Slashdot Mirror
Worms Jack Up the Total Cost of Windows
rbrandis writes "Dealing with widespread worms like Sasser raises the cost of using Windows, a research analyst said Wednesday. "This is part of the carrying cost of using Windows," said Mark Nicolett, research director at Gartner. "The cost of a Windows environment has gone up because enterprises have to install security patches very rapidly, deal with outages caused by secondary problems with these patches, and deploy additional layers of security technology." "The Sasser worm attacks confirm our prediction that mass worm attacks against the multiple vulnerabilities disclosed by Microsoft on April 13 were likely," said Nicolett and his Gartner colleague, John Pescatore, in an alert posted on the Gartner site."
Ahem. This is -1, Redundant. No shit viruses/worms raise TCO. This is the case for ANY operating system, not just windows. Of course, the homogenous nature of Windows makes it a lot easier for worms to affect machines in a wide range. But we'd still need to take precautions with any system in use.
This is news? This wasn't included in TCO estimates before? (Actually, that would be news, but not the kind I'd want blasted out to the world about me!). Seriously, how can "common maintenance" NOT be included in a TCO estimate? Isn't that the major ongoing part of TCO? Geez....
The cesspool just got a check and balance.
I wonder if the cost of antivirus subscriptions has traditionally been included in the TCO studies out there comparing Windows and Linux. Somehow I bet not.
At some point somebody (Windows apologist or not) is going to point to Longhorn as the solution to security problems. Is there hard data on whether or not worms have been increasing or decreasing (in frequency and effects) the past couple of years?
We know what problems they've caused and how the media's gone nuts over each virus, making things seem bigger and bigger. But some old viruses were much nastier, and I sure don't hear about those types of infections anymore.
-Rob
Marriage doesn't have to suck!
Most people rarely patch their computers until something happens. (Me being one of them) It's something that people really need to be aware of. Prevention is the key.
Wouldn't you expect the 'leading' OS to always be the target of attack? People want to make their statment, and how much of a statement do you make if you bring down both people running OS/2? So in short, the obvious was just proved. TCO is raised by being the most used OS. It is a bullseye that everyone will aim for.
An when Linux gets exploited, the people fix it for free and very quickly. Then the next person to download this FREE system is a-ok.
What? No. If/when Linux hits the mainstream desktop, it will have the same problems.
Or you could make sure you activate your WinXP software firewall and get the patches directly from Windowsupdate. Putting an unpatched XP box on the internet without a firewall is almost as easy as finding and installing the viruses yourself.
What makes Linux and its software (generally) more secure is the design and the security consciousness of its developers.
We all know that Lunux's TCO is often lower than windows' but one shouldn't count on the absence of worms.
As does Microsoft, the patches exist, and just like Linux, the time required to apply even a single patch to multiple PC's is not small.
You are right that after a Linux hole is fixed, future Dlers are protected, that does little to help those already installed. Do you want to talk your mother through doing a kernel update rebuild, just to protect her from a new Linux hole? I prefer having mine go to windowsupdate.com, far easier IMO.
Help Brendan pay off his student loans
This in itself is not taken to justify big changes. Like high linux retraining costs (for corporations) or living with an unsupported and hard to interoperate computer (for households).
heh. If you want to see the TCO for something increase dramatically, all you have to do is provide support for it over a long enough span of time that people feel comfortable in ceasing to learn.
:(
Perhaps one of the reasons that Linux has an inherently low TCO is because the users who have installed it, configured it, compiled it and made it run on their toaster have taken the time to read the docs. They're familiar with the hardware, the apps they run, the OS under the apps they run, and viola -- things run nicely.
But in the Windows world? Everybody has a support line to call for absolutely everything. Almost every product offered has some form or another of support to it, to an extent that the people who are using these systems no longer have to use any mindshare whatsoever to get their stuff working. At your place of business a PC tech is waiting to coddle you. At your home you can call your ISP, call your PC vendor, call your OS manufacturer, call your application developer, call everybody in order to figure out what's wrong with the system. The suggestions they give you to fix it may seem arcane and strange, but if you follow them assiduously you have a 30 to 40% chance of getting things working... and if it doesn't work out, you can always call back 'til you get ahold of someone who really knows what's going on.
