Entries Tagged "Linux"

Page 4 of 4

Monopolies and DRM

Two years ago I (and others) wrote about the security dangers of Microsoft’s monopoly. In the paper, we wrote:

Security has become a strategic concern at Microsoft but security must not be permitted to become a tool of further monopolization.

A year before that, I wrote about Microsoft’s trusted computer system (called Palladium—Pd for short—at the time):

Pay attention to the antitrust angle. I guarantee you that Microsoft believes Pd is a way to extend its market share, not to increase competition.

Intel and Microsoft are using DRM technology to cut Linux out of the content market.

This whole East Fork scheme is a failure from the start. It brings nothing positive to the table, costs you money, and rights. If you want to use Linux to view your legitimately purchased media, you will be a criminal. In fact, if you want to take your legitimately bought media with you on a road trip and don’t feel the need to pay again for it—fair use, remember—you are also a criminal. Wonderful.

Intel has handed the keys to the digital media kingdom to several convicted monopolists who have no care at all for their customers. The excuse Intel gives you if you ask is that they are producing tools, and only tools, their use is not up to Intel. The problem here is that Intel has given the said tools to some of the most rapacious people on earth. If you give the record companies a DRM scheme that goes from 1 (open) to 10 (unusably locked down), they will start at 14 and lobby Congress to mandate that it can be turned up higher by default.

Posted on July 28, 2005 at 7:25 AMView Comments

Linux Security

I’m a big fan of the Honeynet Project (and a member of their board of directors). They don’t have a security product; they do security research. Basically, they wire computers up with sensors, put them on the Internet, and watch hackers attack them.

They just released a report about the security of Linux:

Recent data from our honeynet sensor grid reveals that the average life expectancy to compromise for an unpatched Linux system has increased from 72 hours to 3 months. This means that a unpatched Linux system with commonly used configurations (such as server builds of RedHat 9.0 or Suse 6.2) have an online mean life expectancy of 3 months before being successfully compromised.

This is much greater than that of Windows systems, which have average life expectancies on the order of a few minutes.

It’s also important to remember that this paper focuses on vulnerable systems. The Honeynet researchers deployed almost 20 vulnerable systems to monitor hacker tactics, and found that no one was hacking the systems. That’s the real story: the hackers aren’t bothering with Linux. Two years ago, a vulnerable Linux system would be hacked in less than three days; now it takes three months.

Why? My guess is a combination of two reasons. One, Linux is that much more secure than Windows. Two, the bad guys are focusing on Windows—more bang for the buck.

See also here and here.

Posted on January 6, 2005 at 1:45 PMView Comments

1 2 3 4

Sidebar photo of Bruce Schneier by Joe MacInnis.