vulnerability and popularity (was: EBAY and AMAZON)

• Previous message (by thread): EBAY and AMAZON
• Next message (by thread): vulnerability and popularity (was: EBAY and AMAZON)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jun 13, 2012 at 07:55:37AM -0400, Rich Kulawiec wrote:

> If popularity were the measure of relative OS security, then we would
> expect to see infection rates proportional to deployment rates

I don't buy that premise, or at least not without reservation.  The OS
market happens to be a superstar economy.  On desktops and laptops,
which still happen to be the majority of devices, the overwhelming
winner is Windows.  Therefore, if you are going to invest in any
product for which you want ubiquitous deployment, Windows is the first
platform you aim for.  You only aim for the others if you're chasing a
niche.

There is no reason whatever to chase a niche market if your goal is
spewing spam, collecting credit cards, or whatever.  

Perhaps fortunately, we're about to have an empirical trial of these
different possibilities.  If the above analysis is correct, then we
should expect malware targetting iOS and Android in about equal
proportions as those sorts of devices displace laptops and desktops as
the majority (though there will be some bias and therefore lag in
favour of Windows just because of the fact that people already have
tools and techniques built around Windows).  If you're right that the
primary issue is the fundamental security of the target, then perhaps
we will not see that pattern emerge.

Best,

A

-- 
Andrew Sullivan
Dyn Labs
asullivan at dyn.com

• Previous message (by thread): EBAY and AMAZON
• Next message (by thread): vulnerability and popularity (was: EBAY and AMAZON)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]