Small wonder the TCO is so incredible. I can understand that worms have an impact on this number - hell, I've logged plenty of overtime hours securing machines against the latest potential threat (the Army is rather proactive in locking things down against explotation - with good reason). I've spent countless nights securing our systems against worms that use ports that are not open on our firewall. I've spent hours updating virus signatures and restoring systems lost because a user thought it was a fine idea to open up an encrypted zip file they received from someone they didn't know. I've spent many a fine weekend and holiday at work restoring people's email because they deleted without consideration for the fact that bringing it back takes serious time.
My site would have far lower TCO if the users exercised a small, trifling fraction of their potential intelligence. Am I overestimating the abilities of the average human, here?
sigh... *Lots* of things go into TCO. My overtime, paid to fix these kinds of problems, is a significant part of it at the site I work for. End of rant.
I don't know why the above has been modded as "flamebait".
I would mod it "insightful" since it's really what's going to happen. As soon as Linux gains more "marketshare" in the OS war, there WILL be worms and all sorts of viruses since the code is known to everyone.
The modder should be modded as "brainless Linux freak".
If Mac OSX were the dominant OS, then worms would be predominantly written for it, and would drive up its TCO. If Linux were the dominant OS, then worms would be predominantly written for it, and would drive up its TCO. Etc., etc. Sure, OSX or Linux or [insert pet OS here] would be tougher to exploit, but that wouldn't mean much in the long run against people dedicated to making mischief. The fact that Windows' codebase is such a piece of Swiss cheese makes it particularly worm-prone, but the main problem it has with worms and viruses is due to Windows being the monoculture, and not due to Windows' shortcomings as an OS. So maybe the point is, everyone wins if there is less monoculture, and more heteroculture, in the mix of OSes in general use.
First they say you shouldn't use Linux. Now, they don't want us using Windows 'cuz of worms. Tell me, gartner, what should I do? Oh, that's right, you don't ever do anything. You just make stupid recommendations.
"Avoid employing unlucky people - throw half of the pile of CVs in the bin without reading them." -- David Brent
Sounds like they are trying to make yet more arguments against disclosure of problems. Either that, or an indirect comment on why proprietary systems could be better, if disclosure of problems were not allowed.
"The Sasser worm attacks confirm our prediction that mass worm attacks against the multiple vulnerabilities disclosed by Microsoft on April 13 were likely,"...
We all knew these attacks were likely. Did their timing have something to do with the disclosure? Possibly. Would they have happened without the disclosure? Yes, I think they would have.
The root of the problem, in this case, lies squarely with Microsoft, and the various design decisions they made implementing their OS and other products.
. 62,400 repetitions make one truth -- Brave New World, Aldous Huxley
Seriously, though, it's good that stuff like that surfaces on PHB-radar range. Maybe somebody will ask things like "So why should *I* be taking all these measures because *your* software is buggy?" the next time the M$ rep comes in, hawking the latest and greatest from Redmond.
if you're using Oracle, it should be very easy to migrate Oracle to another platform, e.g. linux.
it's much easier to change platforms than change databases i'd think. in most cases, to an application, the database IS the platform, more so than the operating system on which the database runs.
There are also a lot of secondary costs to windows worms as well. Increased network traffic affects those that do not even use windows(or those who are careful). Also, if a windows worm brings down a banking system, there is a cost again to innocent people who may not even use windows. Or for instance, if a supplier for a business goes down, then the buisness itself is adversely affected.
Windows worms(and malware in general) do not just adversely affect windows users, they have the potential to harm society in general(though I don't agree with the figures that some of these anti-virus people put out, they are just looking for sensationalism to sell their products)
Windows worms are everyone's problem, do your part to stop them!
Yeah, it looks pretty neat. The two reasons I'm a little hesitant is that it doesn't include the April patches which we need now (Sasser) and my boss probably wouldn't want us deploying software from an unknown source (which also may be buggy) on our department's computers.
Its interestig that they say it is the worms that cause extra work rather than the security holes. After all, if the security holes weren't there then the worms wouldn't work.
http://www.popularculturegaming.com -- my blog about the culture of videogame players
These people got hit because they didn't have a firewall, which would have stopped Sasser.
