Slashdot Mirror

← Back to Stories (view on slashdot.org)

WINE: A New Place for KLEZ to Play?

Posted by michael on from the playing-with-fire dept.

An anonymous submitter sends in this cautionary tale about Wine being maybe a little too good at emulating Windows. Update: 10/23 21:05 GMT by M : Better links: mirror 1, mirror 2.

23 of 318 comments (clear)

  1. Uhhhh.... by JoeLinux · · Score: 5, Insightful

    Nice thing about WINE is: it can be shut OFF, then there is no environment to flourish in. ("/usr/local? Hell, I'm trying to find C:\windows\system")

    JoeLinux

    1. Re:Uhhhh.... by Shoten · · Score: 4, Insightful

      Yeah, until you decide to turn it back on again, right? Windows machines have an "off" switch too...whether it's a matter of unloading from memory or powering down, it's no different.

      --

      For your security, this post has been encrypted with ROT-13, twice.
    2. Re:Uhhhh.... by NumberSyx · · Score: 5, Insightful

      Yeah, until you decide to turn it back on again, right? Windows machines have an "off" switch too...whether it's a matter of unloading from memory or powering down, it's no different.

      You might want to rethink that statment. If you turn the power off on a Windows machine (or a Linux box for that matter), you have a paper weight until you turn it back on. On the other hand, I can completely uninstall Wine from my Linux box and still have a fully functional computer. There is a difference.

      --

      "Our products just aren't engineered for security,"
      -Brian Valentine,VP in charge of MS Windows Development

  2. Too good at emulating? by entrager · · Score: 4, Insightful

    I don't think so. I think it's pretty amazing that this could occur within Wine. I'd be VERY pleased if I were a Wine developer.

  3. Wine is not an emulator ... by sammaytg1 · · Score: 5, Insightful

    It's a linux implementation of windows apis. IT really shouldn't be suceptable to virii like windows is. I would really like to know more about this (the article has already been slashdoted)

    --
    procrastination is a way of life aka i'll think up a sig later
    1. Re:Wine is not an emulator ... by doc_side · · Score: 1, Insightful

      Umm, why shouldn't it be susceptible to 'virii', like windows is? Never mind that linux can be infected with a virus... Now your telling me that something that was reverse engineered to run windows programs, with bug for bug compatibility, can't run some virus that is running win32 specific code?

  4. Re:Slashdotted...sad by LordHunter317 · · Score: 5, Insightful

    Understand some people don't have enough bandwidth to handle a thorough /.'ing. Sooner or later, the site is goign to stop responding simply because you run out of effective bandwidth. Also understand not everyone can afford what they talk about.

  5. What's the deal? by jorlando · · Score: 5, Insightful

    Wine is supposed to run Windows apps... a virus is a Windows app as any other... If the Wine user is running Outlook what else he can wait for? The vulnerabilities still there...

  6. Re:Slashdotted...sad by scenic · · Score: 5, Insightful
    That's not really fair. It's expensive to put up a site that can handle a slashdotting. Think of sites that host via a third party or shared hosting to keep costs down.

    There are a lot of smart, knowledgeable people out there who don't want a $500+/month hosting or bandwidth+power bill.

    Sujal

    --

    politics, food, music, life: FatMixx

  7. Re:Slashdotted...sad by MarcoAtWork · · Score: 3, Insightful

    between being able to set up a server that can take a Slashdotting and being able to afford a setup that can take a Slashdotting there is quite a difference (esp. in your bank account after you get the bandwidth bill...)

    --
    -- the cake is a lie
  8. Re:Slashdotted...sad by AntiTuX · · Score: 5, Insightful

    2 words: static webpages.
    I know for a fact that if my ass was getting slashdotted, I'd be setting up static webpages faster than you can say "holy fucking shit where's my bandwidth?" I personally make a static archive of all my dynamic pages automatically just in case something like that happens. The problem lies in the fact that slashdot doesn't archive sites, nor do they give any type of notice before bringing the hordes of lamers from all over the internet to that site's front door. That's a "bad" thing.
    I wonder if anyone's brought a lawsuit against slashdot(or their parent company, OSDN) for effectively destroying their servers.

