Antivirus is a bad solution to bad security.
Posted Oct 23, 2006 19:16 UTC (Mon) by penguin
Parent article: Critical Linux security API is still a kludge (Inquirer)
Antivirus isnt a solution to virii and worms. At best its a bandaid to mitigate the most widespread viruses. The problem is that the virii can get into the system and wreak havoc. If virii is common on the platform it is because something is inherently wrong with the security model. Virii is just a symptom, not the cause.
The cause is the holes are the bad design choices that let virii in to easy, thats where work should be done. SELinux, GRSecurity and apparmour are some techniques to strap on added security that i like. Them in conjunction with good base security makes for several layers of security. Antivirus does not add to security, it just mitigates already sighted and known threats. Any unknown virii just sails on through.
Windows needs antivirus because Microsoft doesnt give a rats behind about security. Linux can avoid this by focusing on better security instead of slapping on some bandaid afterwards. If Linux starts seeing more virii i would hate it if we ended up with antivirus because that solution has been tried for 10+ years without any success.
As for scanning for eg windows files in linux fileservers etc that should be done by hooking up to the daemon in question serving theese files, not the kernel.
to post comments)