The systems admins of those places should be sacked - that's a fundamental mistake. There's no excuses for not having a firewall nowadays.
This is all well and good, but the PHBs still need to be made aware of the ramifactions of their addiction to 'doze in the simplest terms possible. I've been trying to migrate some of my clients off of 'doze for months now and it's a slow painstaking process as they stop me every step of the way and ask why they need to give up their outlook, or their "really easy integration with their iPaq". So, I'm stuck doing part time admin on windowboxen.
I'm not there often enough to make sure they patch their systems every time they should (they don't want to shell out the cash for a full-time IT guy) So the best I can do is email them the reports I get from eEye and bugtraq and just send an all points to patch and hope they do. (They don't of course, I just spent the last four hours rooting out the crap on a machine that hadn't been updated since mid March.) There needs to be maybe a "Windows Patching for Dummies" or something that will get the point across to these guys that the price of a secure 'doze box is eternal vigilance.
But hey, if they want to shell out the extra cash for my emergency services and the lost productivity incurred, who am I to argue?
Mod me down and I will become more powerful than you can possibly imagine...
Update your systems to Windows 2000 Professional or Windows XP Professional. Delpoy Software Update Services within your organization. When a patch is released, test it in a production environment, wait a week or so to see if there are wide spread problems with the patch reported. If all is clear deploy the patch via SUS. Problem solved. Very little work required on your part other than the testing. Very little downtime for your users, perhaps a reboot. Microsoft has made patching system very easy with SUS. If you don't have all 2000 or XP systems then there are plenty of other patch management systems out there compatible with all versions of Windows. Look into them.
Unfortunately, this is not true. Although maintainance cost might be the largest cost for Windoze, it does not appear on the price tag. There will be many uninformed people who will buy Windoze without taking into account the hidden costs.
BTW, are upgrade costs included in the estimates?
Don't waste your vote! Vote for whoever you want, unless you live in a swing state it won't matter anyways
Since when is upgrading a browser in the same class as a service pack?!? WTF?
Cypherpunks: Civil Liberty Through Complex Mathematics. Those who live by the sword die by the arrow.
Actually, Just install the latest service pack
This costs money for a CD from Microsoft. If the user tries to download the service pack instead of buying the CD, the user will probably get hit with Blaster or Sasser while trying to download the service pack itself, as the size of the service pack exceeds what a dial-up user can download within the time it takes for Blaster or Sasser to shut down the computer.
There are versions for 9x all the way up to XP.
Really? I read from here: "AutoPatcher 2000 is still being worked on."
Of course it is true that owning and operating a Windows computer costs more because of the need to keep current with patches, to test them and to apply them in a timely manner. Every sysadmin knows this even if their cost-conscious boss doesn't see this big picture.
But, to be fair [and I'm no MS apologist - they need to be taken to task all over the place for lots of reasons], even if you run a MacOS X, Linux or even an OpenBSD system, there are implicit costs associated with maintaining those systems, too.
Since the software cost for FOSS is zero, the single most important cost is this installation and maintenance. As such, it ought to be quantified.
The advantage of doing this is that these kinds of costs are no longer swept under the rug and people can start asking more detailed questions about Windows maintenance costs in terms of sysadmin time- not just estimated costs of downtime on the business.
Then maybe, too, people will start to ask questions about what kinds of implicit future costs they incurred via early decisions to use some vendor's application that locks their valuable business data inside a proprietary format.
"Provided by the management for your protection."
My mother plays online bridge on my parent's computer. That's the extent of her ability to work with a computer. She's never even heard of Windows Update, let alone the need to actually have to update anything at all. To her, the computer is like a kitchen appliance -- once turned on, it never needs maintenance.
She is the stereotypical PC user, not the uber-geeks that inhabit Slashdot. Try to remember that what is talked about here is not indicative of the population-at-large.
Rule #1 -- Politics always trumps technology.
Doesn't the O in TCO stand for Ownership? What exactly do you own with Microsoft products? Aren't you really just Licensing them?
