You miss the point. The fact that someone keeps trying to do something doesn't serve as proof that it accomplishes it's goal.
It's not that I missed your point, but rather that I was too subtle in mine.
Proof? That's a hard standard... However, such a fact is solid evidence and if it looks like the goal isn't being accomplished, it is evidence that the real goal is not what you think it is.
Perhaps the War on Drugs isn't the perfect analogy, but I think it's pretty good, despite everything you said.
I think I was implying that it was a great analogy. Like I said: too subtle.
The fact remains that the US government persists in it's War on Drugs, and yet there is no noticeable change in the amount of drugs flowing into the market.
Making a significant and persistent change downward in the amount of drugs flowing into the market may not be the most important goal of the "War on Drugs" for the people who direct it. It may not be a goal at all. The War on Drugs kills, hurts, and/or incarcerates a large number of people, most of them not affluent white Americans. It forces the raw pure capitalists of the drug trade into a choice between leaving the trade or incorporating violence and other criminal acts as core competencies. It reinforces class distinctions in the US by entrenching the drug trade as a generally dangerous and criminal but highly lucrative business that has very few barriers to entry and advancement other than its serious risks, drawing its participants mostly from communities where other opportunities are thin. It co-opts foreign governments, leaving places like Colombia and Mexico with governments which would disintegrate were it not for their anti-drug battles backed by the US. The War on Drugs yields results which benefit the people who have driven and steered the War on Drugs for decades. It is reasonable to conclude that those results are the goals of the War on Drugs, and that the War on Drugs is in fact working. Similarly, the War on Terror has proven itself useful, even though it has not been terribly successful at eliminating terrorism and seems to have actually bolstered the recruiting of violent Islamist groups who focus on the US as their enemy. Just as an end to the drug market in the US would be a catastrophe the people driving the War on Drugs, an end to Islamic extremism would be a catastrophe for the people who drive the War on Terror. It is not coincidence that those two groups are so overlapped that they can be seen as one gang.
Likewise, there may be a concerted effort on the part of malware propagators to attack Linux servers, but there isn't any evidence (at least, none offered here) that there is a significant success rate. They could be attacking Linux servers simply because it's simple to launch an attack and it's more efficient for them to use the shotgun approach than to tailor their attacks to specific targets. Attacking a very large group of machines expecting a 0.5% success rate can be more efficient than spending time and money to tailor your attack to a smaller number of machines where you expect a 1% or 5% (or more) success rate.
Absolutely. I guess we're defining "success" differently.
The meaningful success metric for the task of building a network of machines for illicit activities is not the crack percentage of attacked systems, it is the aggregate capacity of cracked systems which can be harnessed for those illicit activities. Breaking into 90 of 100 Windows boxes attacked isn't so great if the result is control of 90 desktops and laptops that get disconnected from the net, shut down, or rebooted routinely, are largely 5 years or more old, and mostly have users sitting in front of them who might notice hijacked capacity. Breaking into 10 of 1000 machines with SSH daemons (i.e. mostly Linux and other Unix-ish systems) by brute force password guessing may be a better result, since the cracked systems are likely to be more exploitable than the average Windows box and the attack is absurdly cheap to run against a huge set of targets.