On Sun, Jun 10, 2012 at 2:06 PM, Laurelai <[email protected]> wrote: > I am a bit surprised by the direction of this conversation and I have been > waiting for someone to say the obvious in regards to protecting yourself > from .gov malware, it really is quite simple if you think about it. Stuxnet, > duqu, flame, ect.. all only run on windows platforms. If the people you are > protecting are concerned about that kind of malware (and they should be) it > would be a great time to tell them about GNU/Linux, BSD, ect..
What makes you think the world doesn't already know about these, and that the various world governments don't already have their own 0days or hooks into them? Why was Stuxnet written on Windows? Not because of it's history of flaws, but because the Siemens PLC code that interfaces with the centrifuges runs on Windows. If it ran on any other platform, I would *guarantee* that it would still happen. "Just run Linux" is not a panacea that instantly cures everything. Mac fanboys used to say the same thing until someone decided to shut them up. I've worked at places where it was Linux 100% and we STILL had security issues. Conversely, I've worked at Windows heavy shops that were actually well-run, and didn't have the mythical security issues that seem to plague the news. The operating system is merely the conduit, one has to look past that to the motivation of the attacking party. Consider this your own Riddle of Steel. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
