[NTLUG:Discuss] Anti-linux bias in the media
kbrannen@gte.net
kbrannen at gte.net
Fri Feb 13 00:09:39 CST 2004
someone wrote:
> ...
>
> For the most part it's all correct. Virus on Linux *will* become more
> prevalent as Linux grows on the desktop and more non-geek users begin to
> migrate. He did give *nix some credit with the following statement.
> Quote: "Operating systems like Unix and Linux (kind of like Unix, but
> free) are harder to infect, but it's not impossible."
...
OK, I don't want to pick on anyone but I just can't leave this alone (mental
flaw of mine probably. :-) Also, I'm not trying to give the auther of the
quote a hard time (hence I've removed names), but I've seen this view espoused
in other places and I'd like to do some education if I can...
Looking at raw numbers, I suppose it is technically true there will be people
trying to write Linux viruses, and there will be some that one day actually
work. However, :-) the number of successful Linux viruses will be so small,
they won't matter. Let me explain, if anyone disagrees, I'm certainly open to
discussion on it. :-)
Propagation. There are email clients I haven't used, but of the ones I have,
I have yet to find one that does or allows for auto-execution. (If MS would
remove that ability I personally think the majority of Winders viruses
wouldn't harm anyone). For the virus to spread, there needs to be code
executed. On Linux, you have to save the file, chmod it, then execute it.
Most new people won't make the effort or don't know how to do that; most
experienced Linux users won't do it period. Because this process is so
difficult for the new person, the virus can't spread fast enough to prevent it
from dieing out fairly quickly; i.e. it just doesn't get started very well.
Separation. Users generally run as a non-root user. (Yes, I know some
distros do that [Lindows should be whipped for it], and some people ignore the
advice and do it anyway.) So the system itself is generally safe. I know
it's not totally safe, give me (or someone knowledgable enough) access to a
box and some time and I can become root; local exploits do exist. If there
was a real worry, this would be it; but fortunately this is not all there is
to it. Yes, the user data is probably the most important thing on the box and
losing that is not nice, but if the system itself is not compromised, it's
harder to own the box and use it for nefarious purposes. (This is also why
proper security is made up of layers.)
Platform (binaries). For the virus to be successful, it's going to have to
come in a binary so I can't see it's a bad program; but more fun, it's going
to have to be a binary for the machine I have. Is that x86, sparc, powerpc,
os390 (got access to one of these at work :-), hppa-risc, or something else.
Most people have x86, but not all, so there's no guarantee the binary will be
useful. Though I must admit I saw my first text virus this week, it was a
.cmd file and was interesting to look at before I deleted it. Again, program
not runnable? No propagation.
Of course, let's not forget there's always stupid users. :-( By that, I mean
people who do things against common sense: run email clients and other
non-essential programs as the root user, do make the effort to run programs
sent to them that they were not expecting, and so on. But by and large, I
firmly believe viruses for Linux will not become prevalent; they will never be
the trouble or make the impact that Winders viruses are.
Kevin
More information about the Discuss
mailing list