General discussion

  • Creator
  • #2297906

    Recent events show hackers don’t discriminate


    by maryweilage ·

    Do you agree with Jonathan Yarden that there’s no panacea for Internet security? Why do you think hackers are beginning to focus more on attacking Linux distributions? Share your thoughts on how recent events show that hackers don’t discriminate, as discussed in the Dec. 15 Internet Security Focus e-newsletter.

    If you haven’t subscribed to our free Internet Security Focus e-newsletter, sign up today!

All Comments

  • Author
    • #2671624

      Microsoft still more vulnerable

      by jmeola75 ·

      In reply to Recent events show hackers don’t discriminate

      Linux had TWO high-profile security breaches and yet the
      press is hyping this up to make it look like Linux is just as
      vulnerable as Windows. Nothing could be further from the
      truth. Windows has been hit with so many worms, viruses,
      Trojan horses, hack exploits, etc. that we’ve all lost count.
      Looking at the score card, we’ve got thousands of
      vulnerabilites for Windows, two for Linux, and zero for Mac
      OS. Based on that, I’d have to say that the *nix platform is
      far more secure than the Windows platform.

      • #2670743

        90% of computers Windows based

        by rcom ·

        In reply to Microsoft still more vulnerable

        Figure the numbers out. If 90% of computer users have one of the Windows OS then it would seem to make sense that there would be that much of a difference. Plus many of the threats are variants of the same things. A lot of the problems are discovered by Microsoft and if users would take heed there’d be a lot less. One thing that will be a real problem with the Linux and MAC users is they think they’re safe from attack. So now that the in thing is to attack the other OSs users will be caught off gaurd. I wonder why they sell security software for the MAC?

        I’ve attached an older article

      • #2670703

        It’s a matter of cost

        by rbhuston ·

        In reply to Microsoft still more vulnerable

        Hacking windows OS has been a poor mans game. It does not take expensive equipment to develop and deploy a virus/worm for windows.

        Unix/Linux on the other hand has more seperation of users from the administration of the OS. It takes more effort to gain access to the box and generally requires equipment that the average hacker does not have access to.

        With the lower prices of sniffers and the proliferation of Linux, more hackers are getting the means to attack Linux and Unix systems. You need one to study and reverse engineer to gain the knowledge to successfully deploy an attack. Many schools are now teaching Linux/Unix kernel and we are starting to see the result of more wide spread knowledge of the OS’s

        I think there will continue to be more attacks on windows just because it represents the majority of OS deployment. However, attacks on other OS’s are just starting. I can remember when attacks on windows and PC/MS DOS were unheard of but as their popularity exploded, so did the attacks.

        I used to run windows 3.1 and NT3.5 without a virus program or firewall because it was safe to do so. The real culprit is the internet (not that it is a bad thing). It gives access that a few years ago was not available. You just had to be careful about disks you got from an unsecure source. Now you have to be wary of any web site or email.

        Having had experience with many OS’s from IBM MVS and CMS to Unix/Linux and a dozen in between, I know they all have their weakness. It is just a matter of access and how they are operated. Most Mainframes and Minis are not connected to the internet. Lots of Unix systems are not connected to the internet. Most windows systems have access to the outside world. If they are not behind a strong firewall, they will be attacked.

        Just my thoughts. Hopefully we can put the “My OS is better” question aside and accept responsibility for our own security. The deployment practices of a company/user has more to do with their vulnerability than the actual code in the OS. Make them available to a large audience and someone will attack the system. Reduce access and the attacks are also reduced.

        What ever OS you are using, keep it patched, maintain your firewall, and develop sane access procedures. They will help keep your system free of intruders and your data safe from prying eyes.

    • #2670638

      Yarden’s Standpoint

      by goboslayer ·

      In reply to Recent events show hackers don’t discriminate

      Anyone who is a reader of this column can seemingly safely state that Yarden is an anti-Microsoft individual. Some of his articles have been slanted to this opinion, but he has also had a fair number of articles that deliver punches fairly and evenly to both camps. This is one of those articles.

      As for the statement made by that MS is still worse because of the thousands of vulnerabilities versus two Linux vulnerabilities, this statement carries very little weight. The article states that there were 2 major LOCAL ROOT vulnerabilities on the Linux kernel, IN ONE MONTH’S TIME. As of 2001, Windows OSs had fallen from from #1 on the vulnerability list to #7 behind 4 versions of Linux, and 2 versions of Solaris ( I have not found the most recent stats but the point is that hackers don’t really care, if they want to get in, they will try.

      Yarden hits this one on the head. Just because you’re not being shot at doesn’t mean a bullet can’t kill you. There is no loyalty agreement among hackers to comprimise only Windows systems, and this is the point the article was trying to express.

      The OS is a vital part of a sound security model, but it should not be your only line of defense. A single point of failure will equal failure.

    • #2697800

      MIcrosoft and Linux

      by derek.reedman ·

      In reply to Recent events show hackers don’t discriminate

      I agree with the whole article. I think that no matter what any OS (Operating System) does and future OSs that may come up in the future, Programmers can not think of everything.

Viewing 2 reply threads