On Tue, Jun 12, 2012 at 11:44:44AM +0000, Jamie Bowden wrote:
While MS may be a favorite whipping boy, let's not pretend that if the dominant OS were Apple or some flavor of *nix, things would be any better.
I've heard this argument many times, and I reject it this time as I have before. If popularity were the measure of relative OS security, then we would expect to see infection rates proportional to deployment rates: thus if operating systems A, B and C respectively accounted for 85%, 10%, and 5% of deployments, we should see those numbers reflected in infection rates. But we don't. For example, passive OS fingerprinting of about a decade's worth of spam-spewing botnets indicates that they are running Windows to at least six 9's, quite possibly more -- which is a markedly higher fraction than we would expect if this hypotheis were true. Windows is not attacked because it's the most popular. Windows is attacked because it's the weakest. (And yes, if it instantly disappeared -- oh happy day! -- the next-most-weakest would take its place, but at least we would have incrementally improved the state of security.) ---rsk