Scott Francis <darkuncle@darkuncle.net> wrote:
I've been wondering lately, after about 10 years of email worms spreading in exactly the same manner with every incarnation ... why do you think people haven't learned not to open unexpected attachments yet?
Blaming it on end users is one way to look at the problem, but not a way that will result in a solution. You should be wondering, after 10+ years of virus laden MS operating systems, why they haven't fixed this stuff. Similar vulnerabilities in Unix, Mac, and other OS were fixed long ago. They're not patched in Windows because MS doesn't have to. MS doesn't write secure code because they are a monopoly and maintain that status by introducing subtle OS bugs that plague competitive third party applications. They don't publish an API for many of their system calls so nobody can write secure code other than MS themselves. They also run as much of their own software as possible in priviliged mode for performance (to avoid context switching). You'll never seen any real security from this type of business model.
(Note: I really do not want this to degenerate into another rant against vendor M;
Sorry for not sharing your disinterest in the actual reasons we continue to see these viruses and trojans infecting MS and, for all intents and purposes, only MS operating systems. -- Roger Marquis Roble Systems Consulting http://www.roble.com/