In foo.debian-user, you wrote: > I'm curious about virii and Linux... > > Am I wrong to assume that Linux is not immune to virii (I don't even know if > virii is a word - but it just sounds cool :) ? Obviously the security > features of Linux can prevent some virii from affecting certain files on your > system... but what about the boot sector? And what if you happen to be su'd > or logged in as root when you get (and heaven forbid) execute an infected > program? > > Is there a need for virus scanning software on Linux? My guess is Linux > isn't a targe right now because of it's lack of market share - but as more > users realize that Linux is better than Windows (imho), I would imagine that > virus software will start appearing in our beloved OS as well.
Of course Linux is not immune from virii, but it does have many advantages. As you pointed out, the smaller market share makes it less of a target for the virus writers slaving away in the backrooms of antivirus software companies. Virii are written to be small, stealthy, and to spread without much helpful human interaction. This becomes easier when you have a consistant environment to operate in, such as that offered by the millions of binary equivalent versions of Win95 and Win98 that clutter the desktops of the world. With the diversity of the different GNU/Linux distributions that exist, it becomes harder for the virii to hide/spread. Win9x is like a 10-generation, inbred, backwoods, hillbilly family where a common cold can be introduced and wipe out the whole clan. GNU/Linux has a much more robust gene pool. Because of the Unix security model, spreading of virii is harder. Notice how many more viris warnings you see for Win9x than for NT. Data files in GNU/Linux tend to be common ascii text. This would be much harder for a virus to hide in than the corfortable, dark and damp interior of a MSWord file. (data files are a common way for virii to spread) Since GNU/Linux users are not conditioned to blindly run binary-only programs, they are less likely to comply when they get that fateful email with an attached executable and the spiffy subject line of "Cool... run me. Fwd to your friends" Also, I would hope that if antivirus software does become necessary for Debian users, some smart people would step up and put the virus-cleaners under a Free license, so we can use apt's auto-web-update capabilities to sleep well at night. -Mitch
