On Fri, 2004-10-08 at 16:39, John Thompson wrote: > Matthew Miller wrote: > > > On Fri, Oct 08, 2004 at 02:32:02PM -0500, John Thompson wrote: > > > >>exploits. If this were true, however, we would expect that in markets > >>where Windows has less penetration -- e.g. internet severs, where > >>Windows servers comprise ~40% of the market -- that Windows should only > >>suffer ~40% of the exploits in this arena. That is not what we see, > >>however: even with ~40% of the internet server market, Windows still > >>suffers ~95% of the significant exploits. One can conclude from this > >>that Windows is inherently less secure than other platforms. > > > One can conclude all sorts of things. :) > > > > But the one you've picked doesn't necessarily follow. 95% of desktop share > > might lead to increased incentive and ability to develop exploits, which > > then _happen_ to also work when the same OS is used in other markets -- > > leading to more exploits there than you would expect by looking at that > > segment in a vacuum. > > But the vast majority of desktop exploits involve Internet Explorer and > Outlook and/or Outlook Express. Neither of these should be doing much > on internet *servers* and conversely, IIS and other Windows server > exploits should have little relevance to desktop users. So I think my > point still stands... > > -- > > -John (john@xxxxxxxxxxx) It stands only when you consider my statements earlier about being all things to all people. You are exactly right, those items should _never_ be on a server. However, have you ever tried to use SQLMail in SQL Server? It _requires_ Outlook installed for certain (MAPI?) dlls. I have maintained all along that there is no reason for any Windows server to run a GUI by default. (Totally irrelevant to my point though...). This is going to be MS's undoing. Total integration is not a good thing. Unless you build completely separate codebases for server and workstation. -------------------------------------- Mark Haney Network Administrator InterAct Public Safety Systems mhaney@xxxxxxxxxxxxxxx Fedora Core release 2 (Tettnang) Kernel: 2.6.8-1.521 GNU/Linux 16:40:15 up 8:58, 2 users, load average: 10.16, 9.14, 8.57
Attachment:
signature.asc
Description: This is a digitally signed message part
