99.9% of all viruses in wild - Microsoft only
on
Security FUD On Linux
·
· Score: 3, Interesting
More than 99.9% of all viruses in the wild will only work with Microsoft software.
Sobig, Mimail, Sircam, Lovebug, Nimda, Code Red the list goes on.
Microsoft will say that this is because most computers on the Internet run Windows, but a look at netcraft.com shows that more than 2 thirds of web servers run Apache, and only about 20% run IIS.
Windows has more than 90% of desktops, but not more than 99.9%. I run Linux on my desktop, and don't even bother to run the Sophos antivirus client I have a license for, no point, no one could infect my desktop with any of the 80,000+ viruses sophos detects.
If Microsoft are going to try this one then they will have to tell lies and pay for carefully run studies.
I bet they will not compare Windows and Linux viruses!!
Give shelter to the free loading homeless taking profit away from hard working landlords, and soup kitchens that take profit away from restaurants giving free food to people who should be out working for a living. And who pays for all this free food and shelter, all those saps who buy the 'helping others' scams that the charities use to get money out of people.
People in the UK (where I live) even expect that there should be free medical care taking away profit from the private healthcare companies.
And what about Live Aid, all those musicians that put on a worldwide concert and raised hundreds of millions for those freeloaders in Africa who were too lazy to to get a college education and go work for Microsoft.
This sort of article really makes me angry because it gives credibility to the stupid anti GPL retoric of Microsoft and SCO. Unfortunately as soon as the first article arives that claims "Bin Laden uses Linux", then Bush and co will try to ban GPL software as part of the war on terror.
I make a living through installing and supporting "free software". The freedom is independance from Microsoft, freedom to modify the code, and maybe even freedom from viruses, but thats another posting
(Record you phone conversation and get the name of the person you are talking to.)
1. If I fail to purchase a SCO License will SCO sue me Push the point until the sales rep says yes they will sue you if you don't buy a license. This is a threat
2. Ask them what code in Linux infringes their IP, and where you can find details so that you can remove it Give them the chance to substanciate their claim of stolen code in Linux so that their threat to sue is not extortion. They will of course refuse
3. Ask them if the SCO IP License allows you to redistribute the Linux source code that contains their IP under GPL They have made it quite clear in the press release that they will not.This contravenes the GPL license of Linux
4. Explain that their 'binary only license' is in direct contravention of GPL and ask them to indemnify you against being sued for non compliance with the source provision requirement of GPL They obviously will not do this because their license mutually exclusive with the GPL.
I think it would be interesting to post replies to these questions, Perhaps I may even make an international phone call just to see what they have to say.
Answers to these questions may be useful in any future legal cases against SCO so if you can record the call and identify the rep you spoke to it will help the case against them for extortion, or perhaps not in the strange legal system of the USA
They are buying the cluster from Linux Networx who are a Canopy Group company Like SCO.
Perhaps Linux Networks customers are immune to the SCO claim. I think it would be interesting to ask them, and Canopy who obviously support the SCO claim.
Microsoft would buy a license very quickly to help SCO justify their claim against Linux. SCO would clearly not want to make public that their first license was sold to Microsoft.
For Microsoft to turn Windows/Office/Outlook/IE into secure environment they need much more than one month, especially if they want to make WindowsME secure as well.
They need to address the following points at the email client
1. Make it more difficult for users to execute file attachments by default
2. Perform checking of file attachments to ensure that a.lnk,.pif etc files are links or pifs not executables etc (the unix file command can do this)
3. Where executable attachments must be run, execute them in a sandbox so they can't modify the registry, create files, send emails etc.
4. disable or cripple Windows Scripting.
For the Desktop OS
1. Separate the Update process from the web browser, so that the web browser does need full access to all O/S files on the system.
2. Run the web browser in a restricted shell to limit the damage from breaches.
3. Split the registry into more files and make it text so that a text editor can be used to fix it.
4. Make it more dificult for users to run as administrator, e.g. limit what apps can run
5. Starty moving as much as possible out of kernel mode and into user mode, so a program crash or dodgy video driver is less likely to bring down the O/S
For the server OS
1. Stop running all services as administrator and introduce separate users for separate functions like Unix now does for Apache, Sendmail, BIND, etc. That way when IIS gets compromised the hacker does not get an Administrator shell
2. Default off (i.e not installed) all but the most essential services, so that users must install new features and then enable them. That way a bug in the index server (CodeRed) only affects a few servers.
3. Default off any automatic services, such as network plug and play.
Office.
1. Default off macros in Office, it's only virus writers that use the advanced features.
2. disable the ability of macros to rewrite other macros, run in a sandbox.
All products.
1. Stop trying to get a new O/S out every year and fix the ones people have already (over)paid for.
2. Stop talking about security and actually get on and do it.
If Microsoft do all of these things then we in the Linux community have got real problems.