My beliefs do not require that you agree with them.
is there any wonder why those who are IT personnel with tape holding their glasses together HATE Macs?
This one post alone proves beyond doubt the theory why, when Macs were so much easier to run for small business that Windows machines are preferred by the IT shops.
two little words....
Self-preservation
guns kill people like spoons make Rosie O'Donnell fat.
IKIAGTBMDFT but
Linux is only free if you consider your time worthless.
Why are their more viruses that target IIS than Apache, when Apache is the leading web server then? Until there is a different leading OS than Windows and it is more frequently the target of attack, your comment is nothing but speculation.
This is my sig, there are many like it, but this one is mine...
remember that whole monopoly thing..?
Am I overestimating the abilities of the average human, here? :(
No, you are just overestimating the reason why people will use a computer. Some people want to use a computer like a tool - to get a job done. They don't want to worry about how the computer works, or how to do this or that. They just want to be able to easily do the task at hand. I think thats why Linux (atleast most distros) have trouble attracting people other than the techies.
Think in terms of taking your car to a mechanic. A car is a tool. You want to learn how to fix it? Or you just want it fixed so you can complete the task at hand - which is to get you where you are going.
Exposing ANY database directly to the net is dangerous at best.
seSales, Point of Sale software for OS X.
I see one bad thing and two good things here...anyone else with me? I mean, shouldn't we work our best to keep our environments 1) current and 2) as secure as we can afford to?
The patches and the closed-sourcedness are, however, a PITA.
As far as TCO goes, I see the same people just working more salaried hours to fix issues arising from bugs, etc. And they haven't had to have the admittedly more extensive training behind running a *nix environment.
I believe the default install includes Named Pipes and TCP/IP. On setup you can disable the tcp/ip (and Named Pipes) connections for SQL 2000 and it will not listen on any port. You can later re-enable tcp-ip with the SQL Server Network Utility once you have it fully patched.
And yeah, get some sort of firewall on it.
You could just install an SUS server, point all your clients at it and enable auto-update. Test the patches, put on SUS, play golf.
It's things like this that make me wonder if the "TCO of Windows" is more likely the "TCO of having highly unqualified people working in your IT department who know how to spell XP, but nothing more than that". If you have idiots running your network, you're paying to throw money out the window (no pun intended).
Which is more painful? Going to work or gouging your eye out with a spoon? Find out!
http://www.workorspoon.com
That leads back to the old joke - "It's only free if your time's worth nothing...."
Talk about coming full circle....
Actually, I think the TCO for most organizations to run Linux vs Windows is actually about equal. The difference being -
What do you wish to invest your money in:
+ A quality, knowledgable IT staff who tailor solutions for your company and receive a decent salary and benefits in return
or...
+ Bill Gates bank account
I have come to a conclusion that one useless man is a shame, two is a law firm, and three or more is a congress -J Adams
1) Yes there will be more
2) It won't be anywhere nearly equivalent, though, since Linux is not a monoculture. You'll wind up with worms that affect RedHat but not SuSE or Mandrake or vice versa.
Actually, if Linux becomes what it could, you'll have worms that only affect Ted's Distribution for Musicians but not Tony's Special Video Editting Suite or Kevin's Kitchen Sink Distro.
The beauty of Linux is that it turns operating systems into a true marketplace, not just a monoculture. That severely limits the potential impact of any worm or virus.
Engineering and the Ultimate
Since the Browser is Part of The Operating System, of Course, Silly! (tm)
Insightful my.. eh... derriere.
So free beer is only free if you don't consider your time drinking it worthless? Next time I'll tell the waiter he owes me 3 bucks for that half hour - the price of that beverage.
I play around with linux in my free time.
Seriously, time = money only from nine to five.
no virus writer/hacker is going to spend all of its time to maybe interrupt 5% of the market share. in all fairness if the tables were turned and M$ had only 5% and linux had 90% of the users out there you can bet we'd be seeing virues/trojans/worms and hacks coming from all over the place, and we'd be talking about that instead of windows. think about if we really want linux to b/c the main O/S. in the end we are inviting more hackers to spend more time writing stuff for linux as well as windows. not so sure if that is good for the community..
in all fairness if the tables were turned and M$ had only 5% and linux had 90% of the users out there you can bet we'd be seeing virues/trojans/worms and hacks coming from all over the place, and we'd be talking about that instead of windows.
