| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 30 Aug 2009 01:12:59 +0100
From: "lsi" <stuart@...erdelix.net>
To: Paul Schmehl <pschmehl_lists@...rr.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: windows future
I'm not saying malware will frighten users away, I am saying that
malware will leave them no choice but to leave. This is not a
decision users make, they will not be able to buy a Windows computer,
as they will no longer work. Sure you can turn them on, but that's
all. Once you load up your AV, you'll have no RAM left to load
Notepad. Your CPU will be constantly processing AV updates and your
disk will fill with AV sigs. The machine will be unusable.
Also, there are software-imposed limits to malware filtering, as well
as the hardware limits I mentioned earlier, I can only think of one
right now, and that is 32-bit integer math, I'm pretty sure once the
number of mutations gets a bit past 2 billion, there will be problems
with this, possibly mitigated, at a significant cost to performance,
by using double integers, or by using 64-bit integers and dropping
support for 32-bit machines (again, long term these approaches will
also be exhausted).
Whitelisting ... my guess is that there will be trillions of
legitimate pieces of code, and this list will also grow too large for
the average computer to handle.
However, as noted in my other mail to Rohit, I think that before
these limits are reached, Microsoft will bite the bullet and drop in
a unix core.
Social engineering: yes, point taken, although, someone is still
cranking out binaries, as per the original link I posted:
http://www.theregister.co.uk/2009/08/13/malware_arms_race/ ... and to
be honest, it doesn't matter if it's only one guy who pumps out
trillions of mutations, it's still gonna DOS the AV.
I'm not commenting on Windows vs unix vs Mac, I didn't mean to start
that thread, I'm just commenting on Windows, and how it appears to be
holding a one-way ticket to oblivion. Is that an iceberg, dead
ahead? The numbers are telling us that it is.
PS. Have you seen PC-BSD? :) http://www.pcbsd.org/ ... it's FreeBSD +
KDE + sexy installer ...
On 28 Aug 2009 at 16:45, Paul Schmehl wrote:
Date sent: Fri, 28 Aug 2009 16:45:39 +0000
From: Paul Schmehl <pschmehl_lists@...rr.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: [Full-disclosure] windows future
Send reply to: Paul Schmehl <pschmehl_lists@...rr.com>
<full-disclosure.lists.grok.org.uk>
<mailto:full-disclosure-
request@...ts.grok.org.uk?subject=unsubscribe>
<mailto:full-disclosure-request@...ts.grok.org.uk?subject=subscribe>
> --On Friday, August 28, 2009 09:32:45 -0500 lsi <stuart@...erdelix.net> wrote:
> >
> > The world will awaken from the 20+ year nightmare that was Windows,
> > made possible only by manipulative market practices, driven by greed,
> > and discover the only reason it was wracked with malware, was because
> > it had all its eggs in one basket.
> >
>
> That's crazy talk. I hate Windows as much as the next guy, but there's a
> reason they have such a large market share and it's not *just* manipulative
> market practices. Most people outside the insular geek world use computers to
> perform tasks for them. They think of the computer as a tool, and they expect
> it to do the job they want without getting in the way or requiring them to
> learn to count in hex.
>
> When someone else comes up with a system that has excellent graphics, runs
> Flash and other things without complaint, and "just works" without expecting
> them to lift the hood and diagnose problems, doesn't require them to install
> all sorts of "extras" to have a working system *and* is priced competitively
> with Windows, they will buy it.
>
> Macs are competitive with Windows in every category except one; price. And by
> price I mean the cost of walking into a store and walking out with a working
> system. Apple's biggest mistake has always been trying to "hoard" the hardware
> market for their OS - the same mistake Sun makes - which drives up the price
> and makes them less competitive. Unix (really Linux mostly) is getting there
> but still has a ways to go.
>
> I say these things as a hard core Unix user who loves FreeBSD. There are many
> reasons that I love FreeBSD and use it exclusively when I can, but things like
> making Flash work are not for the faint of heart.
>
> It won't be the malware that will drive people *away* from Windows (if it was
> they would have been driven away long ago), it will be the (dare I say it?)
> user friendliness of a system *and* price competitiveness that will *attract*
> buyers to it.
>
> BTW, your comments about crackers and ecosystems are several years behind. The
> current "technology" crackers are using to great success is social engineering.
> Actually breaking into systems is almost passe these days.
>
> --
> Paul Schmehl, Senior Infosec Analyst
> As if it wasn't already obvious, my opinions
> are my own and not those of my employer.
> *******************************************
> "It is as useless to argue with those who have
> renounced the use of reason as to administer
> medication to the dead." Thomas Jefferson
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
---
Stuart Udall
stuart at@...erdelix.dot net - http://www.cyberdelix.net/
---
* Origin: lsi: revolution through evolution (192:168/0.2)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists