Slashdot Mirror

← Back to Stories (view on slashdot.org)

WINE: A New Place for KLEZ to Play?

Posted by michael on from the playing-with-fire dept.

An anonymous submitter sends in this cautionary tale about Wine being maybe a little too good at emulating Windows. Update: 10/23 21:05 GMT by M : Better links: mirror 1, mirror 2.

10 of 318 comments (clear)

  1. Uhhhh.... by JoeLinux · · Score: 5, Insightful

    Nice thing about WINE is: it can be shut OFF, then there is no environment to flourish in. ("/usr/local? Hell, I'm trying to find C:\windows\system")

    JoeLinux

    1. Re:Uhhhh.... by NumberSyx · · Score: 5, Insightful

      Yeah, until you decide to turn it back on again, right? Windows machines have an "off" switch too...whether it's a matter of unloading from memory or powering down, it's no different.

      You might want to rethink that statment. If you turn the power off on a Windows machine (or a Linux box for that matter), you have a paper weight until you turn it back on. On the other hand, I can completely uninstall Wine from my Linux box and still have a fully functional computer. There is a difference.

      --

      "Our products just aren't engineered for security,"
      -Brian Valentine,VP in charge of MS Windows Development

  2. Wine is not an emulator ... by sammaytg1 · · Score: 5, Insightful

    It's a linux implementation of windows apis. IT really shouldn't be suceptable to virii like windows is. I would really like to know more about this (the article has already been slashdoted)

    --
    procrastination is a way of life aka i'll think up a sig later
  3. Re:Slashdotted...sad by LordHunter317 · · Score: 5, Insightful

    Understand some people don't have enough bandwidth to handle a thorough /.'ing. Sooner or later, the site is goign to stop responding simply because you run out of effective bandwidth. Also understand not everyone can afford what they talk about.

  4. What's the deal? by jorlando · · Score: 5, Insightful

    Wine is supposed to run Windows apps... a virus is a Windows app as any other... If the Wine user is running Outlook what else he can wait for? The vulnerabilities still there...

  5. Re:Slashdotted...sad by scenic · · Score: 5, Insightful
    That's not really fair. It's expensive to put up a site that can handle a slashdotting. Think of sites that host via a third party or shared hosting to keep costs down.

    There are a lot of smart, knowledgeable people out there who don't want a $500+/month hosting or bandwidth+power bill.

    Sujal

    --

    politics, food, music, life: FatMixx

  6. Re:Slashdotted...sad by AntiTuX · · Score: 5, Insightful

    2 words: static webpages.
    I know for a fact that if my ass was getting slashdotted, I'd be setting up static webpages faster than you can say "holy fucking shit where's my bandwidth?" I personally make a static archive of all my dynamic pages automatically just in case something like that happens. The problem lies in the fact that slashdot doesn't archive sites, nor do they give any type of notice before bringing the hordes of lamers from all over the internet to that site's front door. That's a "bad" thing.
    I wonder if anyone's brought a lawsuit against slashdot(or their parent company, OSDN) for effectively destroying their servers.

  7. It's not a Wine problem... by Olmy's+Jart · · Score: 5, Insightful
    Fine... Why in blue blazes did KMail run Wine in the first place. Why would KMail run any attachment? It's one thing to run a viewer on an image like a .jpg. It's a totally different sort of thing to run the attachment. What are they going to do if they get a foo.sh file. Run it under bash? That's basically what they've done here. This is exactly why Microsoft got in heat over these worms and why these things run rampant on MS systems even if the users are not admin on that system.


    It's a security bug, a security hole, just like the ones in LookOut, and it ain't a Wine problem. This one belongs on bugtraq.

  8. get used to it.... by morgajel · · Score: 5, Insightful

    This is relatively tame.

    As much as I hate saying this, I fear it's going to get a lot worse. As/If Linux gains popularity on all systems, including desktops, you can expect there are going to be a lot of disgruntled windows people out there who will become unemployed because they can't grow with technology. I'm expecting to see a lot of linux software start getting messed with and drastic increase of linux trojans and viruses.

    don't believe me?
    Look at how much software has been backdoored lately- bitchx, ssh, and sendmail. That's a BIG FUCKING DEAL. As we continue, expect the crosshairs to be levelled towards us. There's gonna be a conspiracy. I'm not making any accusations, but keep in mind that the opensource movement is putting pressure on a group of companies that aren't exactly known for their ethical behavior.

    of course I know I'm probably just a paranoid nut, but hey, that's a good thing to be in our field.. ...and this is one of the few times where my sig doesn't apply.

    --
    Looking for Book Reviews? Check out Literary Escapism.
  9. Not a WINE-specific problem by Todd+Knarr · · Score: 5, Insightful

    This isn't just limited to WINE, it can hit real Linux mail programs too if anyone ever writes a Linux/ELF virus attachment. Repeat after me, kids:

    Executable MIME types have no place in a mail program!

    None, never, no way. Mail program doesn't matter. OS doesn't matter. No mail program should ever, under any circumstances, execute anything attached to an e-mail message, period full stop. You should only execute things from people you trust, and one attribute of e-mail is that you don't even know if the From address is the real sender so how can you trust the message?