Ok, starting off, Open source does have the disadvantage of allowing "prospective" hackers/virus creators the ability to view code and find holes, but read it the same statement looking from OpenSource point of view.

"Review is boring and time consuming, and it's hard," said Steve Lipner

So, how many potential viruses will be created by hackers disecting OpSc code to create their "works of joy" following this statement ?

Now with Microsoft

How easy is it to create a virus with this "Closed Source" operating system?

They must be paying their "security" people peanuts, how else could such a flimsy operating system be allowed to operate with so many BUGS, and security holes?

Oh, they are not security holes, Ahhh ok, Melissa must be a feature?

Making code like MS-Winxxx SIMPLE for everyone makes it more volatile than OpSc code.

Ok, Mr Lipner stated the BIND and WU-FTP flaws, but they are FLAWS within seperate programs, simple update to BIND9 and change or shutdown the FTP proggy.

What do we do with Outlook Express and the integration with the Windows software? we cannot just close it down and get a new version, as the problem will remain.

I have not seen anyone make as many viruses for any other operating system like they do for Windows, and having a look at the Melissa code, its no wonder that MS-Win is chosed as the favorite for virus coders, this little program, being so simple has hit headline news, Worldwide damnation of the originator, kill it with software (not MS) and forget about it.

Melissa get re-coded, re-sent out, ARGHHH, another virus, but look, the "so called" better security of "Closed Source" software that you actually pay for is a joke, how much security is there in those programs from M$ apart from NT/2k have any real kind of security built into it?

How much more do you have to pay for securing your system (apart from chucking a Linux box on a 486 between you and the Internet) but all this still does not help.

Melissa is a good example.

simple coded virus, open E-mail (how many E-mails are opened without thinking every day) code gets run on the Outlook machine, look through sent E-mail list, grab last 50-100 etries and resend with virus attached.

poor person at other end opens E-mail wondering why it was resent to them and BINGO, the virus self replicates again.

I hope that M$ dosn't think this is NOT a security flaw.

Making Software so SIMPLE anyone can use it, no matter how much you pay for it, its going to be a hackers dream.

Oh, and yes, Hackers have played with Linux, go have a look at the "scoreboard for hackers" hacking the IPTABLES code for linux.

Oh, dman, these guys must be crazy, they are finding security holes AND NOT GET PAID for it. One wonders how much Microsft are paying their Security team.

EOL

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/191/5304#5304