Spyware on FreeBSD?

Lane lane at joeandlane.com
Thu Jul 14 16:34:30 GMT 2005 

On Thursday 14 July 2005 11:18, Ted Mittelstaedt wrote:
> >-----Original Message-----
> >From: owner-freebsd-questions at freebsd.org
> >[mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Gayn Winters
> >Sent: Wednesday, July 13, 2005 9:49 AM
> >To: questions at freebsd.org
> >Subject: Spyware on FreeBSD?
> >
> >
> >I was wondering if anyone had had any trouble with spyware on their
> >FreeBSD systems, or if we are too small a group of consumers for the
> >spyware vendors to attack?
>
> we are too small a group of consumers for the spyware vendors to attack.
> Keep in mind that spyware only works if you have a critical mass of
> systems
> that are configured absolutely identically, with the same software.
>
> However, UNIX systems are vulnerable to custom attacks by crackers, if
> you
> are running versions of software that have been found to be insecure,
> that
> is why there are CERT advisories all the time on UNIX software.  But,
> while a cracker could break into a system that was running an insecure
> version of Apache, for example, there simply are not enough UNIX servers
> on the Internet for an automated cracking program, like a typical Windows
> virus, to propagate.  Also, you cannot depend on the same versions of
> software being present even on UNIX hosts that are running the same
> insecure version of Apache, so a successful crack almost always requires
> an actual live body.
>
> Things are much more divergent than in the days of the Morris Internet
> Worm.
>
> This is one of the areas that diversity = strength.  The fundamental
> downfall
> of Windows systems have always been that any attacker can assume that the
> Windows system he is attacking is configured the same as 10,000 other
> Windows systems out there, running the same software.
>
> Ted
>
> _______________________________________________
I think that it is also plausible that the least savvy among FreeBSD users is 
far and away more savvy than the "average" windows user.  This sophistication 
alone must make the FreeBSD community a less attractive target for the 
spyware community.

Not only that, but since we don't have enough money to spend on proprietary 
software, we probably aren't attractive for various fraud schemes, etc. (just 
a joke, of course :)



lane
P.S. The portaudit database is a real friend, for those who are not yet using 
it.

More information about the freebsd-questions mailing list