Slashdot Mirror
Windows Viruses up Sharply in 2004
Brad1138 writes "MSNBC has an article regarding the proliferation of Windows Viruses and collaboration among virus writers and spammers. Also mentions the likelihood that viruses for Linux and handhelds will see a sharp rise."
The debut of their new documentary Viruses Up, Windows Down.
Oh, and before anyone says this is Microsoft/MSNBC bias against Linux, it's a Reuters article available from many other sources and seems based on the same Symantec information as the earlier zombie story.
(Seriously, this information may or may not be true...but can we say "vested interest?")
Reality has a conservative bias: it conserves mass, energy, momentum...
Porting is always appreciated!
Never learn by your mistakes, if you do you may never dare to try again
Does that mean that there will be some? Ooh! Can't wait for McAfee for my box!
End the FUD
Water is wet.
If that headline were "Fords suddenly accelerating into oncoming traffic more in 2004", we'd see a lot more action than just applause at Gates' empty lies about prioritizing security.
--
make install -not war
so msnbc reads slashdot too. is there any other news today?
Related article on NewScientist says "[t]housands of zombie PCs created daily" Also if you want this story de-uglied click here
Trolling is a art,
Well, that generally is the cold and flu season :P
I dont think we will see a real change in the viruses for Linux until their market share increases to appeal to the spammers and virus writers...
CS: It is all sink or swim...oh and did I mention there are sharks in that water?
This is just what you expect when using a modern operating system. The level of viruses in the windows world is to be solely blamed on the users for their lack of responsibility, not in any way to be blamed on Microsoft for in some way creating an environment conducive to these things. Things like running an NAT to prevent possibly malicious inbound connections, having to patch frequently and early in case of exposed security vulnerabilities, and treating every file-- even a passive file like an email-- with suspicion are just an inherent part of using a consumer operating system, and something you should have to expect to do in order to run a simple computer which reads email and searches the web and prints microsoft word documents. The fact that no other operating system in the world has problems any way comparable to the worm and virus problem experienced by users of Microsoft operating systems is due to factors other than the actions of Microsoft.
2 + 2 = 5
If you install it, they will come.
Seems like the government likes to say the same thing, and use it as a blank check too.
God spoke with me:
www.geocities.com/James_Sager_PA
God spoke to me.
It'll be kind of fun to see the first Linux viruses (I think I just started a grammar war) come out. I understand that both Windows and Linux have vulnerabilities (granted, I tend to think Windows has a whole lot more), but as it is, I don't run virus scanners per se on my Linux boxen.
[ think ]
"Also mentions the likelihood that viruses for Linux and handhelds will see a sharp rise"
The media have this amazing power to decide that something is true simply by saying so. Lucky bastards.
Is it me, or does slashdot report the news that "Windows viruses on the rise!" or some derivation thereof every single fucking day?
I mean, this is just a mainstream news spacefiller about stuff we know all about.
Forget your it and politics sections. Just make a "ms-flamebait" section, and just repost this "announcement" that there are lots of Windows' malware every 15 minutes.
I don't need no instructions to know how to rock!!!!
Is there a smarter person than me who can tell me how likely it is that there will be worms that can distribute themselves via thunderbird, evolution and the likes that bother the end-user directly?
If you mod this up, your slashdot background will turn into a beautiful sunset!
Most viruses install themselves in a way that would be more difficult to achieve on Linux than Windows since most Linux users do not run as root. I'm not suggesting that a Linux virus/trojan horse couldn't do any damage - but it should be a lot less than a Windows environment.
...up by 300% that would be... ...hmmm, what's 300% of 0?
(This IS just a joke. I'm not sure if there's a Linux virus or not, but I'm not aware of any. Please don't take this e-mail as a recommendation to not patch your Linux boxen regularly or to not take security seriously in Linux.)
This short article mentions an increase in linux viruses, but fails to mention the obvious fact about a virus that attacks any open source operating system: Any exploit that is found by someone malicious will be quickly fixed by the overwhelming majority that belongs to the benevolent OSS community. The lifetime of a virus attacking and open source OS would be very short, and wouldn't require the use of any third party virus protection software to fix.
From the article:
Spammers, after forking over money to the hackers for access, then flood those hacked computers with unsolicited messages, or spam, that often advertise products or get people to spend money.
That makes it sound like they take over your machine so they can send you spam. No, they take over your machine so that they can USE your machine to send spam to millions of other users.
Using Linux is boring - nothing ever goes wrong.
Virus
Spyware
Adware
Blue Screen
What's amazing is that in windows land you can have all 4 seasons all year round.
All right. I'll buy a survey of viruses vs. Linus (oops I meant Linux) from MSNBC. No. I am still not
that intoxicated. You really think any of those children have a chance of 0wning a machine 0wned by the average slashdotter. Not really. Anyone that good
is going to be working for one of us... Even when our
guard slips we notice these things. Cough. (at least I hope I do). Squints at what my good friend Ethereal
has just spat at me... (ok, guy's you know this stuff
don't you).
Eventually what will end up happening from all of the virii and worms being released, as well as the explosion of spam and unsolicited messages will be that people are just going to get fed up and stop using computers as well as the internet as much as previously. The standard home users will abandon the internet, and the .com boom will shrivel more and more until computers will be reserved for direct communication and business purposes. People can only stand so much of the garbage associated with running computers.
...that the recession is not hurting virus writers!
I thought last year was supposed to be the 'worst ever' according to this article anyway.
Hmmm, let's review:
2003 - worst year ever
2004 - viruses sharply up (from the worst year ever)
So - when does that 'Great Security Initiative' of 2002 start working? Microsoft please - the authenticated code approach doesn't work. Sandboxes do.
