Malware Threat Reports Are "Apples and Oranges" 191
Ant writes "The December malware threat reports are trickling in from vendors — and they all appear to be different. Fortinet, Sunbelt Software, and Kaspersky all published their lists of the most prevalent malware strains for the last month of 2009, but they didn't match up, leading to an admission that users will inevitably be confused by the results. Not only do the various security companies use different names for the threats they identify; they don't even identify the same threats."
Do any of them mention linux or OS-X? (Score:2, Insightful)
This will answer your question, symbolset - (Score:5, Insightful)
No they haven't.
That's why.
Most definitely not. Windows users have no idea about 'threat tables' or what the hell's going on, except that their antivirus program is blinking red and making noises and they have to keep clicking "yes" or "OK" to make it better.
The inconsistency stems from the fact that these so-called "antivirus software research labs" are just Windows terminals with neckbeards in each. Symantec's neckbeard prefers browsing porn sites with ActiveX. Fortinet's neckbeard gets his latest and greatest malware from careless P2P downloads. Kapersky's neckbeard gets his viruses from phishing and gambling sites.
Hence the inconsistent naming conventions and detection profiles across vendors. +5 informative.
Re: (Score:2)
"'Comparing the monthly statistics from different anti-virus companies is truly comparing apples and oranges,' said Tom Kelchner, Sunbelt Research Center manager. 'What one company detects and identifies as a specific, named piece of malcode, another may detect generically.'"
The inconsistency stems from the fact that these so-called "antivirus software research labs" are just Windows terminals with neckbeards in each. Symantec's neckbeard prefers browsing porn sites with ActiveX. Fortinet's neckbeard gets his latest and greatest malware from careless P2P downloads. Kapersky's neckbeard gets his viruses from phishing and gambling sites.
Good to know. Now I know which AV vendor I'll be choosing in the future.
Re: (Score:2, Insightful)
Straight from the Subscription FAQ. Fail troll is fail.
Re: (Score:3, Insightful)
There can only be one way out.
SEPPUKU.
Re: (Score:2, Funny)
Re: (Score:2)
He's a script.
Or he is you.
Re: (Score:2)
Either you have been drinking too much Ethanol or I have not been taking enough Tegretol.
Re: (Score:2, Insightful)
Alternatively they might have actually read the article, an
Re: (Score:3, Insightful)
September 29, 2009 11:51 AM PDT
Malware worldwide grows 15 percent in September
A rise in malware has caused the number of infected PCs worldwide to increase 15 percent just from August to September, says a report released Tuesday
http://news.cnet.com/8301-1009_3-10363373-83.html
Phew, I'm glad they're so much smarter - imagine how much more clickfraud and spam the botnets would be perpetrating if they hadn't wised up.
Close to 60% of all US Windows computers are hosting malware already, and that's not likely to change any time soon. The anti-malware indust
Re: (Score:3, Interesting)
Re: (Score:3, Insightful)
This is why education is so important and the idea that a computer is simple is bad. People buy devices that are as powerful as supercomputers were 15 years ago and expect them to be as simple as a toaster. So they end up giving vast amounts of computing power and network bandwidth to criminals.
As for Best Buy -- just an example of how easy are a fool and his money parted. I recall reading an article about how many people just buy a new cheap PC after theirs is infected. Of course, current security practice
Re: (Score:2)
No, this is why the current monopoly general-purpose OS is such a bad idea.
If formats, protocols, APIs etc are open, then simple computers can be used for simple tasks. The hardware industry is trending in that direction with products that are cheap, functional and simple, like the Freescale Tablet.
A device like that could be made safe, reliable and uncomplicated given the right software selection. People who don't wan
Re: (Score:2)
Yeah, because Best Buy would harden Linux if they sold it in any numbers.
I don't know if you are the same guy, but I've seen the call for open OS a crapload in the comments on this article. Yet, I've seen nothing that indicates this wouldn't happen as bad (or worse) with Linux or some other currently existing OS that is "open". The only saving them now is the fact that the number one OS is such an easy target. Whether it's easy
Re: (Score:2)
It's to keep the big wheel turning and give you job security, without it, there would be no need for you, or the AV vendors. Didn't you know...
