If I made one of those work-site signs that tracked “Days since last incident”, and made one for “Days since last in-the-wild remote-root worm” for Windows and Linux, what would they each say? 0 and 7304 respectively?
Update: while the post was tongue-in-cheek (everyone suffers when any large subset of computers is being attacked), I should lower the Linux days count to 2783 (for L10n on March 23, 2001, which is slightly newer than Ramen on January 17, 2001). Thanks for everyone’s comments. :)
© 2008, Kees Cook. This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 License.
I think the Ramen worm is still active, and there are various PHP bots out there, but probably with limited self-replicating capability.
These days, a lot of the attacks on Windows systems are funneled through compromised Linux systems, so we’re basically in the same boat anyway.
Comment by Florian Weimer — November 3, 2008 @ 11:55 am
“Days since last cussing about broken technology”:
– Windows: 0
– Linux: 0
– Book: [integer overflow]
Comment by oliver — November 3, 2008 @ 12:01 pm
Unless I’m mistaken, the L10n worm was more recent than that.
Comment by Alex — November 3, 2008 @ 1:03 pm