Slashdot Mirror
More than 99.9% of all viruses in the wild will only work with Microsoft software.
Sobig, Mimail, Sircam, Lovebug, Nimda, Code Red the list goes on.
Microsoft will say that this is because most computers on the Internet run Windows, but a look at netcraft.com shows that more than 2 thirds of web servers run Apache, and only about 20% run IIS.
Windows has more than 90% of desktops, but not more than 99.9%. I run Linux on my desktop, and don't even bother to run the Sophos antivirus client I have a license for, no point, no one could infect my desktop with any of the 80,000+ viruses sophos detects.
If Microsoft are going to try this one then they will have to tell lies and pay for carefully run studies.
I bet they will not compare Windows and Linux viruses!!
Give shelter to the free loading homeless taking profit away from hard working landlords, and soup kitchens that take profit away from restaurants giving free food to people who should be out working for a living. And who pays for all this free food and shelter, all those saps who buy the 'helping others' scams that the charities use to get money out of people.
People in the UK (where I live) even expect that there should be free medical care taking away profit from the private healthcare companies.
And what about Live Aid, all those musicians that put on a worldwide concert and raised hundreds of millions for those freeloaders in Africa who were too lazy to to get a college education and go work for Microsoft.
This sort of article really makes me angry because it gives credibility to the stupid anti GPL retoric of Microsoft and SCO. Unfortunately as soon as the first article arives that claims "Bin Laden uses Linux", then Bush and co will try to ban GPL software as part of the war on terror.
I make a living through installing and supporting "free software". The freedom is independance from Microsoft, freedom to modify the code, and maybe even freedom from viruses, but thats another posting
1. If I fail to purchase a SCO License will SCO sue me
Push the point until the sales rep says yes they will sue you if you don't buy a license. This is a threat
2. Ask them what code in Linux infringes their IP, and where you can find details so that you can remove it
Give them the chance to substanciate their claim of stolen code in Linux so that their threat to sue is not extortion. They will of course refuse
3. Ask them if the SCO IP License allows you to redistribute the Linux source code that contains their IP under GPL
They have made it quite clear in the press release that they will not.This contravenes the GPL license of Linux
4. Explain that their 'binary only license' is in direct contravention of GPL and ask them to indemnify you against being sued for non compliance with the source provision requirement of GPL
They obviously will not do this because their license mutually exclusive with the GPL.
I think it would be interesting to post replies to these questions, Perhaps I may even make an international phone call just to see what they have to say.
Answers to these questions may be useful in any future legal cases against SCO so if you can record the call and identify the rep you spoke to it will help the case against them for extortion, or perhaps not in the strange legal system of the USA
They are buying the cluster from Linux Networx who are a Canopy Group company Like SCO. Perhaps Linux Networks customers are immune to the SCO claim. I think it would be interesting to ask them, and Canopy who obviously support the SCO claim.
Microsoft would buy a license very quickly to help SCO justify their claim against Linux. SCO would clearly not want to make public that their first license was sold to Microsoft.
For Microsoft to turn Windows/Office/Outlook/IE into secure environment they need much more than one month, especially if they want to make WindowsME secure as well.
.lnk, .pif etc files are links or pifs not executables etc (the unix file command can do this)
They need to address the following points at the email client
1. Make it more difficult for users to execute file attachments by default
2. Perform checking of file attachments to ensure that a
3. Where executable attachments must be run, execute them in a sandbox so they can't modify the registry, create files, send emails etc.
4. disable or cripple Windows Scripting.
For the Desktop OS
1. Separate the Update process from the web browser, so that the web browser does need full access to all O/S files on the system.
2. Run the web browser in a restricted shell to limit the damage from breaches.
3. Split the registry into more files and make it text so that a text editor can be used to fix it.
4. Make it more dificult for users to run as administrator, e.g. limit what apps can run
5. Starty moving as much as possible out of kernel mode and into user mode, so a program crash or dodgy video driver is less likely to bring down the O/S
For the server OS
1. Stop running all services as administrator and introduce separate users for separate functions like Unix now does for Apache, Sendmail, BIND, etc. That way when IIS gets compromised the hacker does not get an Administrator shell
2. Default off (i.e not installed) all but the most essential services, so that users must install new features and then enable them. That way a bug in the index server (CodeRed) only affects a few servers.
3. Default off any automatic services, such as network plug and play.
Office.
1. Default off macros in Office, it's only virus writers that use the advanced features.
2. disable the ability of macros to rewrite other macros, run in a sandbox.
All products.
1. Stop trying to get a new O/S out every year and fix the ones people have already (over)paid for.
2. Stop talking about security and actually get on and do it.
If Microsoft do all of these things then we in the Linux community have got real problems.