Re: (Score:2)
Might as well preinstall botnet clients at the factory.
No, that would be HP.
Re: (Score:2)
No, they don't.
Hairyfeet is a Microsoft apologist. He's always on hand to invent excuses for Microsoft's failings.
As any shopper will tell you, your computer comes from the reseller in a box from the manufacturer, and generally has a standard pre-install image ready to run. I've never seen any modification of settings, just the usual crapware installed.
Nope, this isn't a reseller problem - that's just blameshifting.
Re: (Score:2)
Re: (Score:2)
I'm just bragging (Score:2, Funny)
28 years of computing on networks, zero instances of malware. I feel special.
Re:I'm just bragging (Score:4, Insightful)
You mean "zero detected instances".
Re: (Score:2)
Can you point me to some malware that does so little, that it can remain undetected by a fairly savvy computer user?
I'm serious here - there's always a troll in these threads that makes the comment you just made. However, in my experience, I've never run into malware which was "stealth". Its entire purpose is to send mail, pop up ads, and propagate. All of that is damn easy to spot if you're reasonably well versed in how your computer normally runs.
I tend to believe a competent person when
Re: (Score:2)
Spurious network activity can be damn hard to spot. I'll admit that popup ads and so on are a bit of a give-away, but would you notice 1 kB/s of extra network traffic?
Most people who claim to have no malware don't even know what all the processes they currently have running are. They just don't have popup ads or other obvious symptoms.
Re: (Score:2)
Can you point me to malware that engages in only spurious network activity? All that I've seen are either mass mailers, which is pretty easy to spot, or ad-based, which by definition need to be visible. I've never seen malware that sent out an email an hour, only when the network was active.
(I've also never heard of one which modifies the blinkenlights on my router and modem. If I'm not using the internet, and they are flickering away, that'd be a problem.)
Re: (Score:2)
Keyloggers? Backdoors?
Both are malware, both will do nothing most of the time, and avoid detection as much as possible. Good luck finding out you have one.
Re: (Score:2)
is it even malware? What would it be doing?
The real risk does not come from pop-up ads, a changed browser or porn links on a desktop. Nor does it come from formatting harddisks or constantly rebooting. The dangerous thing would be rootkits that hide, remain unseen, log your keystrokes, log your internet traffic etc. and send them to a business rival. They could be buried deep in network traffic, for instance in DNS requests. In contrast to the usual "open some ad windows on the users screen" malware, in this case remaining unseen is crucial.
Re: (Score:2)
That's not malware. That's a targeted attack. We're talking about garden-variety, drive-by download, infected porn site malware here. We're talking about flies, you're talking about a unicorn.
Re: (Score:2)
Hidden software that logs keystrokes and sends the results off to a remote system has a lot of value. It doesn't need to only hit a targeted system. When they see results like:
mail.yahoo.com apoc@yahoo.com 123jass8
In the log file they know they have a new account to search
Re: (Score:2)
Example of competition gone wrong (Score:5, Insightful)
Everyone's always touting the benefits of competition, but here's a clear example of competition serving to confuse the market. There are a number of problems:
1) Antivirus solutions do not co-exist - and not just the resident portion. I'd love to run a second or 3rd scanner like I can for spyware but Antivirus vendors have created a market that is use to the worst kind of lock in. Why can't I run 3 different products side by side and decide which one's resident scanner I want switched on? I'm sure there are technical issue but I'm also sure they're not insurmountable.
2) Antivirus vendors are now trying to police what you can and can't do. Look at the numerous reports of false positives for programs that are legally grey (or black) but aren't viruses. I've personally had network tools come up as false positives and it's a pain to unquarantine and exclude them so they don't quarantine themselves again.
