On Thu, 09 Dec 2010 06:45:45 EST, Rich Kulawiec said:
I've been studying bot-generated spam for most of the last decade, and to about 6 nine's, it's all been from Windows boxes. (The rest? A smattering of "indeterminate" and various 'nix systems including MacOS.)
The botnet problem is a Microsoft problem.
If it's a Flash exploit, and the miscreants only do a Windows version because that gets them 85% of the targets and they feel the effort of creating a Mac/ Linux version isn't worth the incremental 15%, then you'll only see hits from Windows boxes. But how does that make it a Microsoft problem? You don't see spam from many Linux boxes because there aren't enough Linux boxes to make it cost-effective to develop malware for. If you need 5,000 bots, it's easier to find 5,000 Windows targets than finding 5,000 Linux targets. And the reason you don't see worms that target Z/OS or VMS or Irix isn't because of their inherent security. The only way you'll get it to be a non-Microsoft problem is by changing the playing field enough so that OSX and Linux and others have enough market share that targeting just Windows is a losing strategy. Good luck with that. Meanwhile, ponder what I mentioned in a previous mail - Windows is *already* close to "as secure as you can sell to an end user". Consider these Google results for SELinux: SELinux howto - about 96,900 results SELInux disable - about 178,000 results SELinux turn off - about 199,000 results It's pretty obvious that there is a point where most users won't put up with the inconvenience of security, and SELinux is already on the far side of it, even for the probably-more-technical users of Linux. How are you going to sell similar hardening to Joe Sixpack, given that most of the hardening will result in either additional "are you sure?" pop-ups or breakage of things they bought the computer to do? The first time a user gets fragged in WoW or other game because the security threw up a pop-up at an inopportune time, that user *will* look for a way to turn the security off.