ABM Considered Harmful (was: piercing corporate)

[Michael ODonnell]

>> I [have] a fairly secure home network (protected by [A] a firewall
>> and [B] the total absence of Microsoft products ...
>
> A word of advice: As a professional admin and security annalist

Historian, right?   ;->

> who works with both Microsoft and FOSS products, I find your
> attitude toward Microsoft products to be rather naive.  Yes,
> their products have serious security issues and design flaws.
> But you have repeatedly and recently state your opinion that all
> Microsoft products are inherently and automatically insecure, and
> also implied that FOSS is bestowed with magical security goodness.
>
> That's bunk, pure and simple.

Agreed: your characterization is bunk.

Since the archives at mail.gnhlug.org don't go
back far enough, I'll include here a couple of
postings I've made in the past, and then invite you
to reconsider the possibility that I might actually
have a clue about the issues in question:

####################################################################
<archivedPosting1>
  From: mod+gnhlug-AT-std.com (Michael O'Donnell)
  To: gnhlug-AT-zk3.dec.com
  Subject: Re: Offline
  Date: Fri, 25 Aug 2000 17:54:23 -0400

  >          | YOU HAVE RECEIVED THE UNIX VIRUS! Since Unix/Linux is
  > Regards, | immune to the viruses which plague the Windows world,
  > .        | this virus is distributed on the honor system. Please
  > Randy    | mail this virus to everyone you know and then delete a
  >          | bunch of your files at random. Thanks for cooperating!

  Since Gnu/Linux is in fact not "immune" to viruses/worms,
  that message in your signature is incorrect; trying to be
  a Gnu/Linux advocate while making substantially incorrect
  statements about it is likely to be self-defeating in the
  long run.  Th two primary advantages of Gnu/Linux in the
  matter of viruses/worms are:

   - The Gnu/Linux kernel/libraries/applications are (for
     the most part) distributed on an Open Source basis;
     algorithms and data structures are examined by many eyes
     and vulnerabilities are more likely to be identified and
     corrected under such circumstances than when only one or
     a few developers are inspecting the software, such as is
     usually the case in a proprietary development environment.

   - When vulnerabilities are discovered, they are often fixed
     in a matter of hours or days, rather than the weeks or
     months (or years, or never!) typical of proprietary software.

  And it must be said: part of the reason we've gotten relatively
  little attention from The Bad Guys is that M$ software is
  so brittle and so widely distributed that those who seek to
  cause harm get much more mayhem in return for their efforts
  than they would if they targetted Gnu/Linux systems.  In other
  words, we benefit to some degree simply from the fact that M$
  is still so dominant.  If Gnu/Linux becomes truly successful,
  we can expect The Bad Guys to turn their attentions on us,
  and life could then get interesting (especially if *VPLs like
  VBscript or M$Word-macros get ported to Gnu/Linux, but that's
  a different rant...)

   *VPL == Virus Propagation Language

</archivedPosting1>
####################################################################
<archivedPosting2>
  From: mod+gnhlug-AT-std.com (Michael O'Donnell)
  To: gnhlug-AT-zk3.dec.com
  Subject: Re: let's torture and kill virus writers
  Date: Fri, 05 May 2000 08:59:29 -0400


  >I think I saw something like this on a list once:
  >A good virus scanner - $50
  >A corporate virus scanner - $200
  >A free system immune to viruses - priceless

  I love the sentiment, but here's hoping we're all careful
  not to describe Linux as "immune" since to do so only
  does us all a disservice.  Linux is NOT immune; it
  just seems that way (for now) because we're much more
  secure from the start, we (so far) haven't introduced a
  bunch of *VPL's to assist the Bad Guys like M$ has, and
  we're very well positioned (because we're OSS) to do
  something about it anytime somebody does find an exploit.

    --Michael

  *VPL - Virus Propagation Language.  Examples
         include VBscript, M$word macros, Windows
         Scripting Host, etc, etc...
</archived posting2>
####################################################################


...and it so happens that I thought of you (Ben)
this weekend while listening to Wait!  Wait!  on NPR
where they made a crack about how the recent malware
was an example of the Hasselhoff variety because it
needs to exploit boobs in order to succeed.