in case nobody else noticed it, there was a mail worm released today

Thu Jan 29 04:51:03 UTC 2004

> -----Original Message-----
> From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu] On 
> Behalf Of Roger Marquis
> Sent: January 28, 2004 11:31 PM
> To: nanog at merit.edu
> Subject: RE: in case nobody else noticed it, there was a mail 
> worm released today
> 
> > The reason they don't do it is 
> because there isn't a critical mass of 
> > Evolution/GNU/Linux/glibcX.Y to make a big stink... And 
> there is such 
> > a critical mass for MS.
> 
> No, sorry, false analogy though it does account for some 
> portion of MS' mess.  The larger reason is that viruses are 
> substantially easier to write for Outlook, Exchange, et al.  
> For another example look at Unix Apache's market share (>75%) 
> and it's vulnerability share (<1%).

And look at the people who administer/use these things.

MS' problem, if you ask me, isn't poor engineering (though I'll grant you
I'm sure there stuff could be designed WAY better). The problem is that, as
would seem logical for a publicly-traded company out to maximize profits for
its shareholders, it designed its stuff to be used/administered by the
broadest range of people. Hence, they make it easy to setup (at the cost of
security, absolutely), and easy to forget about (especially as it crashes
less than it used to)... And then, people don't install the security patches
and have no idea about what proper security practices are. So when they find
out about the new cool screensaver... Oops.

Open source projects aren't out to maximize profits, generally... And they
don't generally aim at ease of setup. Whoever sets up Apache using vi to
edit httpd.conf needs to have at least a fractional degree of clue. Not
enough clue, no doubt... But some clue. Setting up the MS equivalent can
probably be done by the random guy on the street wearing a blindfold and
with one hand tied to the chair with a Cat 5 UTP cable. That's the problem. 

Someone made the argument to me privately that the problem is that MS lets
you run attachments from Outlook, while other clients would require you to
save the files to disk. That's not a solution: if these people are like my
parents used to be, they'd dutifully save the attachment, open up a file
manager, and open it up to see the "cool new screensaver" their best friend
sent them ("hey, even if it's a virus, I have an antivirus" is the usual
excuse). Sure, that's three steps instead of one, but for as long as the
HUMAN behind the keyboard wants to open the attachments, whether it takes
two clicks or fifty keystrokes, that attachment will get open. Why doesn't
this happen to Evolution users? My guess is, if you a) know what Linux is,
b) know how to set it up, and c) know what Evolution is, you have enough
CLUE to know that executable attachments from your friends that come with a
gramatically-incorrect email body are trouble. 

MS has made a business of putting computers into the hands of people who do
not have that clue, and do not want to acquire that clue. The fact that
they've been INCREDIBLY successful at doing it is the problem. Sure, they
could put a few more hoops to slow the viruses down... but for as long as
the person behind the keyboard wants to run the attachment, a way will be
found (and ISTR one patch for Outlook 2000 that blocked your ability to save
executables was released), and whoever tries to stop them will be seen as
the mean party here.

Vivien
-- 
Vivien M.
vivienm at dyndns.org
Assistant System Administrator
Dynamic Network Services, Inc.
http://www.dyndns.org/ 