Anti-Virus Software ?

[John Thompson]

Matthew Miller wrote:

> On Fri, Oct 08, 2004 at 02:32:02PM -0500, John Thompson wrote:
> 
>>exploits.  If this were true, however, we would expect that in markets 
>>where Windows has less penetration -- e.g. internet severs, where 
>>Windows servers comprise ~40% of the market -- that Windows should only 
>>suffer ~40% of the exploits in this arena.  That is not what we see, 
>>however: even with ~40% of the internet server market, Windows still 
>>suffers ~95% of the significant exploits.  One can conclude from this 
>>that Windows is inherently less secure than other platforms.

> One can conclude all sorts of things. :)
> 
> But the one you've picked doesn't necessarily follow. 95% of desktop share
> might lead to increased incentive and ability to develop exploits, which
> then _happen_ to also work when the same OS is used in other markets --
> leading to more exploits there than you would expect by looking at that
> segment in a vacuum.

But the vast majority of desktop exploits involve Internet Explorer and 
Outlook and/or Outlook Express.  Neither of these should be doing much 
on internet *servers* and conversely, IIS and other Windows server 
exploits should have little relevance to desktop users. So I think my 
point still stands...

-- 

-John (john at os2.dhs.org)