And this would only infect people running Linux as root all the time who use email clients that execute scripts sent from complete strangers without telling them. Yes, people would write Linux viruses and worms (they already do), but the effect would be minimal at best.
24 beers in a case, 24 hours in a day. Coincidence? I think not!
I've endlessly heard the argument that if Linux were the standard OS, there would be just as many worms as there are for Windows. I have no idea why anyone could believe that. When you install a Windows machine, you can pretty much guarantee that ports 135/139 will be running, there are numerous services listening (ex. LSASS.EXE), and on a wide scale, there are thousands of machines with those open. But when you install a Linux/BSD system.. what ports are open? What services are running? Exactly. You don't know. There are soo many different variations durng install, and so many different versions and programs depending on the Distribution. You could not write a "Linux worm". All the worms in existance would target specific applications, such as Apache or WU-FTPD, not the operating system. Sure there could possibly be a kernel exploit, but there are so many different kernel versions. You would not hear headlines such as "Windows virus takes down UK Coast Guard". At most, you would hear "Apache exploit takes down a UK Coast Guard server".
Visit Phrite's Tech News/Security Tools
So if we're all here high and mighty that Linux Will Solve World Hunger because of this, why aren't we doing everything (and I mean EVERYTHING) we can to solve this? It is certainly true that almost everything has been ported to Linux, but many applications have yet to appear on places like Sourceforge and Freshmeat. Sure, yeah, I've started Yenta on sourceforge as a replacement for Act! or Goldmine, but it was only recently started - with little useable code to speak of.
(Yes, I need help with that project.)
Point to this rant is that we still have a way to go before it becomes acceptable to just drop Windows in favor of Linux, but it is also up to us to make sure that if, God forbid, a worm or series of them comes out, we can patch in a hurry.
This sig no verb.
Wrong. Because if Linux had 90% of the market, most everyone would run as root because they'd be sick of not being able to install anything and always having to login as root. "Why not just stay root", they'd say and then do that.
Stop the Slashdot effect! Don't read the articles!
And they laid out some bad trouble. Virus writers DO do this, even if the marketshare is small. Remember Ramen?
And of cours there's the Lion worm, etc..
It doesn't take a lot of computers to cause trouble, and no platform is wormsafe. Windows is prolific, of course, which doesn't help, but it's also got so many ways in. That's the real catalyst.
Rule for ANY operating system; When the default install is weak, you'll see worms. The big catalyst for Ramen and Lion (I hate to say it) was in my observations default RedHat installs that had tonnes of services on by default.
-- The unsig...
then that's not a cost of using linux,
that's a cost of trading off good security for a (little) ease of use.
compare that to windows, where the "default" is running as administrator.
people would write viruses, and they would still propagate if linux had 90% of the market share. just not as quickly and wouldn't affect as many people.
And Windows only costs $200 (+/-) if you can get somebody to patch, update, and clean off the occasional virus for free. Oh yeah, don't forget the cost of the obligatory anti-virus protection programs. But then again, those free AV programs are "good enough", right??
You get what you pay for - if you're lucky.
And I don't believe you're going to convince many people here that pirated software equals lost revenue. That's about as weak an argument as the RIAA's.
Mmmm... that's not entirely true. Lately, a lot of virus writers have just been preying on the stupidity and gullibility of the average user. Hell, I got one of them zipped one day that practically had freakin' installation instructions... and people were STILL getting infected!
However, for this to work on a Linbox, there are two requirements: 1) the user must save the binary and make it executable and 2) the user must then run it. Now, once that happens, there's really not much going to go differently on a Linbox than a Winbox. The thing can still bind to a high port and zombify the machine for spammers, which is what the majority of viruses do as of late. On a desktop, there's no reason to believe that granny Gretchen won't do just that once she learns how to whip out chmod +x on everything's ass. The nice thing, however, is that if you're running in a corporate environment, you can isolate users to their own filesystems to protect them from doing stupid things like this. Yea, maybe they'll trash their own data, but at least they'll be isolated from critical system information and the network (excepting zombification... but you would be smart and block all those ports, right... you don't have chewy on the inside network security... right?). Great for corporate networks, FAR better than the Windows situation (Yea, I know.. you can use Active Directory, but that's not a native part of Windows). However, for desktop users at home... well... they'd still shoot themselves in the foot.
