On Tue, Aug 31, 2004 at 04:42:49PM +0200, Adrian 'Dagurashibanipal' von Bidder wrote: > On Tuesday 31 August 2004 13.30, Volker Tanger wrote: > > [spyware/adware/trojans/...:] > > Another thing that protects Linux systems: heterogenity. Binary exploits > usually only work properly when a program is compiled and linked with > specific compiler and library versions -- with different versions, all you > get is a crash (which does no real harm in most cases). I think there are > far more different Linux versions out there than there are Windows > versions, so I *think* that even with Linux becoming a more attractive > target, you'll never get a single malware spreading with a speed comparable > to what's happening in Windows today. This is just not true, you are assuming malware would be distributed through library-linked binaries which would be a stupid thing to do if you want to target all distributions, staticly-linked compressed binaries would make most sense and any and all distributions would be affected regardless of library versions in use. Heterogeneity does "protect" Linux and *BSD systems from remote exploitation through buffer overflows since the remote tools need to include all the overflow points for different compilations as well as shellcode for different architectures. So your point could stand for some kind of worms (but not for all worms, consider PHP-worms for example). Heterogeneity also protects the user base in the sense that there is no single e-mail client or web browser that can be used as an attack vector, users can have a wide variety of applications and they can even switch between them if there is a problem with one. This added benefit does exist in the Windows world, but not within the standard OS in which a single application is provided for each use. Thus this is only true, if you compare only the OS "as provided" by Microsoft and Linux or *BSD distributions without considering third-party software. Regards Javier
Attachment:
signature.asc
Description: Digital signature