You can bet your life that you'll need anti-virus and Trojan software, along with a REAL firewall to replace the ICF that Microsoft supplies. If you use IEn and click on any of many web pages you'll get infected. Period. I just got an email from ZDNet. The lead story is that Microsoft's anti-virus package in VISTA FAILS to protect VISTA from viruses! What new? JLK Jim Worrest wrote: > The article really was complaining about bugs in Firefox, and there have been > some found in it. The article was about open source software, and I'd dare > say > that more people have heard and used Firefox than they have Linux. > > I sometimes think some virus programs are a virus themselves. I removed AVG > instead of getting the paid version, and my Windows 98 on that program would > not > let any updated or new program access the Internet! :-( Yes I turned of the > firewall and even put in a new one, but that didn't solve the problem. While > one need spyware programs, I don't know if you even need a virus program if > don't read email on Windows. ---Jim > > GreyGeek wrote: > >> " Microsoft, leader of the closed-source world, makes more headlines >> than any other software maker when it comes to security. But that's >> because the company's products are used by nearly all PC users, not >> because Microsoft software has more vulnerabilities." >> >> >> That sentence sums up the purpose of that article... to exonerate >> Microsoft of its many security sins, while impeaching Linux and FOSS >> projects WITHOUT proof. Now they are paying Stanford and Symantec to >> HUNT for bugs in popular FOSS apps? >> >> That shouldn't be hard for Symantec. They can "find" them out of thin air. >> >> In 2002 I searched their virus database for viable Linux bugs. I found >> 42. Of those, only six had been found in the wild, the most recent >> being 4 years prior. The other 36 bugs were found on "2 0r fewer" PCs >> and had "low" (read NO) risk. Now, I wondered how Symantec could find >> so many sterile bugs on so few PCs? For a bug to be caught it has to be >> ACTIVE and it has to catch the attention of the victim, who then reports >> it to developers or security orgs. This CAN'T happen 36 times with >> JUST "TWO PCs, OR FEWER". My conclusion was that these bugs were failed >> virus projects by Symantec, tying to cook up viral agents to seed their >> Linux anti-virus mine, but being used to seed their Linux virus "count". >> >> A couple years later someone on LT asked about Linux vulnerability and >> stated the same myth that C/Net repeated in this "news" article. I went >> back to Symantec to do another search and found they had over 400 Linux >> viruses listed! Wow! I decided to research them. However, Symantec >> had changed its format for displaying Linux viruses and it now took >> half a dozen drill downs to arrive at the crucial data -- method of >> attack, severity of attack, and threat level -- for a single virus. >> This needless increase in complexity was, in my opinion, NO accident. >> I drilled down on about 125 of them, taking the better part of a day, >> and discovered that ALL of them were actually WINDOWS viruses (*.exe's >> or *.jpg's) with the word "Linux" in their names! This was during that >> time when there was a lot of media hysteria about WIndows AND Linux >> being susceptible to "cross platform" graphic viruses. Most of the >> articles at that time mentioned Windows but primarily fanned anti-Linux >> flames. The "proof" was a URL link to Symantec's Linux virus list. >> Most readers are gullible or lazy and would do only a cursory >> examination before concluding that a "10 fold increase" sure indicates >> tha Linux is no safer than WIndows -- the conclusions these articles >> wish the reader to assume. Time has proven the "threat" to be a hoax >> as far as Linux is concerned and, for the most part, Windows too. If I >> were still doing homicide investigations I'd "follow the money" and see >> where these Submarine Stories (a.k.a Paul Graham) came from..... IF I >> had any doubts. >> >> The other thing you have to look at are the body counts. Where are >> they?? >> >> FOSS runs about 70% of the Internet, while Windows only runs 28%, yet >> the VAST MAJORITY (99.99999%) of viral agents are launched from Windows >> servers and desktops. IF Linux were as vulnerable as Windows then >> simple logic would dictate that 20% of all body counts would be >> compromised Linux boxes. While the last active Linux bug, Slapper, >> infected 15,000 computers world wide in 2003, CodeRed was infecting >> MILLIONS at the same time. Since Slapper the Windows body count has >> continued to pile up in LARGE NUMBERS, at great expense to Windows users >> and their personal data, but rarely do we read about even a single Linux >> box getting infected.... only these kind of scare stories. Just a few >> weeks ago TJMax and Marshals, on the same network, reported that their >> W2K servers were hacked into and 250,000 CC numbers and passwords were >> stolen. This break-in actually took place in October of last year. The >> crackers gained access because the IT boss at TJMax emailed a Word >> document to a supplier. Microsoft buries identifying and personal info >> into Word and Excel documents and it appears that this document >> contained the server passwords. The email was "acquired" because the >> supplier's Windows boxes had been compromised. By, the way, this info >> was published on C/Net at the time, but two days later, when someone >> challenged me on these facts, I discovered the URL had been taken down. >> The Internet Archive had no record of it. A google search will show >> some URL's referring to that original article but that's all. >> >> I'm glad the Dept of Homeland Security is paying to find FOSS bugs, but >> I suspect it is really an anit-Linux ploy, especially since Symantec has >> a vest interest in "finding" Linux bugs. Still, it's better than >> paying to find proprietary bug$. >> JLK >> >> Jim Worrest wrote: >> >>> This can be of interest to Linux users, but to others as well. ---Jim >>> >>> >>> <http://news.com.com/Security+from+A+to+Z+Open+source/2100-7355_3-6138647.html> >>> >>> >>> >>> >> > > ---- > Husker Linux Users Group mailing list > To unsubscribe, send a message to huskerlug-request@xxxxxxxxxxxxx > with a subject of UNSUBSCRIBE > > > -- ========= GreyGeek ========= Remember, a consumer is a customer with no choice. DRM 'manages access' in the same way that jail 'manages freedom.' ---- Husker Linux Users Group mailing list To unsubscribe, send a message to huskerlug-request@xxxxxxxxxxxxx with a subject of UNSUBSCRIBE