Worms, on the other hand, are another story. First, patching a Linbox is often a matter of grabbing a patch a day or two after the vuln is known and slapping it into the system. Since Linux is built on the Unix philosophy of tools in a toolbox, you don't have to worry that a patch for program x is going to change code that program's y and z also use (unless it's a library or something). Windows? Not the case. If you have to patch MSHTML, anything from IE to your damned titlebars can get fucked up as a result.
On top of that, Linux systems are not (currently) very homogenous. Part of what makes Linux a tantalizing target for manual attacks is that it's just damned hard to write malicious code that will work on a widespread number of systems. Unfortunately, as the dust settles and some companies really do start to take up the mantle of "desktop linux", that heterogeny may just go away for desktop users...
The point is this: Linux CAN be much, much, MUCH more secure than Windows. However, Linux also does the same thing Unix does: "Look, you can make me secure if you want, but you can also use me to blow your toes off one at a time... YOU choose.. I'm not going to decide for you." A lot of geeks forget that. Linux is not inherently secure (OpenBSD is inherently secure... and I don't think it's going mainstream desktop like that any time soon), and it WILL happily let you shoot yourself and your nearby friends if you so choose. Desktop users at home will do just that. It does do some things inherently better, but it still won't protect the world from people who don't bother to learn anything at all about their new toy. You can code against stupid people, but your system isn't going to do much when you're done.
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!
SUS sucks keeping computers up to date in a complex work area. Primarily because of the stupid reboot necessity.
You have two options:
1. Give people administrative rights so that they can manually click to install updates when the reboot is convenient, or
2. Have the computer try to install the update at a specific time. But if the computer is turned off then you have more problems. You can have the computer install and reboot when they next try to start the computer which slows down the boot up from 2 minutes to 5-7 minutes.
Then you have the OS covered but you have other software that can be used to access your computer. I wish there was an apt-get option for windows. Then you could run one command and update your entire system with all software that needs security updates. The only problem would be that Windows would still need to reboot at the end!
Yeah, actually: "Let's go!". I mean there is one thing that really annoys me in all this TCO stuff.
I work as a sysad in a huge german company and whenever I say "Linux" they answer "retraining cost".
C'mon, I KNOW my users now for almost 5 years and I can guarantee you the vast majority of them got never ever trained on their machines and will never be. They are totally clueless most of the time and only a few use more than two or three apps throughout the day. After upgrading them to XP they didn't even recognize a difference. It just can't be that hard to move them over to a Gnome or KDE desktop. We had a 18year old for practice here for two weeks who knew nothing about PCs except browsing the Web with IE. He installed Knoppix on a machine, and the only time he asked during install was when the drive had to be partitioned.
Bah, I just can't believe the fairytale of trainingcost anymore. As if companies would train their staff... They just replace them if they find someone else who does the same job in less time, regardless if it was just that one could use Words serial-letter features and the other had never heard of it...
Perhaps one of the reasons that Linux has an inherently low TCO is because the users who have installed it, configured it, compiled it and made it run on their toaster have taken the time to read the docs. They're familiar with the hardware, the apps they run, the OS under the apps they run, and viola -- things run nicely.
It's more like there ARE manuals to read for the rare ocasion an install script does not work or you don't like the default settings. People would customize windoze just as much if the information was easy to get at.
But in the Windows world? Everybody has a support line to call for absolutely everything. Almost every product offered has some form or another of support to it, to an extent that the people who are using these systems no longer have to use any mindshare whatsoever to get their stuff working.
Some companies have call lines. Microsoft charges some outrageous fee for theirs and it's been compared unfavorably with psychic consultation.
My site would have far lower TCO if the users exercised a small, trifling fraction of their potential intelligence. ... I've spent hours updating virus signatures and restoring systems lost because a user thought it was a fine idea to open up an encrypted zip file they received from someone they didn't know.
