> I haven't read the article yet, but from the summary I'd assume that (at
> least part of) the education would involve preventing social engineering
> attacks, which are platform independent. "Don't click on the links within
> SPAM e-mail", for example.
I learned today in another post that when you (or automatically your
software) downloads an attachment to an email, it has the effect of
telling the spammers that your email address is valid, regardless of
what you do with that attachment. So that's definitely a reason not to
look at attachments on any OS. I've always assumed that on my Linux
system it wouldn't matter if I did click on attachments (or links), not
that I'm in the habit of doing it.
I agree that with sufficient social engineering (that is, sufficiently
ignorant or stupid users), any system is vulnerable. And there are
social engineering tricks that are independent of OS (and browser), for
example, phony messages from your "bank" directing you to hand over
your password to your bank account (of course, this doesn't compromise
your computer). I think some others are significantly easier on
Windows systems than on Macs or Linux. There have been lengthy debates
about this on cola at times. Apropos, I'd be interested if you have
any technical comments on the Windows vs Mac security comparison on the
other recent post, "Tom Yager Confirms: Windows Inherently Insecure":
http://groups.google.co.uk/group/comp.os.linux.advocacy/browse_frm/thread/7bac4a36a6834f5e?hl=en
|
|
