On 13 June 2012 13:33, Andrew Sullivan <asullivan@dyn.com> wrote:
On Wed, Jun 13, 2012 at 07:55:37AM -0400, Rich Kulawiec wrote:
If popularity were the measure of relative OS security, then we would expect to see infection rates proportional to deployment rates
I don't buy that premise, or at least not without reservation. The OS market happens to be a superstar economy. On desktops and laptops, which still happen to be the majority of devices, the overwhelming winner is Windows. Therefore, if you are going to invest in any product for which you want ubiquitous deployment, Windows is the first platform you aim for. You only aim for the others if you're chasing a niche.
I note also that many so-called operating system vulnerabilities are actually flaws in third-party subsystems like Flash or Java. Unix has traditionally had a better isolation model than Windows and so exploits via these attack vectors would be able to infiltrate the Windows core operating system whereas on Linux or OS-X platforms, the attacks might technically be more limited in their impact - not that this would be much consolation to the end user. Aled