[clue-tech] Linux vs. Windows security

[Bruce Ediger]

On Fri, 22 Jan 2010, marcus hall wrote:

> Alas, linux is not as immune to this as one would like.  In an effort to
> seemingly imitate windows, files that end in ".desktop" may be executed
> even if it does not have the execute bit turned on, if gnome or kde can
> see it...

Well, good.  I got the idea about executable documents from Crispin Cowan,
late of Immunix and Novell, now with Microsoft Research:
http://itknowledgeexchange.techtarget.com/security-bytes/microsoft-hires-linux-security-guru-crispin-cowan/

He posted it in a rant about why Windows had such problems with malware
of all sorts, I think to Bugtraq or Full-disclosre email list.  I can't find
it using Google, but I can find other Cowan postings containing similar
ideas.

The ".desktop" thing should give us another data point, because the "market-
share" argument doesn't hold water, and constitutes a form of "special
pleading" for everyone to go easy on Microsoft the corporation.