How to react to the news that an earlier flaw in Debian's random-number generator has been used to fuel an honest-to-Linus exploit, especially after yesterday's post? Welcome to the tip of the iceberg.

It's been said, somewhat cynically, that one possible good reason we don't see more Linux exploits scurrying around in the wild is because Linux doesn't represent the same kind of attack surface for criminal hackers as Windows does. True, Linux still doesn't have the desktop market share of even the Macintosh -- but it's become that much more interesting as a target because of the number of server and infrastructure systems that use it.

That doesn't so much replace the malign opportunities provided by Windows malware as it augments them.

More Here