Profile
Elf Sternberg
Active Entries
- 1: Surge Pricing for Grocery Stores is a Disaster Only Psychopath MBAs Could Love
- 2: Antarctica Day 7: Swimming In the Antaractic Seas
- 3: Restarted my yoga classes, and I discovered I'm a total wreck
- 4: Antarctica: Getting To the Boat and the Disaster That Awaited
- 5: The Enshittification of All That Lives
- 6: How the green energy discourse resembles queer theory
- 7: Tori's Sake & Grill (restaurant, review)
- 8: I'm Not Always Sure I Trust My ADHD Diagonosis
- 9: You can't call it "Moral Injury" when your "morals" are monstrous
- 10: Ebay vs Newmark: You're all just cogs. Accept it. There is no joy in it, but you have no choice.
Style Credit
- Base style: ColorSide by
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
branchandroot - Theme: NNWM 2010 Fresh by timeasmymeasure
Expand Cut Tags
No cut tags
Ostrich Security Model
Date: 2011-06-12 08:11 am (UTC)Mac has about 5% of the consumer market, down from a peak in the low double digits back in the good old days, years ago. Linux has come up to a good fraction of 1% of the consumer market now.
Linux users, despite potential tech savvy, are a big vector for malware. They tend to think they know enough to be script kiddies themselves, and do stupid things like brag about 'uptime' rather than keeping their systems patched. Mac users are a big malware vector for some valid reasons, and some outright idiotic ones. They tend to be the least tech savvy, but Apple PR actively discourages secure computing practices. With essentially a monopoly, over 91% share, Windows gets the most attention from criminals. Correspondingly Windows has the most anti-malware technology built in, and the shortest response time.
Anything Web & Internet compatible is vulnerable to cross platform malware. Feature phones, industrial controllers, smart 'fridges, are all at risk.
Doing some quick stats from the NIST vulnerability database you can see that the largest malware vector for several years has been Firefox webbrowser (independent of OS). It has the most vulnerabilities (IE numbers are far smaller) and a long/slow response time.
Bottom line, anything successful/popular enough to get noticed by consumers will be worth the attention of criminals.
It's true that the first rule of network security is to not talk about your network security. It's not true that you should assume anybody has some, just because they have cool TV ads. Yes it's valid to Open Source (tm) something like PKI so people can independently validate that it's secure. And you have to give out some generalities in your marketing buzzwords.
Most people will have to trust experts. The experts will be perpetually out of date. Common sense and awareness of the risks our greed and laziness expose us to.
Death penalty for hackers is one way to go. I recently read a proposal to decriminalize hacking, with a view to making everybody more aware of just how vulnerable we are.