[luau] Counterpoint: Linux vs. Windows Viruses

[Eric Hattemer]

There are two important parts that the OS vendors play in this, though. 
 First is making sure that unneeded services are trimmed down.  In my 
mind, RedHat is bad at this.  Just because I have sendmail installed 
doesn't mean I'd like it to start up the first time I boot.  Services 
that should start on first boot should be the few that are needed for 
the computer to function and allow advanced users to turn on the extra 
services.  SSH could be an exception, since it allows secure remote 
access, but with the latest SSH exploits, maybe not even that.  However, 
at least linux has their services modularized.  RPC in windows is the 
biggest security hole there is, and it can't be turned off.  Kernel 
level exploits in linux are rare if ever, and usually require iptables 
or something.  

The second part they play is making updates obvious.  They cannot 
overstate these.  I deal with virus/worm calls at work, and they seem to 
be all I do anymore.  We ask people if they click install on the windows 
updates that automatically pop up in windows XP and they say something 
like "I didn't know what it was so I canceled it".  OS vendors need to 
either have security updates automatically install themselves unless an 
advanced user turns off that feature.  The other alternative is to make 
the popups so frightening that no one could refuse.  That would be 
something like "Install this update or your computer will likely be 
hacked into and your data erased".  Most linux distributions don't make 
security updates too apparent to a novice user.  

But then again, I've become convinced over the last two months that only 
10% of the American population should be allowed to use a computer at 
all.  And really that's 10% of the college educated population.

-Eric Hattemer