Cause of virii
Posted Oct 24, 2006 3:25 UTC (Tue) by ringerc
In reply to: Antivirus is a bad solution to bad security.
Parent article: Critical Linux security API is still a kludge (Inquirer)
I disagree. While Microsoft's design decisions have not helped the virus issue at all (system & program files writable by all users; applications that automatically execute code coming from *email*), many viruses only explioit user stupidity.
I don't personally see how a trojan that asks a user to run it in order to "speed up their computer" or whatever and when run mails itsself to everyone in their addressbook is Microsoft's problem. Their involvement is limited to making it easy to send programs around and easy to run them.
For trojans (as opposed to worms and the even rarer old-school executable infecting viruses), which are the most common threat these days, I think Linux is probably less exposed largely beceause:
- It's harder to run a program you've been sent. You need to do more
than just double click.
- The variety of software used means that something like
scanning the user's addressbook becomes a rather non-trivial task.
But wait? What do all these trojans do? They don't just propagage - they set themselves up as backdoors to be used as spam relays etc. Is there anything that'd prevent that being done on Linux?
- User base. Why bother when there are all those Windows machines
just waiting to be exploited by their helpful users.
After all, adding some start-up code to .bash_login, .xinitrc or whatever isn't too hard, nor is building a neat little static executable that'll run on most distros. Networking isn't a big deal - an outbound IRC control channel where it "phones home" eliminates the firewall issue, and is how most of them work anyway. As far as I can tell it all comes down to the fact that there are fewer Linux machines out there and it's harder to get the user to actually run the trojan (since they need to do more than double-click).
Microsoft has a role here, but not IMO as big a role as people tend to make out. These days. They certianly did - the outlook worms, SMB worms etc were the result of plain bad security. These days, the user should take equal blame.
to post comments)