Slashdot Mirror

← Back to Stories (view on slashdot.org)

Viruses and Market Dominance - Myth or Fact?

Posted by simoniker on from the wash-your-hands-first dept.

rocketjam writes "An article at The Register, authored by Scott Granneman of SecurityFocus, examines the conventional wisdom that if Linux or Mac OS X were as popular as Windows, there would be just as many viruses written for those platforms. Mr. Granneman bluntly says this is wrong, then proceeds to detail the fundamental differences between those OS's and Windows which make Windows an easy and inviting target for virus-writers, as opposed to the Unix-based platforms."

13 of 736 comments (clear)

  1. What about r00tkits? by Leme · · Score: 3, Interesting

    He says "There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux."

    What about root kits? I would consider that a virus, not technically speaking, but it's still along the same lines.

    1. Re:What about r00tkits? by fupeg · · Score: 5, Interesting

      You have been socially engineered by Microsoft to think that such things as one-click installs are necesarry and desirable. You have been brainwashed to believe that "if it's not as easy as possible, then it is too hard."

      Even if you think that one-click installs are necesarry, take a look at MacOS. It allows for one-click installs, but if you the program is going to change OS code/settings, then you are warned about it and prompted for a password (a la sudo.) Of course the MS-programming-kernel that used to be your brain will probably respond that having to put in a password makes the OS "broken" ...

      Imagine some software engineer saying "hey you know what would make things really easy for our users, if we could remotely take control of their computers, install patches/extensions, and optimize some of their hardware settings." There you go. That could make installing/setting up/maintaining complex software so much easier, right? Hey there are some really obvious security implications, but eaiser is always better right?

    2. Re:What about r00tkits? by Dun+Malg · · Score: 4, Interesting
      Oh wait they did do that. How come I don't hear sudden stories about massive car thefts with remote devices that can do what the manufacturer does? Or cars that won't start because they are receiving an incorrect kill signal? Oh yeah, because in the effort to make things easier car companies took the time to make them secure.

      [scoff!]
      You think the reason car thieves haven't taken advantage of weaknesses in remote unlock systems is because they're so well designed? Think again, man. The reason no one's making black-market code-grabbers for remote door lock systems is because the slim-jim class of opening tools still work. There's no reason to attempt to exploit a complicated electronic system on the front door when the back door is secured with a plastic padlock labeled "do not cut off this padlock"! If you ask me, Windows is just like cars. They add on all sorts of fancy things but don't fix the security holes that are already there.

      --
      If a job's not worth doing, it's not worth doing right.
  2. yes, but the effect might be different by civilengineer · · Score: 5, Interesting

    there would be just as many viruses written for those platforms Probably, there would be as many viruses written, or more, but the effect of the viruses would have been different. As to whether the effects would have been not as bad, equal or worse is difficult to answer.

    --

    New year Resolution: Don't change sig this year
    1. Re:yes, but the effect might be different by pebs · · Score: 5, Interesting

      Take a look at this somewhat related article. It looks almost like its a response to reading Slashdot and responding with a troll.

      --
      #!/
  3. his worst argument... by BobTheLawyer · · Score: 3, Interesting

    is that the relative difficulty a newbie has doing things in Linux makes it more secure.

    And the network effect he mentions is really just a more sophisticated version of the "everybody uses Windows" argument he disparages.

    I'm not qualified to comment on his technical arguments...

    1. Re:his worst argument... by mcdrewski42 · · Score: 3, Interesting

      As far as I can determine from his article the synopisis is:

      Some people say that number of virii per platform will be roughly equivalent to that platform's marketshare. They are wrong. Windows is different to the other platforms because:
      1) On Windows, applications share architecture making cross-contamination easier.
      2) On other platforms, there are more steps to perform to accomplish simple tasks than on Windows (implying that users really need to work at it to get infected).
      3) On Windows platforms, most people run with admin rights because that's the default.
      4) On Linux, most people don't because they're smart.

      I have to say that I am an OSS advocate and Linux user, but I disagreed with almost everything this person says. To take his points on two basic levels:

      1) The fact that 'consumer' applications and operating system are largely lumped together conceptually by users on Windows platforms is something the Linux community aspires to, not their key differentiator.

      2) The idea that 'most' linux users don't run as root/admin, and 'most' Windows users do is not related to the operating system at all, but to the level of knowledge of each platform's user base. If Linux were to reach the unwashed masses' desktops then most there would either run as root, or have a very simple one-click method to run things as root (ie: to install stuff).

      At the end of the day the social engineering of a trojan/virus on a linux box comes down to nothing more than writing a "hey check out this screensaver" perl script with an ascii encoded payload which prompts for the root password "to install it". Bada-boom, 'one-click' linux infection for the masses.

      --
      /* affect != effect */ void affect(int *thing,int effect) { *thing += effect; }
  4. Missing the point? by psydid · · Score: 3, Interesting

    Seems the author misses the very obvious point that many of the weaknesses in Windows are there for user-friendliness. Making it easier for users to open attachments & see HTML mail is practically a requirement for the great mass of users. Yes, they're clueless, and yes, it would be nice if they could get over their fear of slightly more complex interfaces. But it ain't gonna happen.

    Yes, if Linux _in its current form_ was as common as Windows, it would be be much more secure. But we might as well wish for green eggs & ham ... Linux in its current form will never be as popular precisely BECAUSE of those same limitations. It's practically a tautology that any popular operating system, in order to become popular, must make compromises that make worms inevitable.