3) The main form of collusion between vendors seems to be fitting into Microsoft frameworks so they show up as antivirus software in the appropriate control panel and so you don't get warnings about invalid or out of date antivirus. But this in itself makes them more vulnerable to attack
4) The products are often so badly written that they cause as many problems as they solve. A bad update here or there can (and has in the past) caused irrevocable system damage that has required a reinstall or restore from backup for users. What's the point of an antivirus that does this. Worse I've seen much subtler performance problems from minor antivirus updates - in one case it brought a company I worked for's client's machines to their knees and initially they blamed us. Turns out a change in the engine meant very big files were being opened and re-scanned for every write. Needless to say it wasn't out fault.
5) Every vendor seems to have their own names for a virus. For pity sake can we have some kind of standard naming mechanism?
Isn't competition suppose to improve such things and open up the market? In this case it just hasn't happened. There has been implicit collusion but not of the right sort to improve or provide a diverse range of products. There's not one product that will protect you well.
Re: (Score:3, Interesting)
5) Every vendor seems to have their own names for a virus. For pity sake can we have some kind of standard naming mechanism?
A number or a hash?
Re: (Score:2, Insightful)
Re:Example of competition gone wrong (Score:4, Insightful)
Re: (Score:3, Interesting)
I'm guessing the reason you can't use multiple resident scanners is that just one will bring your system to a crawl.
I wrote: and not just the resident portion
I think the need for constantly running virus scanners is seriously overstated, at least for people who know not to run HorseSex.exe.
I got drive by downloaded 2 days ago. My antivirus didn't pick it up, but fortunately my firewall did (which prevented further virus downloads). I was looking for books on photography (reguarly non-sexual photography) and
Re:Example of competition gone wrong (Score:5, Insightful)
No, this is a clear example of a monopoly creating a market repairing broken Windows. That's why it seems confusing.
Consumers shouldn't be facing a choice of ineffective bandaids to patch over their computers' inability to keep malware out. They should be able to choose a computer/OS that is inherently resistant.
For computer users, this is a Red Queen's race, and Windows users have to keep paying and stay vigilant just to retain a semblance of control of their own machines. The real solution is to mandate open formats, APIs, and protocols, then let any OS vendor compete on level terms. When consumers can select an OS that suits them, including the level of security they wish to pay for, we will have competition. Only then will OS vendors have to improve their products to retain customers.
Re: (Score:2)
Re: (Score:3, Insightful)
Because, as I stated, we don't have open formats, APIs, and protocols.
That makes it difficult for computer users to move freely between OSs and prevents competition on real merits.
Re: (Score:3, Insightful)
It's not that they can't run on Linux, it's that they don't.
Re: (Score:3, Insightful)
It's a self-sustaining monopoly out there. How can you tell about some abstract choice if for a majority of people PC=Windows? And you can't really blame people here: all they see is Windows, on every shell in every computer store. Exclusive per-CPU deals led to a situation where OEM's pay the same to Microsoft no matter how many OS's they offer, so they usually offer one because it's cheaper that way.
What choice do consumers really have if they don't know about Linux? Windows vs. overpriced Apple computers
Re: (Score:2)
Irrelevant. That there's a monopoly on the OS doesn't have anything to do with the software that runs on it. We had a monopoly of petrol cars in the US for the longest time. Sure, that meant that the diesel Mercedes didn't sell here, but the competition between the petrol car makers was real. And that competition worked the way it was supposed to.
But antivirus makers not naming things t
Re: (Score:3, Insightful)
Please tell me how a virus can infect a Live CD?
Re: Live CD (Score:3, Interesting)
Re: (Score:3, Interesting)
Purely theoretical:
- User boots live-cd
- Some malware gets executed and stays in RAM (by user interaction or not)
- Malware reflashes the EEPROM holding the BIOS with some malicious code
- On next boot BIOS will store some malicious code in memory and does something very clever that makes the OS on the liveCD execute that code
It would be a very targeted attack, but not entirely impossible
Re: (Score:2)
Re: (Score:2)
If you were an OS developer, how would you prevent such an attack?
The game console makers prevent the attack just by requiring all executables to have been signed by the console maker and putting a policy in place that software from a one-man outfit won't get signed.
Re: (Score:2)
Which can still be defeated by exploitings bugs in approved software. The effect is more to restrict who can write for the platform. Even to attempt to control what the owner can do with their machine.
