Zombies continue to chase Windows PCs

TalkBack 30 of 122:

Next »

« Previous

• Thread View
• Flat View

At least it is a new argument!

Thanks for that!

Defending Windows computers is a pretty big industry in itself.

The question is: how successful has that industry been? Considering that anti-malware is, by definition, a reactive defense, it is flawed by design. It might be a big industry but that doesn't mean it is terribly successful at doing what it set out to do. I won't even mention that the adoption rate is less than 100% although that too would make an interesting stat: what % of Windows users have up-to-date anti-malware running on their machines?

Now take the Mac and Linux worlds. You have ... ? There is no similar industry defending Mac and Linux computers.

That technically isn't true. Symantec has anti-virus for Mac although their DAT file can't be very big!! However, does this mean that OSX and Linux are naturally better able to withstand the type of attacks that Windows faces every day? No. If you were to look at the % of Rhode Islanders who wear body armor (0.01%?) and compare it to the % of US soldiers in Iraq who wear body armor (100%?), you would conclude that Rhode Islanders must have much tougher skin than soldiers! This would be a verifiable claim and one that would likely prove false.

There still are a couple hundred million Mac/Linux machines out there surfing the web

1. You think so? If the combined marketshare between OSX and Linux is less than 10%, that would mean that there are a couple billion Windows machines surfing the web. I'll be honest, I don't know if your 200 million number is accurate but it sounds wrong to me. And if there were 2,000,000,000 Windows machines out there, you are admitting that malware isn't a very big problem, % wise, for Windows machines.

2. You can't combine them and say they are a big target together because the "bad guys" would likely have to write attacks that are individualized for the platform. You then have the problem that "Linux" itself isn't a homogenous platform. These are good things for defense but they don't really counter the marketshare argument.

3. Even if you want to ignore points 1. and 2., you are looking at the situation like an oil field. Once an oil field is tapped, it can't be tapped again by rival oil companies. In that case, it makes sense for the rival oil companies to look at other oil fields, even if they happen to be smaller. Computers can be "tapped" multiple times. While there may be 200,000,000 untapped OSX/Linux computers, there are effectively 2,000,000,000 untapped Windows computers. If you can only go after one of them with a random, mass attack, which would you pick?

I highlighted the words random, mass attack because that is also relevant. If you look at targetted attacks, Linux doesn't fare so well, especially the "L" portion of LAMP. However, random, mass attack rely on large numbers: the larger the better. Hence, Windows is the target. I've said this before and I'll say it again: marketshare isn't as much a factor as it is a requirement. That point is usually lost on people though.

In raw numbers, that's enough to make a botmaster drool.

If that was the case, I actually think the fact that there have been no attempts to be interesting. There are thousands of exploits targetting Windows that don't rely on any vulnerability. When anti-malware started scanning zipped email attachments, there were even attempts involving password protected zip email attachments with instructions on how to unzip the attachment in the body of the email!! This would require so many human steps to execute that any "Windows makes it too easy to run attachments" argument moot. The point is that the malware guys are a creative and desperate bunch yet they haven't even tried attacking those two hundred million machines? If they really were drooling over it, you don't think they would have even tried? There are old Windows vulnerabilities that are constantly attacked. You don't think they would have even tried to attack even 1 old OSX/Linux vulnerability? It simply isn't worth it because there is no downside to attacking the OS with, not just the largest marketshare, but the only OS with more than a miniscule marketshare. If Linux had 40% and Windows had 60%, I wouldn't defend someone who said Linux would have 40% of the exploits. As I said above, marketshare is a requirement more than it is a factor. However, are you willing to suggest that a Linux with 40% marketshare would still have no in the wild exploits?

Posted by: NonZealot   Posted on: 10/26/06 You are currently: a Guest | Members login | Terms of Use

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

SponsoredWhite Papers, Webcasts, and Downloads

• VMware Infrastructure: A Guide to Bottom-Line Benefits VMware Frustrated by the costs of maintain ever larger data centers?or building ... Download Now
• Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
• The True Costs of Virtual Server Solutions VMware In an economic environment that is repeatedly heralding the message "do ... Download Now