John Wilson wrote:
On October 21, 2004 04:11 pm, Elliot Somers wrote:
This is a pretty general question, I've heard it said by one party that
linux/unix is virus proof, other's say it's that virus authors go after the
big guys, so MS, wintel servers, etc. What I want to know is what's true
and what's not. Also I'm curious not only if it is, or not, but why? If
there's any references you all know of to point me in the right direction
I'd appreciate it.
Thanks,
Elliot
Goodness, here we go again.
To a degree it's true that virus writers go after the big guys. It's also true that virus/trojan/spyware writers go after the easiest system to use to propagate their nasties and that also happens to be Windows.
One, in fact the only, reason the crackers charge after Windows is that from 95 to XP Pro most windows boxes run in administrator mode or with administration rights widely given. Even when they are not things like adding new software default to that.
Toss in Microsoft's much vaunted ease of use mantra which has led to VBA, scripting languages that operate system wide, browsers and email clients that happily install just about anything so that you won't have to trouble yourself about it. Oh...and browsers and email clients that will follow HTML code anywhere no matter where it goes.
What all this boils down to is that a cracker can devise a simple program that will install itself on your Windows box without your so much as even knowing about it. Nice, eh?
And Windows users have shown themselves the most undiciplined of surfers, well perhaps that title goes to AOL users, who will go to a web site and download any old crap, usually spyware, so they can get the video feeds of porn, stock tickers, latest prices of medicines or whatever.
As for wintel servers on the internet they are a definite minority when compared to Linux, one of the BSDs or UNIX. But they are as easily breakable as the desktop Windows on which they're based and for the same reasons. Only a near total moron would put anything on a windows server on the internet these days and for good reason.
Admittedly this is much simplifed and much understated, beleive it or not. Try Bugtraq or CERT is you want to know more. You might also want to google virus writing to see how much there actually is out there.
Now, Linux, in common with almost all POSIX compliant software also has an administrators account and you can, if you want to, set up as insecure a system as any old Windows box. Responsible Linux distributions will insist that you have at least one regular user as well as root and will boot you in as that.
Now it's possible for a virus to be written for Linux and it's been done. But, unlike the Windows situation, there is absolutely nothing that can be done in user space that overlaps with or conflicts with the root/system space. In short, a virus cannot propagate itself. Oh, it can mess up the user's home in short order but not the machine itself. Spyware can find out everything it wants about you but nothing at all about the root or any other user on the box.
Nasties do exist for Linux but they are much further and fewer between than the almost daily attacks on Windows. And they are, in general, far easier to defend against.
Also, it often takes less than 24 hours for a package to be fixed after a vulnerability is found, often before it's exploited, and the fix sent out. Compare that to the rather cavalier attitude of Micosoft to such things.
ttfn
John
------------------------------------------------------------------------
Wow! what a reply! :)
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
