I
invader
I should think most virus writers target Windows because it has the largest
My belief is that the virus writers target everything they can. If they can
infiltrate Linux servers then they will do so. Furthermore, Humans are
something that can always be exploited, regardless of the operating system
and Microsoft has made exploting humans trivial. The only thing UAC does to
prevent this is make the user click one more time.
Feature creep is a big part of where Microsoft dropped the ball on the whole
security issue. Take for example email attachments in Outlook Express. The
instances in which an end-user actually needs to download executable code and
run it are extremely rare. Furthermore, there's absolutely no good reason why
an email client should ever run executable code (like an ActiveX) as part of
viewing a message. From the beginning, Outlook Express made this task easy,
which led to a popular infection vector for viruses and other malware.
The same problem exists with the browser. Rather than use a technology that
could be easily sandboxed like Java, Microsoft makes the decision to roll
their own solution using ActiveX, which led to another infection vector.
These two situations (Web Browsing and Email) are where a protection system
needed to be deployed, and it needed to be done 5 years ago, not now.
Sometimes I wonder if Microsoft didn't develop IE or OE simply to keep the
anti-virus software companies in business.
Microsoft has always suffered from "featuritis", the uncontrollable urge of
throwing everything but the kitchen sink into the operating system. Several
instances of this were marketing/monopolisation ploys by the company: make
the web browser inseperable from the OS, make the OS so feature-rich that it
cannot be emulated on Linux, etc. It came around to bite them in the ass, and
what do they do, but release the most complex feature-rich operating system
in their history.
Macinstall base out there. Sure, it has security holes, but so do Linux and
My belief is that the virus writers target everything they can. If they can
infiltrate Linux servers then they will do so. Furthermore, Humans are
something that can always be exploited, regardless of the operating system
and Microsoft has made exploting humans trivial. The only thing UAC does to
prevent this is make the user click one more time.
Feature creep is a big part of where Microsoft dropped the ball on the whole
security issue. Take for example email attachments in Outlook Express. The
instances in which an end-user actually needs to download executable code and
run it are extremely rare. Furthermore, there's absolutely no good reason why
an email client should ever run executable code (like an ActiveX) as part of
viewing a message. From the beginning, Outlook Express made this task easy,
which led to a popular infection vector for viruses and other malware.
The same problem exists with the browser. Rather than use a technology that
could be easily sandboxed like Java, Microsoft makes the decision to roll
their own solution using ActiveX, which led to another infection vector.
These two situations (Web Browsing and Email) are where a protection system
needed to be deployed, and it needed to be done 5 years ago, not now.
Sometimes I wonder if Microsoft didn't develop IE or OE simply to keep the
anti-virus software companies in business.
Microsoft has always suffered from "featuritis", the uncontrollable urge of
throwing everything but the kitchen sink into the operating system. Several
instances of this were marketing/monopolisation ploys by the company: make
the web browser inseperable from the OS, make the OS so feature-rich that it
cannot be emulated on Linux, etc. It came around to bite them in the ass, and
what do they do, but release the most complex feature-rich operating system
in their history.