Some Good News For Linux Users (It's Not Windows)

Reading the news this morning about a worm that infected a lot of big business networks last Thursday, I saw these two articles that
would interest all Linux and Ubuntu users.

http://www.pcworld.com/businesscenter/arti...ws_problem.html
Business Center September 10, 2010 5:07 PM
'Here You Have' Is a Windows Problem---By Katherine Noyes, PC World
.........Microsoft Windows is the reason our culture gets threatened again and again by malware; if the world ran Linux instead, it wouldn't be a problem. Here's why.

1. Users Are Dumb

There's no point denying it -- humans are extremely gullible, forgetful, distracted, and yes, just plain stupid sometimes. That is simply a fact of life, and no "helpful reminders" or even automated warning systems are going to keep them from being stupid. Offer them pictures of cute puppies or porn, and they'll go wherever you want them to.

This is only a problem, however, because of Windows. Rather than protecting foolish users from themselves by minimizing the potential consequences--which is what a good operating system should do--Windows gives them all administrator access by default..............

http://www.pcworld.com/businesscenter/arti...com_driver.html
Linux Wi-Fi Gets Easier with New Broadcom Driver
By Katherine Noyes, PC World
.............Wireless networking has long been a sticking point for Linux users with netbooks and laptops including Broadcom chipsets, which have traditionally used proprietary drivers that don't work with Linux. Other makers of Wifi chipsets--Atheros and Intel, for instance--have been supporting Linux natively for some time already.........

...........Once it's been merged into the main Linux kernel--it's expected to appear in version 2.6.37, which will be released late this year or early next--Linux distributions will be able to fully support many common Broadcom wireless chips.

Canonical, meanwhile, has already said that the driver will be included in its upcoming Ubuntu 10.10 release, due next month and also known as Maverick Meerkat. It may even be back-ported to the current stable version of Ubuntu 10.04, Lucid Lynx, Ubuntu kernel developer Jeremy Foshee wrote on Thursday..............

These are both two really cool articles. That first one is so true... if the world ran linux or even mac we wouldn't have half these computer issues! I'm not trying to knock windows, because it has it's uses for sure, but linux is in many ways much more stable.

These are both two really cool articles. That first one is so true... if the world ran linux or even mac we wouldn't have half these computer issues! I'm not trying to knock windows, because it has it's uses for sure, but linux is in many ways much more stable.

If the world ran linux or mac then the malware creators would target those operating systems and create malware for those as well. Its all about Market Share in the business of malware creation.

1) Windows / Microsoft Dominate the Market share by at least 70 to 80% by latest estimates, so that gives malware writers more people to target and more computers to infect. For example, in my house hold I have 3 computers running Windows Operating system and Software, and on the other hand I have 3 Machines running Ubuntu and Slackware with one of the machines in dual boot mode.

2) OS X I would say owns about 10 to 15% of the Operating system market, and OS X is based on FreeBSD which is a unix clone. The other part of the Market share is Linux / Unix and all its variants.

As the market share would decrease for Windows and Increase in another market then that other market would also be plagued with Malware and Viruses. OS X and Linux/Unix are immuned right now due to low market share holdings.

If the world ran linux or mac then the malware creators would target those operating systems and create malware for those as well. Its all about Market Share in the business of malware creation.

http://www.theregister.co.uk/2004/10/22/se...ndows_vs_linux/

Myth: There’s Safety In Small Numbers
Perhaps the most oft-repeated myth regarding Windows vs. Linux security is the claim that Windows has more incidents of viruses, worms, Trojans and other problems because malicious hackers tend to confine their activities to breaking into the software with the largest installed base. This reasoning is applied to defend Windows and Windows applications. Windows dominates the desktop; therefore Windows and Windows applications are the focus of the most attacks, which is why you don’t see viruses, worms and Trojans for Linux. While this may be true, at least in part, the intentional implication is not necessarily true: That Linux and Linux applications are no more secure than Windows and Windows applications, but Linux is simply too trifling a target to bother attacking.

This reasoning backfires when one considers that Apache is by far the most popular web server software on the Internet. According to the September 2004 Netcraft web site survey, [1] 68% of web sites run the Apache web server. Only 21% of web sites run Microsoft IIS. If security problems boil down to the simple fact that malicious hackers target the largest installed base, it follows that we should see more worms, viruses, and other malware targeting Apache and the underlying operating systems for Apache than for Windows and IIS. Furthermore, we should see more successful attacks against Apache than against IIS, since the implication of the myth is that the problem is one of numbers, not vulnerabilities.

Yet this is precisely the opposite of what we find, historically. IIS has long been the primary target for worms and other attacks, and these attacks have been largely successful. The Code Red worm that exploited a buffer overrun in an IIS service to gain control of the web servers infected some 300,000 servers, and the number of infections only stopped because the worm was deliberately written to stop spreading. Code Red.A had an even faster rate of infection, although it too self-terminated after three weeks. Another worm, IISWorm, had a limited impact only because the worm was badly written, not because IIS successfully protected itself.

Yes, worms for Apache have been known to exist, such as the Slapper worm. (Slapper actually exploited a known vulnerability in OpenSSL, not Apache). But Apache worms rarely make headlines because they have such a limited range of effect, and are easily eradicated. Target sites were already plugging the known OpenSSL hole. It was also trivially easy to clean and restore infected site with a few commands, and without as much as a reboot, thanks to the modular nature of Linux and UNIX.

Perhaps this is why, according to Netcraft, 47 of the top 50 web sites with the longest running uptime (times between reboots) run Apache. [2] None of the top 50 web sites runs Windows or Microsoft IIS. So if it is true that malicious hackers attack the most numerous software platforms, that raises the question as to why hackers are so successful at breaking into the most popular desktop software and operating system, infect 300,000 IIS servers, but are unable to do similar damage to the most popular web server and its operating systems?

Astute observers who examine the Netcraft web site URL will note that all 50 servers in the Netcraft uptime list are running a form of BSD, mostly BSD/OS. None of them are running Windows, and none of them are running Linux. The longest uptime in the top 50 is 1,768 consecutive days, or almost 5 years.

This appears to make BSD look superior to all operating systems in terms of reliability, but the Netcraft information is unintentionally misleading. Netcraft monitors the uptime of operating systems based on how those operating systems keep track of uptime. Linux, Solaris, HP-UX, and some versions of FreeBSD only record up to 497 days of uptime, after which their uptime counters are reset to zero and start again. So all web sites based on machines running Linux, Solaris, HP-UX and in some cases FreeBSD “appear” to reboot every 497 days even if they run for years. The Netcraft survey can never record a longer uptime than 497 days for any of these operating systems, even if they have been running for years without a reboot, which is why they never appear in the top 50.

That may explain why it is impossible for Linux, Solaris and HP-UX to show up with as impressive numbers of consecutive days of uptime as BSD -- even if these operating systems actually run for years without a reboot. But it does not explain why Windows is nowhere to be found in the top 50 list. Windows does not reset its uptime counter. Obviously, no Windows-based web site has been able to run long enough without rebooting to rank among the top 50 for uptime.

Given the 497-rollover quirk, it is difficult to compare Linux uptimes vs. Windows uptimes from publicly available Netcraft data. Two data points are statistically insignificant, but they are somewhat telling, given that one of them concerns the Microsoft website. As of September 2004, the average uptime of the Windows web servers that run Microsoft’s own web site (www.microsoft.com) is roughly 59 days. The maximum uptime for Windows Server 2003 at the same site is 111 days, and the minimum is 5 days. Compare this to www.linux.com (a sample site that runs on Linux), which has had both an average and maximum uptime of 348 days. Since the average uptime is exactly equal to the maximum uptime, either these servers reached 497 days of uptime and reset to zero 348 days ago, or these servers were first put on-line or rebooted 348 days ago.

The bottom line is that quality, not quantity, is the determining factor when evaluating the number of successful attacks against software.

I take things from theregister with a grain of salt.