Re: (Score:2)
Some live CDs have extra writable area to save files, but it's stretching it to say a virus would be at all likely to make use of that.
Re: (Score:2)
You mean before or after the image is burned?
Re: (Score:2)
"Inherently"
You use that word a lot, but I don't think it means what you think it means.
Re: (Score:2)
No, there certainly is such a thing. I hate to be one to preach how great mac and Linux are, but they are 'Inherently resistant'(Combination of obscurity and the lack of the porosity leading weak points to be mainly the user, and even then defending him/her from his/herself). There is a huge difference between that and immunity though.
You are aware that the great majority of Windows malware in the last 5 or 10 years has been taking advantage of either the weak point between the keyboard and the chair or unpatched client software to install and spread?
Neither of which are exactly unknown on other platforms.
Re: (Score:3, Insightful)
The vast majority of said windows malware actually takes advantage of the user combined with the fact that user typically runs all his code as an admin.. Unix/Mac don't give you elevated privileges by default, and provide a well understood mechanism by which you can elevate your privileges which *should* make you think...
There is also worm type malware which attacks open network services, windows ships with several services on by default, even on a workstation install, which cannot easily be turned off and
Software sources (Score:2)
As an extension to the above, the windows mentality of downloading and executing binary installers from websites lends itself to malware
It's not just the Windows mentality. Mac OS X has the same mentality of downloading a disk image from a site and dragging the .app bundle to the Applications folder. Likewise, if Linux ever gets widespread, it will likely have the mentality of adding a software publisher's repository to a machine's software sources and installing software that way.
Re: (Score:2)
The point is that [well-known companies' software repositories] are at least crptographically signed.
If a malware publisher can buy an Authenticode certificate for $200 per year, what makes you think these repos won't get signed in a way that the less-trained user is likely to trust?
And even if Linux was very popular, most people's everyday requirements would be preinstalled as part of the distro defaults or met from the distro's repos, or the signed trusted repos of large companies like Adobe.
So in other words, developers have to get their software published by either a distro (if free) or a large company (if non-free). But independent video games, for instance, can't go in the distro's repos because making the program and its data free or freely distributable, as required by the distro, would compromise the busines
Re: (Score:2)
windows ships with several services on by default ... [snip] ... Linux/Mac ships with virtually nothing listening by default
So they are the same then, right? You would have have not qualified "nothing" with "virtually" if you knew that you could get away with it (like if it was true) .. so we have you using liberal language on one side and conservative language on the other, to say the exact same thing. Why is that?
Moving on:
... which cannot easily be turned off and are usually just hidden behind a software firewall... [snip] ... anything that is listening can be turned off and a software firewall (if you choose to enable one) provides an extra level of security on top of that
Oh look, you did it again.
Why are you so disingenuous?
The fact of the matter is that it is Windows users who are the big problem and if 2010 was the year of Linux, you can damn welkl expect 2011 to
Re: (Score:2)
I say "virtually" because i did not have any straight default installs at my disposal to verify..
Also there are too many different linux distributions to say with absolute certainty... A default install of Gentoo (having followed the standard installguide) has nothing listening on the network by default for instance...
Also the Ubuntu machine i have here, only seems to have sshd and cupsd listening on the network, and i explicitly enabled those services.
A tailored linux distro designed to perform a specific
Re: (Score:2)
Such elevation can also be applied on a per program basis. If there is an equivalent of setuid/sudo/etc in Windows it dosn't appear to be that well understood. To the point where "give th
Re: (Score:2)
My understanding is that it is automatic. That is, if the program is written right, you are logged in as user, and when something needs root, it pops up and states it's needed and asks for that permission. And for things that aren't smart enough to ask (older programs), you can right-click and run-as admin. I'm not set up right now to test this, but hopefully someone out there can check this on Vista or
Re: (Score:2, Informative)
1) Antivirus solutions do not co-exist - and not just the resident portion. I'd love to run a second or 3rd scanner like I can for spyware but Antivirus vendors have created a market that is use to the worst kind of lock in. Why can't I run 3 different products side by side and decide which one's resident scanner I want switched on? I'm sure there are technical issue but I'm also sure they're not insurmountable.