  9. It's not a Wine problem... by Olmy's+Jart · · Score: 5, Insightful
    Fine... Why in blue blazes did KMail run Wine in the first place. Why would KMail run any attachment? It's one thing to run a viewer on an image like a .jpg. It's a totally different sort of thing to run the attachment. What are they going to do if they get a foo.sh file. Run it under bash? That's basically what they've done here. This is exactly why Microsoft got in heat over these worms and why these things run rampant on MS systems even if the users are not admin on that system.


    It's a security bug, a security hole, just like the ones in LookOut, and it ain't a Wine problem. This one belongs on bugtraq.

    1. Re:It's not a Wine problem... by Yosho · · Score: 4, Insightful

      It's one thing to run a viewer on an image like a .jpg. It's a totally different sort of thing to run the attachment.

      No, not really. For you it's easy to tell the difference; a JPG is obviously a safe image file, while files with .exe or .sh are potentially dangerous (depending on your OS). But from a program's point of view, the only difference is that you open a .jpg with, say, the GIMP, while you open a .sh with BASH.

      If somebody sends you a file with the extention .xe3 (random example), and KDE says there's a program associated with that, how is KMail supposed to know whether it's safe to open it or not?

      All KMail can tell is that an attachment is an attachment; it's not safe to open anything automatically, not even something that (you think) is an image.

      --
      Karma: Terrifying (mostly affected by atrocities you've committed)
  10. Re:Slashdotted...sad by Anonymous Coward · · Score: 2, Insightful
    I can personally say that if you can't set up a server to take a Slashdotting, I put no stake whatsoever in what they have to say. That's a pretty foolish attitude.

    Someone can know what they're talking about, but still have a slow pipe. Someone can be an expert -- even at networking issues -- and find working with web servers (especially huge overkill-behemoths like Apache) to be uninteresting. Someone can have something worthwhile to say, and have no idea that they're about to be Slashdotted.

    I think it's really funny that you think a "hardware guru" should know (and care) enough about web servers to take a slashdotting. You have an unusual concept of hardware.

  11. Sour grapes by Subcarrier · · Score: 3, Insightful

    Is it really such a big surprise that something based on Bill's produce quickly turns into vinegar? Storing it somewhere cool (Linux) isn't sufficient to make a good wine, you know.

    --
    "I have opinions of my own, strong opinions, but I don't always agree with them." -- George H. W. Bush
  12. Re:Why Emulate Windows by Anonymous Coward · · Score: 1, Insightful

    Microsoft is a big monopoly which BUYS ALL OPOSITION!!!!!

    A true monopoly would mean Linux and MAC OS and all others would not exist.

    monopolistic != monopoly

  13. get used to it.... by morgajel · · Score: 5, Insightful

    This is relatively tame.

    As much as I hate saying this, I fear it's going to get a lot worse. As/If Linux gains popularity on all systems, including desktops, you can expect there are going to be a lot of disgruntled windows people out there who will become unemployed because they can't grow with technology. I'm expecting to see a lot of linux software start getting messed with and drastic increase of linux trojans and viruses.

    don't believe me?
    Look at how much software has been backdoored lately- bitchx, ssh, and sendmail. That's a BIG FUCKING DEAL. As we continue, expect the crosshairs to be levelled towards us. There's gonna be a conspiracy. I'm not making any accusations, but keep in mind that the opensource movement is putting pressure on a group of companies that aren't exactly known for their ethical behavior.

    of course I know I'm probably just a paranoid nut, but hey, that's a good thing to be in our field.. ...and this is one of the few times where my sig doesn't apply.