I got one of them yesterday. Did it hurt me? No. I unziped it and had a look at it. Is it possible to craft such a thing for Linux? I don't think so. You would have to go through a lot to trouble to undo system defaults to make something like that work. Then the author would have to know which of the hundreds of programs I use to look at such things. Unlikely.
All of that "patching" and bandaid application is not required in the reasonable world of *nix. It's a well known fact that you need about five times the number of administrators for Windoze than you do for any flavor of Unix. Those administrators are not the cheap drooling morons Microsoft would have you think can run your network, but they would be much better informed if they were working on any flavor of Unix.
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
I am never sure of this argument.
There is the Apache thing.
Also I am sure there would be some kudos within the hacker community if you were to put in a competent virus for Solaris, GNU/Linux, OS X or whatever.
However, for this to work on a Linbox, there are two requirements: 1) the user must save the binary and make it executable and 2) the user must then run it. Now, once that happens, there's really not much going to go differently on a Linbox than a Winbox.
By LinBox, do you mean Lindows or Linux? Lindows lets the user run as root by default, just like Windows, but Linux generally does not.
So I didn't see the step where the running program gets root permissions, presuming you weren't talking about Lindows. Or are you saying that a user process can open ports without root-level permissions?
Sincerely confused,
--IceAgeComing
The trend I see is to dumb down IT staff to a bunch of interchangeable widgets. Maybe management types don't like to manage smart people. And maybe that's why the offshoring of systems development is still gaining momentum.
- The Kessel run is for nerf herders. I can circumnavigate the entire Central Finite Curve in a lot less than 12 parse
Air is only free if you consider your time worthless.
Just... doesn't... make... sense.
The aquisition of the product has negligible cost... it is the use of the product that consumes resources.
Yet, nowhere in our society do we consider the "price" to be more than the cost of aquisition. You don't pay for your cost of cooking a meal when you buy the ingredients of the meal.
Yet, surely... this is part of the "cost" of the food?
Nonsense!!
Stop playing semantic games and go some place where people don't think so much...
If you want to refer to TCO... then do so. Otherwise... well... just admit it.
You do not have to give anyone any money for Linux.
Or... are you one of the people that would complain if grocery stores gave away food... and called it "free"... because you would still have to pay for transportation to and from the store?
That surely affects the "cost" that *you* pay... but it would not be the same for each person, and is therefor not properly assigned to the cost of the food.
--Phillip
Can you say BIRTH TAX
It doesn't matter if only a very small minority of gullible users get infected. In the scheme of things, it doesn't cost the worldwide community that much. The cost becomes significant however when a significant percentage of the population gets infected.
The problem with Microsoft is that it wants to remote control your box. It wants to know what you have installed and how you're using it. That's why Microsoft boxes are insecure, it's not because Microsoft isn't smart enough, it's because it's not in their interest to make your box too secure.
The IT industry in America deserves itself.
--recovered (but still bitter) sysadmin
Ah but the difference is diversity.
With Microsoft Windows you now get one family 2000-XP-2003 all which share the same security problems. So 94% of the compurters out there come with some really bad security settings and flaws. Some will patch, but by default most of those systems are insecure.
If you don't like it, what do you do? Windows from Dell is as insecure out of the box as Windows from Compaq or Gateway, no choice, you can't buy a "safe" windows machine out of the box.
On the other hand.......
Default security in the Linux world is determined by the distribution. So if a distrubtion defaults to having a firewall, no insane file assocaitions for email and web browsing, limited services running, automatic security updates and practically forcing the user create and run a non root account. Then that distrubition will be pretty much virus free.
What will happen is this
Distribution A will have 12% share and gets infected 2% of the time
Distibution B will have 14% share and get infected 2.5% of the time
Distribution C will have 8% share and get infected 18% of the time.
It won't take long for Distribution C to get a bad rep. Computer makers will no longer offer Distribution C, or will add "value" by fixing the defaults.
To believe that Linux boxen will be as virus riden as Windows, you would have to belive that everyone will use Linux someday and that people will choose and stick with an insecure distribtuion.