I decided on one paranoid night to try to do just that. I found that for the most popular free solutions (AVG, Avast, Avira) you can install them side-by-side and narrowed it down to just one resident scanner running. You either have to find the hidden option in the menus, disable the start-up entries, or just opt not to install them during setup. I was able to safely ignore the warnings about having other AV products installed during the various setups.
An easy solution for individual files is VirusT
Re: (Score:2)
I agree, security is a process not a product..
Unfortunately, our voices are nowhere near as loud as those of the vendors telling people that security is a product.
Re: (Score:3, Informative)
6) Vendors appear to put more effort into making their user interface "pop" rather trying to minimize resource usage and system impact. For example, Microsoft antivirus creates a system restore point every time the signatures are updated (once a day). Every time a system restore point is created my system become barely unusable for a couple of minutes. You can't control when it updates the signatures (currently for me it's around 23:20). Which brings me to:
7) Vendors want to use their own resistant schedule
How about latin names (Score:5, Interesting)
5) Every vendor seems to have their own names for a virus. For pity sake can we have some kind of standard naming mechanism?
How about a (latin/greek) Biological-like [wikipedia.org] naming system. After all, it works for biology and many (computer)viruses are derived from earlier versions of those viruses, so we could have actual hierarchies.
So you could have a name such as: "userus.dumbus.clicktus.pornolinkus.diabolicus"
Of course after the latin name we could come up with a "common" name - based on the name of the unfortunate tech who had the displeasure to remove it first.
Re: (Score:2)
The trouble is, everything would be under userus.dumbus.clicktus.pornolinkus so it would just be a common namespace and wasted characters.
Re: (Score:2)
"Why can't I run 3 different products side by side and decide which one's resident scanner I want switched on? I'm sure there are technical issue but I'm also sure they're not insurmountable."
Tried running different products using Thinapp thin installs? That would be one way to experiment.
Re: (Score:2)
They don't even have to be questionable. VNC manages to generate plenty of false positives, IME.
4) The products are often so badly written that they cause as many problems as they solve. A bad update here or there can (and has in the past) caused irrevocable system damage that has required a reinstall or restore from bac
Running multiple products (Score:3, Funny)
This is why I have to run 6 different scanners: because there isn't one that detects all the threats. I currently run 2 antivirus programs along with SpyBot, SuperAntiSpyware, Windows Defender, and Malwarebyte's Anti-Malware.
Re: (Score:2)
Re: (Score:3, Insightful)
... and then you complain Windows runs like a snail.
Re: (Score:3, Insightful)
``This is why I have to run 6 different scanners: because there isn't one that detects all the threats. I currently run 2 antivirus programs along with SpyBot, SuperAntiSpyware, Windows Defender, and Malwarebyte's Anti-Malware.''
And yet, people insist that Windows is user friendly. More so than other operating systems, even.
Re: (Score:2)
If you don't engage in risky behavior you don't have to worry so much. For example, paying for all your software should be enough to get you down to one virus scanner and two anti-malware programs :)
Re: (Score:3, Informative)
Really?
Researchers Hijack a Drive-By Botnet.
They found more than 6,500 websites hosting malicious code that redirected nearly 340,000 visitors to malicious sites. Drive-by downloading involves hacking into a legitimate site to covertly install malicious software on visitors' machines
"Once upon a time, you thought that if you did not browse porn, you would be safe," says Giovanni Vigna, a UCSB professor of computer science and one of the paper's authors. "But staying away from the seedy places on the Internet is no longer an assurance of staying safe."
Re: (Score:2)
Warez doesn't typically come with malware, if anything pirate copies of various things often have malicious (defined as doing something detrimental to the user or his machine) code such as drm schemes removed.
