[Full-Disclosure] Show me the Virrii!
John.Airey at rnib.org.uk
John.Airey at rnib.org.uk
Wed Jan 7 15:47:51 GMT 2004
> -----Original Message-----
> From: Exibar [mailto:exibar at thelair.com]
> Sent: 07 January 2004 15:12
> To: John.Airey at rnib.org.uk; full-disclosure at lists.netsys.com
> Subject: Re: [Full-Disclosure] Show me the Virrii!
> Although I agree with your other points, I have this comment:
> Why do you ultimately blame Windows/DOS for the virus
> problem? This is
> simply not true. Are there not SQL worms? Was it not a SQL
> worm that was
> the fastest to spread in history? Are there not many Linux worms and
> viruses, and more being written each day? Are there not
> viruses and/or
> worms that exploit Cisco products? Hell there are even worms
> that exploit
> FTP and IRC! I can go on.
> It is not Windows that is the problem. It is the people
> that write the
> damned things that is the problem. Ok, perhaps it's the lack
> of laws that
> will make a programmer think twice about becoming a Vx'r.
> If Linux had the marketshare that Windows does right now,
> and it just
> might one day it's hard to compete with free, and the
> majority of viruses
> are being written for Linux, would you then blame Linux as
> the cause of the
> Saying Windows is to blame for the mess that we're in is
> like saying the
> gun is what causes a murder and not the person that pulled
> the trigger.
I hadn't even mentioned worms. In fact, if we take worms into account, then
the proposed solution becomes even more difficult to implement. After all,
if you trust any program, be it httpd or sqlservr.exe to use the processor,
a worm can always exploit this.
My original point about viruses (not worms or trojans) still stands. The
majority exist because Windows will execute a huge number of files just
because of its filename.
Going back to worms, the SQL slammer worm caused damage far out of
proportion to its installed base. It's a matter of public record that
Microsoft hadn't even patched its own servers against it. How does that
compare to the rapid patching of Apache servers? (Actually, I've said it
before on this list that Microsoft did not have proper firewalling in place,
so I won't go back over that one).
Your answer to a hypothetical question about Linux having a similar market
share does not make sense. First, it's conjecture and second, Linux (and all
other UNIX based systems) do have reasonably sensible privileges (compared
to Windows 98 which is still being used by many many organisations).
Note that I said "mostly responsible". I don't blame Microsoft for all worms
and viruses, but Bill Gates is directly responsible for a flawed (with
hindsight) design decision. Now if we did all switch to Linux/BSD whatever,
that flaw would go away.
In fairness, he isn't the only person to make mistakes in design. Until a
few years ago, nearly everyone had "open mail relays". In fact, if you don't
have an open relay, you are breaking RFC 822. Of course, this particular
requirement should now be ignored (It may be obsoleted already. I haven't
looked for ages).
Can you please bottom post? I use evil Outlook (I have no choice), but even
I remember to bottom post to mailing lists.
John Airey, BSc (Jt Hons), CNA, RHCE
Internet systems support officer, ITCSD, Royal National Institute of the
Bakewell Road, Peterborough PE2 6XU,
Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 John.Airey at rnib.org.uk
Even if you win the rat race, that will still only make you a rat.
NOTICE: The information contained in this email and any attachments is
confidential and may be privileged. If you are not the intended
recipient you should not use, disclose, distribute or copy any of the
content of it or of any attachment; you are requested to notify the
sender immediately of your receipt of the email and then to delete it
and any attachments from your system.
RNIB endeavours to ensure that emails and any attachments generated by
its staff are free from viruses or other contaminants. However, it
cannot accept any responsibility for any such which are transmitted.
We therefore recommend you scan all attachments.
Please note that the statements and views expressed in this email and
any attachments are those of the author and do not necessarily represent
those of RNIB.
RNIB Registered Charity Number: 226227
Full-Disclosure is hosted and sponsored by Secunia.