Unlike Windows or MacOS, if Linux ruled, there would be healthy compitition and consumers would have a choice of which OS they ran.
vi +
I don't know where to start discrediting your post.
The "running as root" argument is garbage. Any privilege escalation vulnerability in Linux history (or any other history, for that matter) is an existence proof.
The "without telling them" argument is garbage. The vast majority of viruses transmitted by e-mail are done so because the user did something dumb, not because of some long-fixed auto-execute vulnerability in a popular mail client. You wouldn't need root access to fall for something like that, by the way.
You think a major Linux worm would have a minimal effect? Do you have any idea how many critical systems run on Linux these days? Hit Windows, hit the desktops. Hit Linux, hit the servers. Put your sysadmin hat on and tell me which is worse.
Linux is not immune to security issues, and any claim that many eyes make for few bugs and thus OSS is fundamentally safer than Windows-based equivalents can be discredited with the slightest thought about reality rather than theory. Linux remains relatively safe because of the culture surrounding it, not because it's inherently flawless.
If you disagree, post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like.
And when you sudo, you enter YOUR password, not root's.
Which brings up the point that sudo requires configuration by an IT admin for a user to run it successfully. So, for most users, running the program as root requires them to login as root first. Hence the grandparent post's instructions get even more complex and tedious, and gives more time for alarm bells to go off in the user's head. All of this will allow most people to return to their senses before following through. Certainly more than clicking on a VB attachment in MS Outlook.
Keeping viruses like this from running is normally as simple as telling people "Do not login as root and run unknown commands". Maybe a future distro will display this message when someone logs in as root:
"DO NOT COMPILE AND RUN PROGRAMS AS ROOT UNLESS YOU TRUST THE SOURCE".
Hmm, sounds a lot like "Do not run unknown attachments from email". Doesn't work. Been telling users for years. Doesn't work.
100 attacks each hitting 1000 computers does as much damage as 10 attacks each hitting 10,000 computers. True, small isolated incidents regarding virus attacks are insignificant in the grand scheme of things, but its not like Microsoft can leave it alone.
For every kiddie script or virus variant out there, theres a hundred Joe Average users screaming at their computers. For every hundred screaming Joe Average users, theres 10 system admins having to go around and remove the virus, update their computers, and then give a lecture on how to prevent from something like this happening again (not that Joe Average will listen). For every 10 system admins running around needing to solve every virus problem, theres one programmer out there who has to come up with a program that bypasses the virus, seeks out the virus, and eliminates the virus. That and they have to figure out how it works, how it spreads, how can they get rid of it, if theres any clues as to who made it, etc.
So like you said, yeah in the scheme of things one or two attacks doesn't cost the worldwide community much. Except for the fact that one or two of these types of incidents seem to happen everyday. Now if you'll excuse me, I have to download anti-virus protection for my parent's computer, install it, update it, run it regularly, then debate on whether its worth paying $200 for an official CD-key, scream at the fact that the computer slows to a halt due to new anti-piracy software methods, call up the company and complain, and then come back to Slashdot to post a 'Askslashdot' topic regarding the sheer amount of frustration of dealing with anti-virus programs as the 'system admin' of my house.
The "running as root" argument is garbage. Any privilege escalation vulnerability in Linux history (or any other history, for that matter) is an existence proof.
I had my RH5 box hacked into a few years ago, so I know that linux isn't invulnerable, and I know the grandparent uses strong words like "only" and "all the time". But isn't it true that Linux at least makes it much easier to keep users from unintentionally harming their machines?
It's one thing to click on a VB attachment in Outlook. It's another to follow install instructions that involve first logging in as root. (as in this post; note that "sudo" isn't usually allowed by default).
Because linux follows a model where a user can't affect important OS resources easily, it is possible to isolate the OS vulnerabilities from user stupidity. This makes it easier to update the OS without affecting the user, which makes the system more stable in the long run.
Any disagreements with what I've written?
That's because it is unnecessary.
I don't know why this mistaken idea that "malicous code not running as root can't do any real damage" has gained acceptance, but please stop repeating it.
Your tinfoil hat is cutting off the circulation to your brain..
455fe10422ca29c4933f95052b792ab2