[NTLUG:Discuss] Anti-linux bias in the media
David Brown
frag at phrenetictheory.org
Fri Feb 13 02:52:19 CST 2004
No need to remove my name, and I can rebut your comments.
kbrannen at gte.net wrote:
>
>
> OK, I don't want to pick on anyone but I just can't leave this alone
> (mental flaw of mine probably. :-) Also, I'm not trying to give the
> auther of the quote a hard time (hence I've removed names), but I've
> seen this view espoused in other places and I'd like to do some
> education if I can...
>
> Looking at raw numbers, I suppose it is technically true there will be
> people trying to write Linux viruses, and there will be some that one
> day actually work. However, :-) the number of successful Linux
> viruses will be so small, they won't matter. Let me explain, if
> anyone disagrees, I'm certainly open to discussion on it. :-)
>
> Propagation. There are email clients I haven't used, but of the ones
> I have, I have yet to find one that does or allows for
> auto-execution. (If MS would remove that ability I personally think
> the majority of Winders viruses wouldn't harm anyone). For the virus
> to spread, there needs to be code executed. On Linux, you have to
> save the file, chmod it, then execute it. Most new people won't make
> the effort or don't know how to do that; most experienced Linux users
> won't do it period. Because this process is so difficult for the new
> person, the virus can't spread fast enough to prevent it from dieing
> out fairly quickly; i.e. it just doesn't get started very well.
One word. Trojans. They don't require auto-execution.
>
>
> Separation. Users generally run as a non-root user. (Yes, I know
> some distros do that [Lindows should be whipped for it], and some
> people ignore the advice and do it anyway.) So the system itself is
> generally safe. I know it's not totally safe, give me (or someone
> knowledgable enough) access to a box and some time and I can become
> root; local exploits do exist. If there was a real worry, this would
> be it; but fortunately this is not all there is to it. Yes, the user
> data is probably the most important thing on the box and losing that
> is not nice, but if the system itself is not compromised, it's harder
> to own the box and use it for nefarious purposes. (This is also why
> proper security is made up of layers.)
Just because a user is non-root doesn't mean damage cannot be done. A
MS Word Macro virus doesn't wipe your hardrive.
>
> Platform (binaries). For the virus to be successful, it's going to
> have to come in a binary so I can't see it's a bad program; but more
> fun, it's going to have to be a binary for the machine I have. Is
> that x86, sparc, powerpc, os390 (got access to one of these at work
> :-), hppa-risc, or something else. Most people have x86, but not all,
> so there's no guarantee the binary will be useful. Though I must
> admit I saw my first text virus this week, it was a .cmd file and was
> interesting to look at before I deleted it. Again, program not
> runnable? No propagation.
This isn't true. A hacked CVS or source tarbal would be a virus. Yes,
you may run a CRC check, and not open attachments, but there are 500
million people that don't. Therefore the virus would be effective even
on Linux.
>
> Of course, let's not forget there's always stupid users. :-( By that,
> I mean people who do things against common sense: run email clients
> and other non-essential programs as the root user, do make the effort
> to run programs sent to them that they were not expecting, and so on.
> But by and large, I firmly believe viruses for Linux will not become
> prevalent; they will never be the trouble or make the impact that
> Winders viruses are.
>
> Kevin
Exactly. I noted this specificlly in my reply. Quote: "Virus on Linux
*will* become more prevalent as Linux grows on the desktop and more
non-geek users begin to migrate. "
My point is computers don't error, they fail. Only users error. User
error is why most computers get infected by virus. Even Linux.
Dave
More information about the Discuss
mailing list