[LINK] The bad guys have won (was Re: www.ipv6.org.au/summit)
Scott Howard
scott at doc.net.au
Mon Sep 1 17:15:05 AEST 2008
On Sun, Aug 31, 2008 at 5:15 PM, Karl Auer <kauer at biplane.com.au> wrote:
> In OSX and indeed in all Unixes, your chess program cannot format the
> hard disk, unless you decide to run it as root. Nor can one user
> generally attack the data or settings of another, unless said user has
> root privileges. Nor can one user turn control of the machine over to a
> third party, unless, again, they do so as root. This is a system that it
> has taken Microsoft decades to get to, and they still do it very poorly.
>
But that misses the point. Today's "hackers" aren't interested in
formatting your hard disk, or attacking data of another user.
Instead they want to be able to use your computer to send spam, or host a
spam/phishing website (on any port, non-80 is OK), or log keystrokes. All
of these can be done (roughly) equally on Unix or Windows, with or without
administrator/root privileged.
IMHO there are only 2 reasons that OSX and Unix aren't targets of malware to
the same extent as Windows is :
* Critical Mass. There's no point targeting 2% of systems when you can
target 95+% instead.
* Clue-level of users. The general clue-level of OSX/Unix users is greater
than that of Windows users. That's not to say that there aren't clueful
Windows users, or clueless OSX users, but the simple fact if that if you
know nothing about computers and walk into a computer shop, odds are you're
going to come out with a windows box.
You can blame the OS all you want, but if the user clicks "Run" then who's
fault is it really?
Scott.
More information about the Link
mailing list