  5. Re:Linux Is Getting There, too! by pla · · Score: 5, Interesting

    If Linux becomes more popular, media recognition and increasingly "dumbed down" distros will make it a good platform virus writers.

    No.

    The very fact that Unix-like OSs have a concept of a "root" account (which the Windows "equivalent", "administrator", does not even come CLOSE to matching in terms of actual separation of permissions), makes it all but invincible to virii.

    Yes, if Linux becomes popular enough for virus authors to target it, we'll see a round of trojans using root exploits - But unlike Windows exploits, very few of these exist to start with, and they will (and do) get fixed within a few hours of discovery.

    Actually, for that reason, I think more Linux virii would help Linux security overall, as it would expose those root exploits faster than we can discover them normally. Yeah, a few boxes would suffer, but the community as a whole would benefit.

  6. This seems very naive by DrPascal · · Score: 4, Interesting

    The premises of his entire argument are not very sound. He talks about how Linux is safer because it is difficult to run an attachment without knowing how to save it / set execute permissions, and how you can 'only screw up your /home directory' since you don't run as root.

    _Really_ think about this one. In order for Linux to become as popular and intuitive [shiver] as Windows, things like "setting execute permissions" need to be automatic. Installing apps should be relatively simple as well. Look at Lindows! You run as root. Tie that in with a couple of "intuitive" features in a mail client, and you have a handful of rootkit'ed machines.

    Plus, what if everyone magically rolled to Redhat 7.3 when it came out, ditching Windows all together? Since then, we've had two SSH vulnerabilities. Sure, those using Linux applied the necessary patches / updates and we're all safe again... probably within minutes.

    But "Regular User Guy" won't apply that patch. Multiply that by a million users. Now you have millions of machines out there running a rootable linux box.

    OSes will have vulnerabilities. They need to be patched. It ALWAYS comes down to the user. Will Linux be 'safer' than Windows (i.e. less vulnerabilities / worms)? Possibly. But it certainly has nothing to do with its difficulty to become root or inconveniences of a mail application.

    --
    DrPascal: Not the language, the mathematician.
  7. Re:Windows viruses and GNU/Linux by ciaran_o_riordan · · Score: 4, Interesting

    Ah, the strawman. You're arguing against something he didn't say.

    The platform isn't the issue. RMS said that Free Software developers seem to do a better job. This may be because of peer review, or even the threat of peer review etc.

    Ciaran O'Riordan

    --
    Expert in software patents or patent law? Contribute to the ESP wiki!
  8. Re:interesing by mormop · · Score: 4, Interesting

    i wonder what the commercial applications/implications of this are? any takers?

    I suspect that the commercial implications are minimal at least for a year or three. For a start, a lot of IT decision makers, i.e. accountants and people who have been promoted from middle management with little technical ability will still swallow MS's bullshit. They will also buy Server 2003, optimistically believing that it will be cure all the problems of Server 2000 in the same way they believed 2000 would cure the problems of NT.

    For an example cop this survey. It apparently shows that Europe's IT directors place consistency higher than security and reliability and the human tendency to submit to fear and one's own insecurity rather than to break ranks and try something new will lead a lot of people who have no real faith in their own abilites to stick with what they know, i.e. Windows, regardless of how shit it may be, how many viruses it catches, how many customer's credit card numbers get stolen etc.. They crave stability even if what they have is flawed, at least they know where the buttons are.

    In all honesty, I don't see single OS networks as being a good idea regardless of what your using. There are millions of lines of code in a modern OS and it only takes one cock-up to open a crack through which it can be broken. A lesson in genetics suggests that diversity gives you the best hope of survival when under attack or it can at least slow the attacker as they, or their virus, try to find vulnerabilties in each system.The only way that will be achieved is by opening file formats so that all platforms can exchange data with 100% transparency. This will also create a truly free market causing companies to develop software based on quality, performance, security and reliabilty rather than how pretty the GUI is and how clever this years bunch of graduate marketing twats are. The obvious side effect is the breaking of MS's monopoly and the burgeoning of a new software market that will develop ports and alternatives to existing "industry standard" stuff like AutoCad. Proprietry software companies fear this the most as they will then have to wrestle with real competition.

    I still think that Linux, BSD and Mac are inherently more secure and better coded than Windows though. I also suspect the rot is so deeply set into MS stuff (with a 20 year legacy of putty eye candy before security) that they will never sort it out without a ground up rewrite, somthing they will not do unless forced to.

    Linux developers on the other hand have given a security a starring role since day one and even though there are bound to be flaws they're fixed in short time by developers who don't spend the first week denying a problem exists. It's free, it does what I need and it's users give a shit. What more can I ask for.

    --
    Hmmmmmm..... Deep fried and look like Squirrel.
  9. OS X Administrator != root by MacDork · · Score: 3, Interesting

    The reason it asks for a password is that an OS X 'administrator' is not root. It's staff. There is no root account by default. You have to enable that purposely. The point is that if you double click something that looks like a picture file and it asks you for your admin password, you KNOW something is up. On Windows, double click and you're dead. If it doesn't ask and you're running as an Admin, it might wipe out /Applications and ~/, but it can't touch /System or any other user's files. If you run as a regular user, then only ~/ can be hosed.