[OT] Browsing the internet... It is safer from Linux?

Bob Sneidar bobs at twft.com
Mon Nov 1 14:15:15 EDT 2010 

Let me weigh in one more time, for those who think that setting up a machine with all the security measures you can, but without using some kind of anti-virus/anti-spyware solution is "safe enough". 

Recently, our radio station web site was hacked via a simple php exploit. The people who we contracted to build the web site for us did absolutely NO hardening of the site, and thus we have been vulnerable all this time. 

The hackers (somewhere in Europe it turns out) redirected to their site which popped up one of those fake "Your computer has been compromised! Click here to clean your system" drive by exploits. The people running PC's were already infected by going to the site, before even clicking on the "Clean Now" button. 

No mac users were infected, primarily because the site was not written to compromise Mac's but also because it's really really hard to drive by compromise a Mac if the OS is up to date, along with Java, your browser, flash etc. The window of opportunity is just too small for it to be worthwhile. 

Windows users with up to date OS and software, along with an installed AV product, were also not infected. Finally, it took less than 24 hours for our domain to get blacklisted, so at that point only people without AV were getting infected. No one else could actually get there. 

My point is this. Modern AV software uses multiple methods to protect an OS. One is "Suspicious Activity" reporting. Another is signature based. Another is blacklist subscriptions. Another is "Heuristics" (a fancy way of saying, "You look like malware we know about so we are going to block you just to be safe"). 

An up-to-date OS and 3rd party software strategy, safe browsing habits (no porn, no warez etc) COMBINED with a good AV product, is enough to protect from anything except the most insidious zero day exploit. And the window of opportunity is so small in those cases, that your odds of getting compromised is almost nil. 

Honestly, if I know that my neighbors are home break in experts, even if I have an electric fence, and the latest in home alarm systems, I am not going to turn down a guard dog or two, just because I feel "safe enough". 


Bob Sneidar
IT Manager
Logos Management
Calvary Chapel CM

More information about the use-livecode mailing list