A little bit of fuel for a flame war 
:lol: , I love when people claim that Linux is just as vulnerable as Windows.
nerd. <3
lol no doubt… two weeks ago we got hit with conficker/downadup worm (SUS server decided to not update half of our computers for some reason). thankfully i have an ubuntu workstation it was the only computer i could reliably do any research on without my account getting locked out or the machine freezing up
The people writing viruses and such are doing so on Linux, why would they attack their own OS lol. Plus, what would be more effective a virus against most of the world’s users or the other 2% that use Linux.
-
No way to know and patch vulnerabilities without looking for them.
-
There are tons of companies and businesses running Linux servers in all sorts of different applications. They could do some serious damage.
Linux was insecure back in 2000ish…in the days of Redhat 6.2
example…
http://www.feelids.com/darknet/exploits/os/linux/redhat/6.2/index.html
Back then there were a large number of local and remote exploits…now a days all the network services are hardened…Windows did not start getting some what secure till SP2 which was leased in august 04…
Also if you read the article “On the second day, attacks could also be made via any applications, and could include phishing attacks in which users followed a link through email, instant messaging, or Web browsing, but the prize was reduced to $10,000. Finally, on the third day, popular third-party applications would be added to each machine that could be used in an attack, and the prize became $5,000.”
both the prices given were $10,000 and $5000 the first day prices for $20000 were not given out since no OS level vulnerabilities
were found…
75% of security threats now come down to some user interaction via webpages or emails…
:lol:
You don’t want to get me started on the topic of linux, and an education environment.
That topic just pisses me right off.
The first success came shortly after noon on the second day of the conference, when a team from Independent Security Evaluators consisting of Charlie Miller, Jake Honoroff, and Mark Daniel used a vulnerability in the Safari Web browser to compromise the MacBook Air and win $10,000.
The second victory was claimed just before the end of CanSecWest at 6 p.m. on the third day when Shane Macaulay of Security Objectives, with help from Derek Callaway and Alexander Sotirov. Macaulay, who was also on the team that won last year’s competition, used a defect in Adobe Flash to claim the Vista laptop and $5,000.
Wait, the Mac was cracked first? Unpossible! That funny Mac guy told me Mac’s don’t get viruses in the commercial where he makes fun of the fat PC guy. :roll2:
The Mac didn’t get “hacked” Safari did…
But Safari comes pre-installed with OSX doesn’t it?
A ton of Windows hacks come through IE exploits, but you still call them Windows hacks don’t you?
I don’t see how forcing a user to click a link or series of links makes the OS vulnerable…
I don’t consider IE exploits Windows level bugs…
I agree with you, but only to a certain point.
Trojan Horse viruses are the same thing. Usually, it requires user input in order for the program to be installed.
A lot of “vulnerabilities” do. Does that make them insecure OSes?
Example of real OS level vulns…
RPC DCOM - http://www.microsoft.com/technet/security/bulletin/MS03-026.mspx
RPC statd(linux) - http://www.securityfocus.com/bid/1480/exploit
System services that are installed and active by default…these can be exploited with NO end user interaction.
Those were just two off the top of my head…there are/were a ton…
yeah, I will agree with you there. Also, I don’t fully disagree that safari IE exploits are not real OS vulnerabilities. However, I DO beleive that OS designers need to be careful HOW they allow 3rd party applications to access parts of their systems.
For example. In Apple OS 9, whenever an application needed some time to run, the OS would hand over FULL CONTROL of the system to that application. That app would execute, and then return control back to the OS. It is an extreme example of what NOT to do, but an example none-the-less.
XP has this issue as well. Especially at first with its graphics controllers. It would allow games full access to the bus for the video cards. It is the sole reason why a lot of XP games were not compatible with Vista. Yes, that is right. An XP game not compatible with Vista because of a Vulnerability that was fixed.
Yes I completely agree…
Security has come a long way…Windows TCP/IP stack is a lot stronger now…and ever since they enabled a firewall by default it really cut back on direct attacks…along with the fact everyone has broadband with NAT…
It’s like watching 2 monkeys trying to hump a football…
absolutely, and I give a round of applause to M$, because it took nearly 2 days for their system to be cracked, and it was only because of a 3rd party application that it was made possible.
I say tsk tsk to apple for safari getting busted. I use firefox on my desktop Mac, but with the ibook, it is just too slow with firefox so I do use safari, but I really don’t trust it.
Why don’t you go start a subforum for electronic control systems? 
Naw then you guys would figure out that I’m actually unemployed and never went to college, hence all the time I spend on here. :hang: