Re: [NTLK] [OT] Virus attacks on NTLK/Newton-related mailaccounts

From: David Ensteness (denstene_at_mac.com)
Date: Fri Apr 16 2004 - 12:51:55 PDT

• Next message: Brian Pearce: "Re: [NTLK] [OT] Virus attacks on NTLK/Newton-related mailaccounts"
• Previous message: Doug Augustyn: "Re: [NTLK] [OT] Virus attacks on NTLK/Newton-related mailaccounts"
• In reply to: Martin Joseph: "Re: [NTLK] [OT] Virus attacks on NTLK/Newton-related mailaccounts"
• Next in thread: Martin Joseph: "Re: [NTLK] [OT] Virus attacks on NTLK/Newton-related mailaccounts"
• Reply: Martin Joseph: "Re: [NTLK] [OT] Virus attacks on NTLK/Newton-related mailaccounts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

Accuracy my friend ...

Worms are called worms because of what they do. Viruses are social
engineering attacks, worms travel in an automated fashion of some sort
or another.

Perhaps the biggest security difference between UNIX based systems and
Windows based systems is Root access.

A worm can be uploaded to a Windows XP Professional system via Windows
Update from another infected Windows XP system, the application can
execute itself and make changes to ANY system or user data/resources it
wants to.

On a UNIX based system you would have to authorize the worm to install
itself, then you have to authorize it to change essential files. Also,
even as an administrator user there are some necessary system resources
you can not change because you do not have Root access, therefore even
if you had the exact same thing happen on a UNIX system as I described
above happening to a Windows XP system and you authorized the worm to
run, it could still only hit areas you had access too, which are far
less on a UNIX system than on a Windows system [unless you always work
as Root ... which is well, foolish for this exact reason].

You are correct that a user is the weakest link in the chain, but UNIX
does restrict the ability of the user to harm the system *more* than
Windows does in fundamental and effective ways.

David

On Apr 16, 2004, at 2:28 PM, Martin Joseph wrote:

>
> On Apr 16, 2004, at 11:47 AM, David Ensteness wrote:
>
>> Lastly, getting back to your final point about getting famous and
>> impacting users. Hitting UNIX based systems is so terribly hard than
>> hitting Windows based systems is far more practical.
>
> Actually this is not really true...
>
> unfortunately many recent Windows worm attacks are what we refer to as
> social engineering attacks.
>
> This means they rely on the stupid user to execute something nasty.
>
> Unix users using OSX are just as stupid (flamebait?) as windows users
> in general, and could easily be tricked into opening executables that
> do nasty things of all sorts.
>
> So while UNIX has a reputation (deservedly) as being pretty secure, the
> users remain the weak link...
>
> Marty

-- 
This is the NewtonTalk list - http://www.newtontalk.net/ for all inquiries
Official Newton FAQ: http://www.chuma.org/newton/faq/
WikiWikiNewt for all kinds of articles: http://tools.unna.org/wikiwikinewt/

• Next message: Brian Pearce: "Re: [NTLK] [OT] Virus attacks on NTLK/Newton-related mailaccounts"
• Previous message: Doug Augustyn: "Re: [NTLK] [OT] Virus attacks on NTLK/Newton-related mailaccounts"
• In reply to: Martin Joseph: "Re: [NTLK] [OT] Virus attacks on NTLK/Newton-related mailaccounts"
• Next in thread: Martin Joseph: "Re: [NTLK] [OT] Virus attacks on NTLK/Newton-related mailaccounts"
• Reply: Martin Joseph: "Re: [NTLK] [OT] Virus attacks on NTLK/Newton-related mailaccounts"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2.1.5 : Fri Apr 16 2004 - 17:00:02 PDT