Spyware Sucks

But here is the dirty little secret of browser security: Even if every Internet browser made today were completely bug-free, it wouldn't stop malicious hackers and malware. Why? Because the vast majority of successful malicious exploits today don't exploit buggy browsers, but rather unwitting end-users. That is, Web-based malware is successful because end-users are intentionally installing it! Most exploit code doesn't search for an unpatched vulnerability, but simply asks the user to install. - Roger Grimes, Infoworld

The illusion of invulnerability (Linux)

There is an excellent, albeit short, article about security for Linux users that is worth a quick read:
http://www.viruslist.com/en/weblog?weblogid=186275723

I'll leave you to read the entire article, and will only highlight pertinent quotes here:

"Pretty soon, it dawned on us exactly what the biggest threat to Linux systems is: the almost overwhelming belief in the invulnerability of Linux." This is dangerous. If you think you are safe, you are more likely to do dangerous things - to take risks. I've always said that no browser is safe; nor is *any* operating system safe.

"The number of new malicious programs for an operating system isn’t related to the number of known security flaws, but to the number of installations." That's right, the bigger that target is on your butt, the more likely it is the bad guys are going to think you are worth going after. The really bad guys aren't bypassing Linux because its invulnerable, they're bypassing it because the number of users out there doesn't make it worth their while.

Also, don't be fooled into thinking that because its Linux, and its geeky, and you have to be 'smart' to use it, that writing malware targetting Linux will be beyond the means and ability of the bad guys that are out there now. They *can* do it, and they *will* do it, as soon as they decide that the Linux user head-count is big enough.

"To access a system, a virus writer doesn’t need 300 vulnerabilities - one is enough." Write that one down and stick it on the side of your monitor.

"... coming to the conclusion that your own system is practically invulnerable will make it easy for malware to spread on Linux systems in the future. ... when the day comes, will users and companies have enough time to choose and install a reliable virus scanner before their systems are hit?" Enough said.

Oh, and while we're on the topic of Linux vulnerabilties:
http://blogs.technet.com/security/archive/2006/05/09/427849.aspx

This is the mantra: No web browser is *safe*. No operating system is *safe*.

Published Wed, May 10 2006 11:37 by sandi

Spyware Sucks

This Blog

Syndication

Search

Tags

Community

Archives

My Web Sites

Internet Explorer Resources

Fighting Malware

SBS Links...

News

The illusion of invulnerability (Linux)