I have done many incident response jobs, where one or more machines inside a company becomes infected with something that the av they subscribe to fails to detect, and it falls upon me to investigate the infection. Very few of these machines have any warez on them, or evidence of trying to view things
Drive-by downloads of fake antivirus software (Score:2)
If you don't engage in risky behavior you don't have to worry so much. For example, paying for all your software should be enough
Whom should I pay for Firefox and GNU Image Manipulation Program? But seriously, my aunt got drive-by-downloaded twice, both times by fake antivirus software, and she spends most of her time in Facebook. I didn't know Facebook had mandatory fees. The first time it happened ("System Security"), I was able to boot into safe mode and run MalwareBytes Anti-Malware, but this time ("Advanced Virus Remover", apparently a newer version of the same threat), safe mode just causes the computer to restart during boot.
Re: (Score:2)
a suggestion for you
1 grab a USB >PATA|SATA cable and a good screwdriver
2 pop the case on her computer and pull out the hard drive
3 use the cable to mount her hard drive on your computer
4 scan her drive on "NSA Paranoid" level (you may of course want to do a scandisk on it first)
5 backup her hard drive after it has been cleaned
6 replace her harddrive boot it and pray
Cleaning Windows with Ubuntu laptop? (Score:2)
grab a USB >PATA|SATA cable
For personal reasons that I would prefer not to disclose on Slashdot, she wants to pinch every penny from this fix; otherwise, she would have already taken the computer into a local repair shop. At this minute, without access to ask her, I'll assume that she'll tell me that she can't afford to buy a USB enclosure for this fix.
4 scan her drive on "NSA Paranoid" level (you may of course want to do a scandisk on it first)
My primary computer is a laptop that runs Ubuntu 9.10; her computer runs Windows XP Professional. Ubuntu won't mount an uncleanly unmounted NTFS without a special flag; even then, I ha
Re: (Score:2)
OK. But you can mount and read her files. So get some USB sticks and copy her files over to them. Then reformat the disk.
Yeah, it's a pain, and a lot of work. But it's a way forwards. Then, if the computer has enough power, install ubuntu and INSIDE it a virtual machine into which you install MSWind and any applications that she needs. Don't allow the virtual machine access to the internet.
I'm sure there are other ways forwards, and I don't know all the details, but this should work, though it would b
Re: (Score:2)
Double-click on the icon on your desktop named mbam-setup.exe.
I tried that, but the AVR-infected Windows Explorer said mbam-setup.exe was infected and refused to run it.
Re: (Score:2)
Get an iPhone. Seriously. Requiring signed and approved applications along with a mechanism to withdraw applications is the only feasible way I can see to somewhat secure a computer. Plus, http and smtp must die, instead requiring https and some better mail protocol with encryption and signatures.
Certificates should be issued by government, by the way. Preferably at a cost that will cover a reasonable identification procedure for the certificate holder. And I realize this raises a lot of issues with regards
Re: (Score:2)
Let me get this straight -- you're saying that the way to avoid to losing any control over our computers is... to give up all control over our computers?
Re: (Score:2)
Is the problem that bad, or is this just the latest version of Chicken Little? I use Avast! Antivirus, Malwarebytes, Spybot and Comodo's firewall. They update and scan each night when I'm not at the computer (which is on 24-7, by the way, and has been for more than five years). I've never had a virus or any serious malware infestation. Never. A few tracking cookies, the occasional inactive trojan and the like are invariably sacrificed at the nightly slaughter.
And yet you believe I should give up what
Re: (Score:2)
Six scanners?! You can't be serious...
If that's true you either REALLY need Windows or are plain masochistic. I don't use Windows for years now, but I still remember how a scanner trashes the hard disk and slow the whole system beyond acceptable for some hours. With six scanners it would take a whole day to run them through your disk once.
Thanks but no, thanks.
Me too. (Score:2)
I pay $24.95 a month in antivirus updates for my $449.98 netbook. I do a deep scan one day a month just to be on the safe side and I manage to keep infections down in the double digits. But what else can I do? Macs are too expensive and Linux just requires too much time.
