The biggest reason (IHMO) why Code Red spread so rampantly was not because:
- Microsoft writes lousy code (they're not great, but I don't believe they suck more than other httpd authors)
- Windows security is dreadful (Win95/98 is fairly bad, but I don't think NT is *that* horrific)
- The large installed base (Apache has kind of a big base)
- Microsoft has bad kharma
I believe the real reason is the *homogeneity* of IIS and the Win32 platform. Virus and worm authors have a predictable environment for which to code. Biologists would refer to this as a monoculture. Monocultures are notoriously prone to being taken down -- witness the Irish potato famine.
Apache runs on far too many disparate platforms for a single exploit to "catch fire".
That's why I like an internet with many different OSes, machine architectures, http servers, etc. A diverse ecosystem is good for all!;-)
Slashdot Mirror
The biggest reason (IHMO) why Code Red spread so rampantly was not because:
;-)
- Microsoft writes lousy code (they're not great, but I don't believe they suck more than other httpd authors)
- Windows security is dreadful (Win95/98 is fairly bad, but I don't think NT is *that* horrific)
- The large installed base (Apache has kind of a big base)
- Microsoft has bad kharma
I believe the real reason is the *homogeneity* of IIS and the Win32 platform. Virus and worm authors have a predictable environment for which to code. Biologists would refer to this as a monoculture. Monocultures are notoriously prone to being taken down -- witness the Irish potato famine.
Apache runs on far too many disparate platforms for a single exploit to "catch fire".
That's why I like an internet with many different OSes, machine architectures, http servers, etc. A diverse ecosystem is good for all!
Apache