Fwd: [Krebs on Security] New Comment On: Using Windows for a Day Cost Mac User $100,000

Aaron Toponce aaron.toponce at gmail.com
Thu Jun 10 06:22:55 MDT 2010

On 06/09/2010 08:44 PM, Henry Hertz Hobbit wrote:
> But I have found in my reading that approximately 90% of people
> using Mac OS-X at home are running their machines from their
> admin accounts.  This is bad news!

Why? I'm all for educating people about "not logging in as root", but if
someone is going to install any sort of software on their machine, it's
still going to require privileged access. No way around that. Malware
generally comes from installing some sort of software on the machine.
Remember the days of Kazaa? Installing software requires admin rights.
Admin rights gives the malware full reign of the operating system.
Pretending that logging in with your unprivileged user will keep you
totally secure from the bad guys is just stupid. The real only advantage
of logging in as an unprivileged user is trying to keep yourself from
doing something completely stupid on your machine.

> MACINTOSH!  If somebody wants me to give a run-down on how bad
> it is in your monthly meetings let me know and I will oblige.
> I usually go through 6-12 Windows malware samples per day.  When
> I submit then to ClamAV I chuckle when they pre-select Unix/Linux.
> WHAT LINUX MALWARE?  It is there but I only have two, and only
> one is relevant.

Of course this is the case. The GNU/Linux desktop only occupies less
than 2% of the desktop market [1]. And of those running GNU/Linux as
their primary desktop, most of them are hobbyists, and change their
operating system more often than they change their underwear. You
honestly think GNU/Linux is even remotely any sort of a target for
malware writers? What sort of data would they be after? The latest
Ubuntu ISO? Torrents of South Park?

[1] http://en.wikipedia.org/wiki/Usage_share_of_operating_systems

Now, switch the tables. Put GNU/Linux on 90% of the desktop machines.
You honestly think GNU/Linux will be any more secure than Windows? Sure,
there are built-in firewalls, MAC, ACLs, and so on and so forth, but
treating Microsoft like it some sort of dumb giant that doesn't know how
to tie its own shoes, while GNU/Linux developers are advanced, slick,
professional security diehards, shows a great deal of ignorance on your
part. You honestly think Microsoft doesn't have some of the world's
leading security experts evaluating their software? Seriously??

I would be willing to bet that with GNU/Linux on 90% of the desktops of
the world, we would see the malware writers exposing software security
holes, and the upstream developrs constantly chasing them to get those
holes patched. In fact, this is the case already. Data center admins
struggle constantly with patching their operating systems, and keeping
production stable. Now let's just play this song and dance on the
desktop. It wouldn't be much different than it is today. Oh, and I would
be willing to bet there would be antivirus and antimalware software
titles galore to choose from, just like there are today.

> The problem is getting worse, not better.

You weren't around during the '90s, were you? Microsoft has made massive
strides in the areas of security, stability and reliability. It's just
that the security scene is constantly evolving. Malware writers have to
stay on their toes and be just as sharp as the top security experts in
the field. In my opinion, it's gotten a _lot_ better.

More people are likely aware of email scams than in the past.
More people are likely aware of antivirus and antimalware software.
More people are likely aware of phishing scams.
More people are likely aware of encrypting personal data.

In my opinion, times are much better than they were 20, 15, 10 and even
5 years ago.

. O .   O . O   . . O   O . .   . O .
. . O   . O O   O . O   . O O   . . O
O O O   . O .   . O O   O O .   O O O

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
Url : http://plug.org/pipermail/plug/attachments/20100610/0f5c205d/attachment.bin 

More information about the PLUG mailing list