__/ [ Oliver Wong ] on Thursday 24 August 2006 19:17 \__
>
> "Roy Schestowitz" <newsgroups@xxxxxxxxxxxxxxx> wrote in message
> news:2745405.P4bP2ZnvH8@xxxxxxxxxxxxxxxxxx
>> __/ [ Oliver Wong ] on Thursday 24 August 2006 18:01 \__
>>
>>> "Roy Schestowitz" <newsgroups@xxxxxxxxxxxxxxx> wrote in message
>>> news:2064683.UVGrTlPCn1@xxxxxxxxxxxxxxxxxx
>>>>
>>>>
>>
http://weblog.infoworld.com/enterprisemac/archives/2006/08/is_windows_inhe.html
>>>
>>> This reply is just to let nessuno know that I have read and thought
>>> about the issues discussed in the article. Unfortunately, I don't feel
>>> qualified to comment on it in any depth, as I'm not familiar with the
>>> topics Tom Yager discusses.
>>
>> Oliver,
>>
>> Have a look here:
>>
>> The short life and hard times of a Linux virus
>>
>> ,----[ Quote ]
>> | For a Linux binary virus to infect executables, those executables must
>> | be writable by the user activating the virus. That is not likely to be
>> | the case. Chances are, the programs are owned by root and the user is
>> | running from a non-privileged account. Further, the less experienced
>> | the user, the lower the likelihood that he actually owns any
>> | executable programs. Therefore, the users who are the least savvy about
>> | such hazards are also the ones with the least fertile home directories
>> | for viruses.
>> |
>> | [...]
>> `----
>> http://librenix.com/?inode=21
>
> Yup, I've seen you post this quote elsewhere in this thread, and in
> other threads as well, and I don't deny that this is a very strong argument
> in favor of Linux. However, a lot of the stuff Yager talks about is way
> over my head. For example, he writes "All Windows background
> processes/daemons are spawned from a single hyper-privileged process" and I
> had no idea it worked this way, so obviously I've never had to opprtunity
> to consider the security implications of this.
Processes and ownership are an important matter. Windows implements a
pseudo-multi-user model because it wasn't (at least initially) built for
more than a single user. Remember how Windows 98, for example, did not have
a proper login screen? Anyhow, this system of privileges was simply laid on
top. But how can a user intercept processes and control what runs with which
privileges? It's complex unless you implement the kernel properly from the
start. Otherwise, it's prone to hacks. And prompts don't bring home the
bacon. If their frequency is excessively high, users will just "yes" or "OK"
everything. Ultimately: same problems, more nags.
Best wishes,
Roy
--
Roy S. Schestowitz | "Error, no keyboard - press F1 to continue"
http://Schestowitz.com | Free as in Free Beer ¦ PGP-Key: 0x74572E8E
Cpu(s): 19.0% user, 2.7% system, 1.0% nice, 77.3% idle
http://iuron.com - semantic engine to gather information
|
|
