On Tue, Sep 05, 2006 at 16:49:55 -0700, Tod Merley <todbot88@xxxxxxxxx> wrote: > > Is that really true?? How do we know?? "Bot" makers love this > attitude! It keeps them alive!!! Linux systems aren't immune from being hacked. Local root exploits are fairly common and those combined with a remotely accessible application being hacked can get your system owned by someone else. Also in the unix world we have been better about separating data from code and for using simpler programs for handling untrusted data. But this is starting to change. Graphical desktops are confusing running code with looking at data. People are having their mail readers call a web browser to handle displaying of html parts of email messages without specific user intervention. The difference is that in the Windows world they don't even think this is a problem. We are at least discussing things, but the future isn't looking good. I think that replacing Windows with Linux on normal people's desktops isn't going to put that big of a dent in the number of bots unless we can also change people's habits at the same time; which seems unlikely. I think to make a dent in bots, we need to get ISPs to get hard nosed with their customers whose machines are hosting them. Apparently at this time it must be cheaper to eat the network costs and compaint headaches rather than annoy paying customers by cutting them off or spending a lot of support time to help people repeatedly clean up their machines. Unless something changes the relative costs involved, the situation will continue like it is now. Unfortunately as a side effect of this is that it makes blacklisting spam sources by IP address a lot more difficult.
