[LUAU] Its time to simply ban Windoze machines from the Internet

Julian Yap julian_yap at yahoo.com
Thu Oct 19 01:29:48 PDT 2006 

So given that argument on market share as correlating to a need
and return on investment, in a hypothetical situation where
there is a 50% Windows market share and the remaining 50% is a
mix of *nix, Linux and OS X.

Would there be an equal amount of malware/spyware/viruses/etc..
devided equally between Windows and others?

I don't think so.

It also makes more economical sense for spyware merchants to
target say Internet Explorer than Mozilla Firefox.  Not because
of the market share of IE (which is declining) but because of
the amount of time it would take for Microsoft to patch (or not
patch) the security hole.  Whereas a hole in Mozilla Firefox
would take priority and be discussed in the open.  And the
security patch would be pushed out in a more timely fashion as
opposed to the 2nd Tuesday of the month...  Again, if MS decides
to put the resources into patching the hole in the first place.

That's not a case of market share.  That's the closed and
proprietary development model.

~ Julian

--- Tim Newsham <newsham at lava.net> wrote:
> > Its not that simple.   Windows boxes are a heckuva lot
> easier to populate 
> > with the software that creates botnets.   They're an open
> infection vector.
> 
> I don't agree at all.  There are sufficient server and client 
> vulnerabilities in *BSD, linux, OS X and windows.  Many of the
> attacks 
> don't even rely on any software vulnerability but on the poor
> judgement 
> and bad practices of end users.  These same problems exist in
> the unix 
> population.  The software for all aspects of a the malware
> would be 
> substantially similar across all existing popular platforms. 
> The only 
> major differentiator is the return on investment.  Writing
> attacks for 
> windows makes more economical sense for attackers.
> 
> Tim Newsham
> http://www.thenewsh.com/~newsham/
> _______________________________________________
> LUAU at lists.hosef.org mailing list
> http://lists.hosef.org/cgi-bin/mailman/listinfo/luau
>

More information about the LUAU mailing list