re: E-mail buffer overflow virus is a REAL threat!

Jeffrey Fabijanic (
Mon, 3 Aug 1998 09:31:58 -0400

Eugene Leitl writes:

>The only way to be more or less immune is to run Linux, read
>Bugtraq digest daily and apply kernel patches on a daily/weekly

I agree mostly although I'll say that we do all these things, yet even the Linux boxes on our network have fallen prey to crackers a couple times. About the "safest" desktop hosts on our net, in the sense that they are targeted least, are most resistant to damage, and offer the most secure anti-viral tools, are (perhaps ironically) the Macs. Of course, none of the PPC boxes are running *just* MacOS now (they've all got Linux, BeOS, and various advanced flavors of MacOS on them as well), and we're divided as to whether this is a good thing or a bad thing, exposure wise, as one can argue that a multi-OS capable piece of hw has *all* the security failings of each of its OSes, or conversely that, unlike a single-OS box, since it exists as a particular OS host for a discontinuous fraction of the time, it is less attractive and harder to "hit".

Of course, the only computers we've got that have *never* had a successful viral or trojan-horse attack are the NewtonOS devices, which is a little ironic, considering that the openness of their systems is second only to the Linux boxes. We've even taken part in a couple developer-based projects to suss out their security holes and how they might be exploited. Guess there's a real advantage in having a different "digital genome" than the typical host.

|    Jeffrey Fabijanic, Designer     The Future exists,
|        Primordial Software           first in Imagination,
|   "Software of the First Order"        then in Will,
|    Boston, MA  * (617) 983-1369          and finally in Reality.