[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Sunday 01 May 2005 7:36 pm, Julian Hall wrote:
Windows users by and large (and yes I am generalising here) know less about the computer and networking and how everything works than the average Linux user.
It has little, if anything, to do with users. The basic security implementation of the filesystem, kernel, permissions and the modularity of GNU software is what is behind the inability of a virus to infect a GNU/Linux box or then to either do any damage or spread further. It's not just the heterogeneous nature of the software, although that certainly has an impact, it is the fundamental design of the components.
Simplest analogy is of a school playground bully. He's going to pick on the first year kids smaller than himself, not the final year students who belong to the school judo team, who would probably hand him his teeth in a hat.
Virus writers pick on Windows because writing a virus for Windows is trivial. Writing a virus for GNU/Linux is hard. It's not about the users, it's about the system.
The other reason (yes OK... "Nobody expects the Spanish Inquisition!" etc) is that quite simply Windows gives MUCH more opportunity for it,
Yes, but not for the reasons you mention. The main reason is the tight integration of IE in the OS. IE, being also tightly integrated into the default email client, provides ready access to the privileged areas of the system that an email should NEVER be able to reach. Instead, ActiveX, VB, pif, bat, scr, any number of formats in an email can infect a Windows system. Windows should simply not run arbitrary executables with system privileges - you cannot do that on GNU/Linux, you can still on Windows because it keeps thunking down to insecure MS-DOS 16bit real mode code. The fault isn't in the user for not reading the warning, the fault is that the system doesn't do enough to prevent such a warning becoming necessary. -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/
Attachment:
pgpZYvDOlkMY8.pgp
Description: PGP signature