Re: [libreoffice-users] Re: JRE older installs - Windows - nowonline- no need for Oracleaccount

On 9/3/2011 5:42 PM, Dennis E. Hamilton wrote:
> Criminals do attack servers.  Regularly.  And for as long as the internet has been the vehicle 
> for attacks.  Some of the successful attacks do get reported.  The vulnerability is often a 
> configuration and system-management one, not a defect in operational software.  
>
> Do you recall Google reporting a major penetration that had evidently gone on for some time?  Do 
> you recall reports of user information, identity, and password information having been stolen 
> from a variety of significant systems.
>
> The kinds of server based compromises tend to be different.  
>
> Apparently the most profitable attack on clients these days is for co-opting the clients into 
> zombie armies that can be used in coordinated attacks on vulnerable systems as well as unwitting 
> hosts for phishing attacks and distribution of spam.  Because thousands of clients are brought 
> under control in this manner, their botnet services are then hired out to criminals.  That is how 
> scale matters at the client level.
>
>  - Dennis
>
> -----Original Message-----
> From: Tom Davies [mailto:tomdavies04@yahoo.co.uk] 
> Sent: Saturday, September 03, 2011 13:47
> To: users@global.libreoffice.org
> Subject: Re: [libreoffice-users] Re: JRE older installs - Windows - nowonline- no need for 
> Oracleaccount
>
> Hi :)
> No, that is the point i am disagreeing with.  If Gnu&Linux, Bsd and other 
> Unix-based OSes were equally vulnerable then we would see a lot more servers 
> being compromised.  Affecting several thousand servers would have a vastly 
> higher impact then affecting that many desktops wouldn't it?  So, why bother 
> with desktops if servers are just as vulnerable?  For the same effort more data 
> could be collected and more disruption could be caused by aiming at servers.  So 
> why bother with creating malware for desktops at all?  When not just target 
> servers?  
>
>
> Compare with other sorts of crime.  Imagine no corporate crime, no fraud, no 
> scams just about 50%-20% of everyone  getting mugged for loose change on the way 
> home a couple of times a year.  It's low hanging fruit but just not worth the 
> investment of time and effort so people go for bigger targets to get more cash.  
> Why doesn't this happen with malware?  Why not several thousand servers instead 
> of just desktops?
> Regards from
> Tom :)
>
>
>
>
> ________________________________
> From: David <dgboles@gmail.com>
> To: users@global.libreoffice.org
> Sent: Sat, 3 September, 2011 21:11:30
> Subject: Re: [libreoffice-users] Re: JRE older installs - Windows - nowonline- 
> no need for Oracleaccount
>
> On 9/3/2011 4:02 PM, planas wrote:
>
> BIG <snip>
>
> <snip />
>
> Security by obscurity. So few people use Linux that Linux is not significant 
> enough
> to be of value to the 'bad guys' out there.
>
> Should Linux ever become common enough that more than about 50 million people, 
> [1] in a world of 5 Billion people, use it - then it might become *worth the 
> effort*.
>
> What do you think?
>
> [1] "Linux Counter Summary Report"
>
> <http://counter.li.org/reports/short.php>

What 'bothers' me about this is the smug that do not accept that this is
a real threat to us all. Which was my point. No one is 'bullet proof'.


-- 

  David

-- 
For unsubscribe instructions e-mail to: users+help@global.libreoffice.org
Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/
Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette
List archive: http://listarchives.libreoffice.org/global/users/
All messages sent to this list will be publicly archived and cannot be deleted