Linux lasting longer against Net attacks (News.com)

Posted Dec 26, 2004 8:52 UTC (Sun) by efexis (guest, #26355) [Link]

Jan 2004, had an XP laptop become infected in 40 seconds of "connection
established"... I don't think this would be uncommon for an unpatched
system these days.

Posted Jan 7, 2005 20:18 UTC (Fri) by jd (guest, #26381) [Link]

What makes this fascinating is that they say in the article that they were using things like Red Hat 7.3. (IIRC, that was the most common version of Linux in their test.) If you consider the number of security patches/upgrades that have gone into packages between then and now, I think you can expect Linux to last rather longer than the claimed 3 months.

There is also a difference between the severity of hacks. If you break into a chroot-ed nobody/nogroup daemon with restricted capabilities and an SE-Linux clampdown, you're not going to be able to do as much damage as if you break into a root-run unlimited-power/unlimited-access shell, from which you can rule the world - or at least that computer.

On the other hand, in both cases the system has nonetheless been compromised.

The problem, then, is not a simple binary "compromised/secure", but rather a multi-dimensional issue. The "ideal" is to be secure in all aspects, but it's much more common for systems to be secure in very specific ways. Because of this, a direct binary comparison only tells you a system was good at something that was tested. It doesn't tell you what it was good at, or why.

Which is more secure - Trusted Mach (a B3 certified OS) or OpenBSD (no known exploits for years, but no mandatory access controls or memory permissions either)? The correct answer is both.