Eugene Leitl writes:
>The only way to be more or less immune is to run Linux, read
>Bugtraq digest daily and apply kernel patches on a daily/weekly
I agree mostly although I'll say that we do all these things, yet even the Linux boxes on our network have fallen prey to crackers a couple times. About the "safest" desktop hosts on our net, in the sense that they are targeted least, are most resistant to damage, and offer the most secure anti-viral tools, are (perhaps ironically) the Macs. Of course, none of the PPC boxes are running *just* MacOS now (they've all got Linux, BeOS, and various advanced flavors of MacOS on them as well), and we're divided as to whether this is a good thing or a bad thing, exposure wise, as one can argue that a multi-OS capable piece of hw has *all* the security failings of each of its OSes, or conversely that, unlike a single-OS box, since it exists as a particular OS host for a discontinuous fraction of the time, it is less attractive and harder to "hit".
Of course, the only computers we've got that have *never* had a successful viral or trojan-horse attack are the NewtonOS devices, which is a little ironic, considering that the openness of their systems is second only to the Linux boxes. We've even taken part in a couple developer-based projects to suss out their security holes and how they might be exploited. Guess there's a real advantage in having a different "digital genome" than the typical host.
| Jeffrey Fabijanic, Designer The Future exists, | Primordial Software first in Imagination, | "Software of the First Order" then in Will, | Boston, MA * (617) 983-1369 and finally in Reality.