    --
    Looking for Book Reviews? Check out Literary Escapism.
  14. Not a WINE-specific problem by Todd+Knarr · · Score: 5, Insightful

    This isn't just limited to WINE, it can hit real Linux mail programs too if anyone ever writes a Linux/ELF virus attachment. Repeat after me, kids:

    Executable MIME types have no place in a mail program!

    None, never, no way. Mail program doesn't matter. OS doesn't matter. No mail program should ever, under any circumstances, execute anything attached to an e-mail message, period full stop. You should only execute things from people you trust, and one attribute of e-mail is that you don't even know if the From address is the real sender so how can you trust the message?

  15. Re:Ah yes, Wine . . . by MAXOMENOS · · Score: 3, Insightful

    Alas, if only WINE ran Visual Studio so I could get my MCSD without putting WinXP on my box..

    --
    Finding God in a Dog
  16. Re:Slashdotted...sad by CodeShark · · Score: 3, Insightful
    Good point, AC, I'd give you a moderator point if I had one available and you'd logged in.

    In my case, for example, consider this: having done this for a few years now, I can set up one Linux or BSD based machine as a great web server capable of fully loading a T-1 or larger data pipe. Static pages, images, streaming software, dynamic pages, the whole nine yards. Could probably do a passable job setting up a set of machines to act as a transparent site even if it took setting up a small cluster of machines to handle the load (images on one machine, data on another, apps, etc. on the main web server, email somewhere else, etc.). I won't say that I could do it with half my brain tied behind my back, no sleep in a couple of days, one hand in a cast, or some big brag, but it's just not that difficult once you have done it a few times and hung around the security conscious folks enough to learn what it takes to secure a machine or set of machines from malicious outsiders. [Give me a couple decent developers and together we'd could make any site you wanted really scream in just a few days].

    With my average or better web server setup skills, does this mean I am using my own server setup? No, and I don't plan to any time soon, because none of my skills can prevent a wonderfully configured site from getting /.'ed because the bottleneck isn't usually in the machine, but the size of the data pipe connected to it.

    Consider this as well: I usually locate my sites at one of a few good web hosting companies that have good co-location points and massive datas pipe to/from their server farm(s). So the server and the data pipe can handle it, if I want. However, for most sites I set up, I don't want or need the risk of getting a surprise high dollar bandwidth bill because /. or similar is suddenly pointing at my site and hogging all of the hosting company's bandwidth? No. Do I want have or want to spend the money to set up my own data center? No.

    Why not? Because IMHO one of the best things about the 'net is that it gives many people who would not otherwise be "heard" a place to give voice to whatever message they deem important. One of the worst things about the net is that some people confuse tech savvy with message, just as the previous poster did.

    Do I have something worthwhile to say? Occasionally. Should you respect what I or another writer has to say, when it is worthwhile, no matter what bandwidth they have available to them? I hope so, and for myself I would rather listen to and support the person with one wise voice pushing text messages on a slow data pipe than spend my time and money on a thousand fools pushing worthless content on a fat one.

    --
    ...Open Source isn't the only answer -- but it's almost always a better value than the alternatives...
  17. Re:still somewhat secure though.. by Anonymous Coward · · Score: 1, Insightful

    and we all know that EVERYONE runs NT right? There's no single user environment for Windows anymore.

    No more windows 98, ME or setting someone as administrator in any version of NT, 2000, XP.

    I'm glad we cleared that up.

    If you're running linux, you have multiple users. Those users by default can only delete their own files.

  18. Re:i would think by Sloppy · · Score: 3, Insightful
    And WINE executed it anyway. Major blunder.
    Actually, as I think of this more, I get less certain.

    Suppose you set up KMail to use python as a "viewer" for .py files. Would I treat python running a script that isn't chmodded +x, as a python bug? I don't think so. Hmm.

    The real problem is foolish decisions about setting up external viewers. I no longer blame WINE.

    --
    As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
  19. It a joke by fred0110 · · Score: 2, Insightful

    Guys, its a joke. Someone emulated it just as an excerise.. Its not really a danger to Linux. :)