[unisog] Dropping executables - who does it?

Christopher A Bongaarts cab at tc.umn.edu
Fri Feb 13 21:01:02 GMT 2004


In the immortal words of Curt Freeland:

> If I had a tool that I could run on my {insert your favorite non Windows OS 
> here} boxen that would help me PREVENT such an invasion, I would run it.  
> If I had 10 different tools, I might run all of them.
> 
> Yes, it might be silly to require an A/V on an AIX system.  Yes, it might 
> waste cycles protecting me from something that will never appear.  But an 
> ounce of prevention today might save me somewhere down the road.  This 
> miracle tool might NEVER trigger, but if it did, I MAY have saved myself 
> several days of running around fixing things I could have prevented.

This viewpoint must be balanced against the costs of the measures
involved.  In some cases this is direct monetary cost for
software/hardware.  In all cases there is human-time required to
learning/install/maintain them.  Sometimes, there is a performance
tradeoff (for example, OpenBSD tends to be "more secure", than other
OS'es, but its performance for some applications leaves a lot to be
desired).  In order to be worthwhile even if they never actually *do*
anything, the costs must be in line with the costs saved had an attack 
been successful (factoring in the probability of such an attack...)

%%  Christopher A. Bongaarts  %%  cab at tc.umn.edu       %%
%%  Internet Services         %%  http://umn.edu/~cab  %%
%%  University of Minnesota   %%  +1 (612) 625-1809    %%



More information about the unisog mailing list