Re: EBAY and AMAZON
(Sorry for the top post. Mail client is being obnoxious.) Why? The prevalence of malware for a given OS is going to, generally, be a matter of most return for least work. If you're writing malware to steal credit card numbers, say, you're much better served writing it for Windows than you are OSX or Linux, even if it were slightly more difficult to do, because that will get you the largest number of card numbers, simply because more people use Windows. It's generally safe to assume that malware writers want to target as many machines as possible, thus they will focus on Windows, reg ardless of the relative ease or difficulty of the other platforms. There is no reason to believe that the platform distribution of malware would have a linear relationship with general usage rates or ease of exploitation, given the motivations and methods involved. --- Harrison ----- Original Message ----- From: Rich Kulawiec Sent: 06/13/12 06:55 AM To: nanog@nanog.org Subject: Re: EBAY and AMAZON On Tue, Jun 12, 2012 at 11:44:44AM +0000, Jamie Bowden wrote: > While MS may be a favorite whipping boy, let's not pretend that if the > dominant OS were Apple or some flavor of *nix, things would be any better. I've heard this argument many times, and I reject it this time as I have before. If popularity were the measure of relative OS security, then we would expect to see infection rates proportional to deployment rates: thus if operating systems A, B and C respectively accounted for 85%, 10%, and 5% of deployments, we should see those numbers reflected in infection rates.
On 13/06/12 5:17 AM, Astro Dog wrote:
(Sorry for the top post. Mail client is being obnoxious.)
Why? The prevalence of malware for a given OS is going to, generally, be a matter of most return for least work. If you're writing malware to steal credit card numbers, say, you're much better served writing it for Windows than you are OSX or Linux,
Really? I'm positive that there are far more credit card numbers stored on various flavors of *nix systems (web servers) than windows systems. And you only have to crack one to get a plethora of credit card numbers. If both flavors were equally easy to exploit, according to your theory above we would see more exploits on the *nix servers. Yet server-side exploits are seen on Windows servers far more often than *nix servers, despite the fact that more web pages are served by *nix servers than Windows servers. I'm really surprised to see this "Windows is more popular, that's why it's exploited more often" misinformation being spewed on a technical list like NANOG. I thought people here had more clue. jc
On Wed, 13 Jun 2012 11:08:25 -0700, JC Dill said:
If both flavors were equally easy to exploit, according to your theory above we would see more exploits on the *nix servers. Yet server-side exploits are seen on Windows servers far more often than *nix servers, despite the fact that more web pages are served by *nix servers than Windows servers.
I suspect the *real* issue is that for really large systems, it's not so much "exploits" as "one-off customized attacks". The chances of pwning Bank of America with an off-the-shelf attack are pretty low - but finding a blind SQL injection and leveraging it are a bit higher. And given all the 'XYZ got pwned' news stories, I suspect that in fact the *nix boxes *are* being attacked - just not with COTS attack tools.
JC Dill wrote:
I'm really surprised to see this "Windows is more popular, that's why it's exploited more often" misinformation being spewed on a technical list like NANOG. I thought people here had more clue.
I don't think a individual opinion is representative for the whole 10000+ (?) member list. Besides there were very knowledgeable people expressing the opposite view. And this is a network operators list. I figure the subject of operating system security is less prevalent on here than it would be on a systems administrator list (is there one like nanog?), and compared to, say, IPv6 :-) For the record I too do disagree wholeheartedly with the "Windows is more popular, that's why it's exploited more often" sentiment. It is patently untrue which others already explained rather well. Greetings, Jeroen -- Earthquake Magnitude: 3.5 Date: Thursday, June 14, 2012 06:25:03 UTC Location: Central Alaska Latitude: 63.1165; Longitude: -151.8971 Depth: 4.10 km
participants (4)
-
Astro Dog
-
JC Dill
-
Jeroen van Aart
-
valdis.kletnieks@vt.edu