[lug] Virus software for Linux
Peter Hutnick
peter-lists at hutnick.com
Thu Apr 18 14:52:40 MDT 2002
Hash: SHA1
On Thursday 18 April 2002 02:18 pm, Jonathan Briggs wrote:
> I have to disagree with the general idea that virus scanners will be
> useless on Linux. I think that with the popularity of Linux rising,
> virus scanners will become necessary as standard parts of desktop
> security.
Surely being a prevalent system draws the attention of virus authors. OTOH
the argument that Linux doesn't have viruses because it is obscure sounds
even less believable today than it did a couple of years ago.
It is simply trivial to write a windows virus and non-trivial to write a Linux
> Many of today's "virus scanners" are actually much more than that. They
> include what amounts to host-based intrusion detection. For example,
> malicious JavaScript and Flash programs may be blocked, even if the web
> browser would be happy to execute them. Trojan programs (not
> technically viruses) may be blocked, even if the user is silly enough to
> execute them.
I don't mean this in a mean way, but what do you think IDS is? It certainly
doesn't have anything to do with flash or javascript.
I'd also submit that this is very browser dependent. So, for instance, there
was a hack that would cause IE to over-write the boot sector. A typical
Linux system has /two/ defenses against this. 1. A normal user cannot write
to the boot sector and 2. "native" Linux browsers won't try.
> We may also have to deal with Microsoft Office on Linux. It can be run
> today using the Codeweaver Crossover program, and in the future there
> may even be a native port.
Who is we? There is no doubt that user-space apps can walk all over a users
own files on a UNIX like system with a traditional permissions system. (Not
so with ACLs, but that is another debate.)
I don't run programs that have a history of doing so.
So, I guess if you choose to run crappy software you need other crappy
software to de-crapify it. I concede the point.
> If Linux starts running Microsoft software, Linux will need to deal with
> Microsoft (non)security (mis)features. We will certainly need virus
> scanners then.
> Remember, it isn't much comfort that your root owned system programs and
> files are perfectly safe, when all the data owned by your user account
> has just been wiped out.
Now you are saying "you." Don't include me in your sick little world of
programs that produce system commands at the request of strange data.
Seriously, how bizarre is it to run software who's only job is to selectively
break the functionality of other software so it doesn't damage your data at
the request of arbitrary data /pushed/ to you off the internet?
- -Peter
- --
/"\ ASCII Ribbon campaign against HTML e-mail
\ /
X Get my PGP key at http://hutnick.com/pgp
/ \ 6128 5651 6F23 EC17 6EBD 737D 960A 20E6 76CA 8A59
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
More information about the LUG
mailing list