Re: DDOS attack Microsoft

From: Jean-David Beyer (jdbeyer_at_exit109.com)
Date: 09/08/03


Date: Mon, 08 Sep 2003 06:53:51 -0400

User wrote:

>> Yes it is. I know LOTS of people who run linux, and they never have
>> any problems.
>>
>> I know lots of people that run M$ and they are ALWAYS having
>> problems.
>>
>> Sorry, but I trust the evidence of my experience over any alleged
>> evidence provided by a M$ weenie.
>>
>>
>> M$ users are to computers what Bush it to terrorism:
>>
>> Their take on the subject is worthless.
>
>
> This kind of comment only demonstrates you perceptions and biases.
> Your ego at your ability is more than a match for windows users.
> Deriding others does not prove your point.
>
> Tell me what is inherent in the security model used in Linux that
> makes it so much better than windows NT, 2000 etc
>
I think the main thing in the security model _that is fairly obvious_ is
that users are segregated from one another by the OS so no user can
affect another (except denial of service which seldom affects security,
but causes only inconvenience) unless the affected user arranges this in
advance.

So, for example, if I download an e-mail with a virus in it and it was
targetted at UNIX or Linux machines by not being some .exe file, I might
screw myself up, but no one else. Only if I am so stupid as to run
download programs as root, including ftp, web browser, e-mail, etc.,
programs, would I be endangered. Unlike Microsoft Windows where everyone
is root all the time (at least in the systems I have seen). This may not
apply to newer versions of Microsoftware, if it can be configured to
separate users in a foolproof manner.

It _is not so obvious_, though I believe it, that in the Linux
development community, the code is not changed each year for marketing
reasons so the stuff never remains the same long enough for the bugs to
be worked out. Instead, the code is changed mainly for performance or
security reasons (exceptions, of course).

It _is a matter of faith_, to me at least, that having the code open
source means the temptation to provide security-by-obscurity is reduced,
that more eyes ensure higher level of scrutiny, etc. But while this is
true enough in principle, I do not really know if more intelligent eyes
actually scrutenize the code: I sure do not. And I doubt that the
programmers at Microsoft are stupid or anything; they are probably well
educated (academically, at least) and may be highly motivated to do good
work as well. It seems to me that the development environment there, for
marketing and perhaps legal reasons, is just not conducive to writing
good secure software.

Also, though I have not studied the Microsoft software code, it seems
reasonable to assume that the Linux code is constructed better in that
concerns are separated and information is hidden better and this tends
to reduce complexity and reduce errors. Lumping the windowing system in
with the kernel may increase speed of execution slightly, though unless
the code is deliberatly constructed to ensure high locality (reduce
working set size), this may be illusury. Gawd only knows what possible
benefit there could be by kludging the web browser in there other than
to enable violating the spirit of anti-trust rulings against the company
without, seemingly, violating the letter.

-- 
   .~.  Jean-David Beyer           Registered Linux User 85642.
   /V\                             Registered Machine    73926.
  /( )\ Shrewsbury, New Jersey     http://counter.li.org
  ^^-^^ 6:35am up 17 days, 16:01, 2 users, load average: 2.28, 2.24, 2.15