Apples and Oranges - A Comparison (Score:5, Funny)
Who reads them anyway? (Score:2)
Missing threath (Score:2)
I not English write much good (Score:2)
Doesn't make sense to me. I mean, if Schemester Antivirus wants to identify a threat that is "not the same" as the one Flybynight Computer Security wants to identify, wouldn't one expect them to use different names?
That's like saying Ford calls its car Fiesta, while Toyota calls its car Tazz, but they are not the same car. (To include the obligatory car analogy.)
Point of interest (Score:2)
Just wanted to make a comment regarding anti-virus/malware vendors and how they co-operate with each other. Recently I took on some Sophos training for work - Sophos makes security software which includes (among other things) anti-virus.
From what I was told, they DO work with other AV vendors in one particular situation: samples. If a new virus/trojan/nasty is detected by any vendor in a partnership of vendors, they will provide a sample to others, but won't tell them their detection algorithms. That way th
They all identified the same top virus (Score:2)
Windows. The sample of reports listed had W32, Win32, or a virus targeting Windows (e.g., Conficker).
I think the results and the solution is pretty clear, and it's the same that it has been for more than 25 years.
Face facts (Score:2)
They all want you to be afraid of the maleware THEY sponsored the develpoment of so they KNOW they can cure your ills easily.
Re: (Score:2)
Re: (Score:2)
Re: (Score:3, Insightful)
I'm going to reply to your comments in "".
"I use Linux. Its true that there are some viruses for Linux, its just that I haven't ever had one."
Do you understand the difference between a Virus, and Spyware, Malware, Worms, and Root Kits? This idea you have is a mirage. Linux boxes have multiple serious security flaws, as all our systems do today, The idea peddled by some is that one side is immune, while the other is an open door way. I'd really rather people talked sensibly with a realisation that our curren
Re: (Score:2)
Linux has a significantly higher proportion of the server market however, and is dominant in the supercomputer market... The areas where Linux is strong are generally more useful to a hacker, as the systems are more likely to be running 24/7 and have access to far more bandwidth. So yes, Linux is very much a target and has plenty of people working to find ways onto Linux machines.
Re: (Score:2)
Supercomputers are yesterdays news. These botnets put them to shame on nearly every metric. The idea that you mentioned them as an important target in laughable, because even if hackers got in.. they would get noticed rather quickly even if nobody is watching for it when that 7 hour job instead takes 14.
The key to the success of botnets is that very few eve
Re: (Score:3, Interesting)
Linux is too fragmented. Get 20 million Ubuntu Karmic users (or whatever) and you'll see some malware. Of course, if you see much Linux malware crop up, then you'll see some userspace tools for SElinux... or such is my hope.
Re:I think we can kiss this meme good night now. (Score:4, Insightful)
Re: (Score:2)
That's a pretty unfair comparison for this discussion. If you run Windows with just a service like a firewall then it too is pretty secure. It is only when you start installing more complicated programs to read emails, browse the web and load office documents that it starts to become vulnerable to viruses.
Re: (Score:2)
Out of that 2 billion Linux machines, how many are used as interactive user workstations (ie desktop & notebook clients)?
It matters.
Servers are usually administered by someone who knows something about what they're doing. Consumer appliances are often not administered at all - but that's fine, because their software loadout comes with everything they will ever need and any updates come as a "whole system software replacement" from the manufacturer. An appliance's small functional set compared to a gener
Re: (Score:2)
Me thinks your estimates are far more than a little inaccurate.
I know of no one outside of a Google employee that runs Linux on any device they own.
None of the non-tech savvy have a Linux based router, and the tech-savvy people I know that use something custom use a BSD.
I've yet to come across a Linux based WAP or router in the real world.
Sure all your linux friends may use one, but that isn't exactly an unbiased comparison.
Re: (Score:2)
Many consumer network appliances do run Linux, but don't advertise it. What operating system a device uses is meaningless to most end users, and many devices don't have a published method of changing the software running on the devic
Re: (Score:2)
Many might run Linux, but many use closed source embedded operating systems. The vendors would easily switch to something else. For example, I believe Linksys switched from Linux to VxWorks in one model because they could get away with including use less memory.
To most end users, the fact that the device uses Linux simply do