factors that cause email viruses and worms to propagate: social engineering, and poorly designed software. Social engineering is the art of conning someone into doing something they shouldn't do, or revealing something that should be kept secret. Virus writers use social engineering to convince people to do stupid things, like open attachments that carry viruses and worms. Poorly designed software makes it easier for social engineering to take place, but such software can also subvert the efforts of a knowledgable, security-minded individual or organization.
    Yes and no. Social engineering relies on the gullibility of the user. Software works the way it was designed. If the user doesn't pay attention to that, then how is it the software's fault? If I'm root (and one of the things assumed in this article is that all *nix users use regular accounts, not root -- ya. Right.) and I type rm -rf * from /, the software isn't at fault. I am for being that stupid to do it. I've heard of *nix people, specifically newer users, making this mistake because they haven't taken the time to learn.

    I've found that as I look at the computing community these days and the OSes I teach (and what the students expectations are) I find that more and more people want things easy. They want a recipe on howto; what they don't want is to be told "Go look it up yourself". The idea of understanding things is too much either due to information overload, work overload or plain laziness.

    The other area that strikes me as a bit to "assuming" (I couldn't think of a better word):

    The final reason why social engineering is easier in the Windows world is also an illustration of the dangers inherent in any monoculture, whether biological or technological. In the same way that genetic diversity in a population of living creatures is desirable because it reduces the likelihood that an illness - like a virus - will utterly wipe out every animal or plant, diversity in computing environments helps to protect the users of those devices.

    Linux runs on many architectures, not just Intel, and there are many versions of Linux, many packaging systems, and many shells. But most obvious to the end user, Linux mail clients and address books are far from standardized.
    Monoculture in anything is not good. Diversity adds so much. But Windows isn't the only OS to suffer monoculture. It probably has the largest and most significant monoculture but there is a fair amount of monoculture in *nix as well. 60%+ of web servers are... Apache. We see more and more usage of PHP, MySQL, phpBBS (or whatever it's called), Sendmail, BIND (heck, that's what... 97%?).

    I think it's far more dangerous to just sit there and point fingers around as to who suffers more than to look within what we use and solve the problems there. Yes, there are fewer viruses in *nix environments. But there also tends to be more worms and more "attacker" attempts. Just because the attacks are different, doesn't mean that my OS will automatically be secure because it's got *nix or *nux at the end.

    That will be up to me and what I'm willing to understand and learn.

    Anyhoo, that's my two cents..
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    Banned
    Join Date
    Apr 2003
    Posts
    1,146
    I have to agree with MsMittens. There are (much more than some) fallacies in the arguments. I was struck by:

    Further, due to the strong community around Linux, new users will receive education and encouragement in areas such as email security that are currently lacking in the Windows world, which should help to alleviate any concerns on the part of newbies.
    Yeah, right! A new Linux install can survive on the net about 5 minutes before being taken over, unless it has been adequately secured prior to being hooked up. The average user won't know what to do when installing Linux (any distro) for the first time to prevent this. There is no way I would encourage any but a very few of the users I'm acquainted with to install Linux. I certainly don't have time to hold their hands through it and all the other issues associated with it. So, like just where will this education and encouragement come from????

    I'm waiting for a really nasty (Next/BSD)-style virus/worm to hit Macs. I get so many Mac users who say "Macs are so secure, we don't need antivirus or firewall software like Windows machines." If someone is looking to do a lot of damage to day, they have a whole new pack of almost completely unprotected systems to nail with the Mac OSX.

  4. #4
    Junior Member
    Join Date
    Jun 2003
    Posts
    12
    Originally posted here by MsMittens

    Yes and no. Social engineering relies on the gullibility of the user. Software works the way it was designed. If the user doesn't pay attention to that, then how is it the software's fault? If I'm root (and one of the things assumed in this article is that all *nix users use regular accounts, not root -- ya. Right.) and I type rm -rf * from /, the software isn't at fault. I am for being that stupid to do it. I've heard of *nix people, specifically newer users, making this mistake because they haven't taken the time to learn.
    Reminds me of the quote I have on my office door at work:

    "Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning."
    --- Rich Cook

    As a "software engineer", one of the more frustrating aspects of programming is trying to anticipate how end users will use (or misuse) a program, and then trying to prevent abuse or unintentional misuse of said program. Of course, it is impossible to anticipate EVERY possible scenario, so we usually limit ourselves to the ones that QA discovers.

    I know this is a bit off the topic of the original thread, but what you said really made me start thinking about how responsibility isn't really properly assigned when someone makes a mistake while using software, either out of ignorance or intentional misuse. It seems to me that I find myself asking the question, "why is it my responsibility to save end-users from themselves?" It's like I'm reduced to being a baby-sitter, not a software engineer . . . .

    From a security standpoint, I'm certainly all for preventing abuse of any code that I write, but I would certainly like to see more emphasis on individual responsibility for how that code is used.

    Oh well . . .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •