Re: Security through wide system use?

From: James Riden (j.riden_at_massey.ac.nz)
Date: 12/23/03

• Next message: Dale Dellutri: "Re: Security through wide system use?"
• Previous message: €®ik: "Re: Security through wide system use?"
• In reply to:(deleted message) Leythos: "Re: Security through wide system use?"
• Next in thread: Leythos: "Re: Security through wide system use?"
• Reply:(deleted message) Leythos: "Re: Security through wide system use?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 24 Dec 2003 07:43:42 +1300

Leythos <void@nowhere.com> writes:

> In article <3140c7c0.0312230212.d87f86b@posting.google.com>,
> mccall@h2o.demon.co.uk says...
>> Hi Folks,
>>
>> This isn't intended to be a troll, and I am not trying to start a
>> flame... but...
>>
>> I received an email today from my manager pointing me to an article on
>> news.com.com[1] that states Windows gets hacked more because its
>> popular, and Linux isn't as popular so it doesn't get targeted as
>> much.
>
> In my experience, with both platforms (and several others) this is 100%
> correct. If you consider the number of installed systems, the math
> works,

There are a lot of problems with developing a rigorous mathematical
argument in this area. One thing is, no one knows the number of
installed systems on either side. No one even has a very good idea of
the error in their estimates.

Are you counting number of machines compromised, or potential
root/system exploits? Is a 'theoretical' SSL flaw on UNIX worse than
the widespread RPC flaws in Windows 2000/XP ? If so, how much worse?

IIRC Apache is about twice as popular as IIS (see Netcraft
surveys). Does it get compromised twice as often?

If it was really this simple, I could just port all our code, to say
HPUX 9.0 and take the rest of my career off.

cheers,
 Jamie

-- 
James Riden / j.riden@massey.ac.nz / Systems Security Engineer
Information Technology Services, Massey University, NZ.
GPG public key available at: http://www.massey.ac.nz/~jriden/

---

• Next message: Dale Dellutri: "Re: Security through wide system use?"
• Previous message: €®ik: "Re: Security through wide system use?"
• In reply to:(deleted message) Leythos: "Re: Security through wide system use?"
• Next in thread: Leythos: "Re: Security through wide system use?"
• Reply:(deleted message) Leythos: "Re: Security through wide system use?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Security through wide system use? ... >> popular, and Linux isn't as popular so it doesn't get targeted as ... If you consider the number of installed systems, ... the widespread RPC flaws in Windows 2000/XP? ... Does it get compromised twice as often? ... (comp.os.linux.security) Re: Security through wide system use? ... >> popular, and Linux isn't as popular so it doesn't get targeted as ... If you consider the number of installed systems, ... the widespread RPC flaws in Windows 2000/XP? ... Does it get compromised twice as often? ... (comp.security.misc)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.security.unix  > 2003-12