Yes.
That's just the first of 3237 search results for "Linux" at SARC.
In market news, Virus Inc reported stronger-than-expected results, beating street analysis by a broad margin, sending Microsoft lower. Symantec, a promary contractor of Virus Inc, said that they are pleased with the performance "When they do well, we do well" said Ama Popup, director of Marketing at Symatec. Sasser, spokesman for Virus Inc, relayed the management outlook by saying "We expect to migrate our primary products to Linux as soon as it is popular enough to warrant the cost." Asked whether their plans were too optimistic, Sasser replied: "We are fighting against open source hackers who attempt to build security on consumer-grade products. We are confident that the average user will help us defeat such paranoid and counter-productive efforts."
"Piter, too, is dead."
Well since a lot of the big ISP's have banned incoming requests or outgoing requests to most windows ports (135, 445, 5000, et cetera) there aren't as many attacks anymore so even when a new exploit is released machines are compromised much less often.
You don't want to know how bad it would be if it weren't.
behind it. I actually submitted this story earlier...but it got rejected :(
I did battle with a xp machine yesterday that got zombied. This thing was blasting out thousands of mail messages. It tried nearly everything to keep me from removing it from the machine, morphing, auto reinstall, hiding in different locations, modifying start registry at every shutdown. This is not your average script kiddy stuff somebody wrote it that knew what he was doing. Spybot, norton, clam or adware never even recognized it. This is a machine behind a firewall, virus scanning, spybot scanning etc but it still got infected through yes you guessed it Internet Explorer, and yes it had every security patch installed.
Before I left I disabled internet explorer and installed firefox. It may still get infected through outlook or some other means but I made it one hell of alot harder by switching them to firefox.
Got Code?
We know the service packs have introduced more bugs and exploitable holes, but could it be there are better hacking/virus creation tools out there? Where are the creative solutions to this problem? At the same time it occurs to me that this helps McAfee and Norton sell more software. Get AVG http://free.grisoft.com/freeweb.php/doc/2/
omg nobody has ever made that point before!
This makes the probability of an increase in DDOS Extortion more likely. I fully expect a high profile site to be hit significantly before the end of the year, to lend a sense of legitimacy to the ability of bot network 0wners to shut down a site. Create enough fear of reprisal, and many companies might just pay off rather than inform police.
Because you know it would happen.
Symantec also said it expects more viruses and worms in the future to be written to attack systems that run on the Linux operating system and hand-held devices as they become more widely used.
Hmmm, Symantec sells virus protection for hand-helds and Linux. I sure hope that they believe there will be more virus/spam attacks against these systems.
Some people have a way with words, others not have way.
Seriously, is linux actually more secure? Will desktop vendors make it less secure for Joe Sixpack by stuff like root by default? Why aren't people writing linux viruses?
Computers are useless. They can only give you answers.
-- Pablo Picasso
Wine anyone?
Quoth the article:
Symantec also said it expects more viruses and worms in the future to be written to attack systems that run on the Linux operating system and hand-held devices as they become more widely used.
Hand held devices are already pretty widely used. Also, do they mean Pocket Windows? Palm OS? And have they checked the numbers?
My problem is that there is no great proof that I've seen for or against linux/Mac/Palm OS being more secure or less prone to viruses. A sentence beginning with Symmantec always makes me think this is just FUD to stir up concern on other platforms to purchase products, with no basis in fact.
"All great wisdom is contained in .signature files"
just kidding, albeit this would be nice to see. it may put to rest some assumptions that the relative popularity for windows is the pre-emptive reason there are so many viruses for the platform. perhaps Symantec would be the glad sponsor - somehow i doubt it ;)
Microsoft's worst nighmare right now is that people aren't upgrading their old Win95/98/ME boxes. New version of windows will come with a built-in anti-virus. Coincidence? I think not.
There are plenty of Linux viruses. There are plenty of remote root exploits for Linux.
I hate how slashdotters use stories like this as an excuse to masturbate to the glory that is their Linux box. Linux machines are compromised on a daily basis.
You're not aware of any Linux viruses? That's funny, there are hundreds. Sounds like you're not taking Linux security seriously at all.
I submitted the NYT story, and the BBC story, that i now seem to have lost the link to... at 2 in the morning :) and it sees to have turned into the 5:35 am story..
But it IS remarkably more humorous because M$ has posted the reuters story.
Whats also interesting is just how bad norton and mcaffe, or rather the consumer versions ive seen lately, tend to be at protecting machines. The ONLY reason i still like symantec is the fact that do and publish research.
I couldent find a link to the actual "threat assesment report" er, the current one anyway, on the symatec website. If anyone has it, please post that sucker.
Thank goodness I'm smart enough to avoid th...ooh, free Britney Spears pr0n!
Hmmm... I seriously doubt that there is going to be a "sharp rise" in Linux viruses for a few reasons:
1. Most people, when it comes to doing work, try to do just enough to get by. If it's easier to infect a machine running Windows than it is to do one running Linux, it'll be the Windows machine getting attacked.
2. In the same vein, most people you use Linux or a different flavor of *nix tend to be more technically savvy than the typical Windows user and secure their systems properly (in my experience). Note, I am talking about users here, not computer professionals.
3. And the numbers of Linux systems available for compromise still isn't as high as the number of new computers that boot into Windows when they come out of the box from Dell (IBM, HP, Compaq, etc).
Will we eventually see more Linux systems being attacked? Sure, as people finally get a clue and either secure their Windows systems properly, install a decent firewall (preferably hardware), change OSes, or get get disgusted with the Internet in general and pull the plug.
If "disco" means "I learn" in Latin, does "discothèque" mean "I learn technology"?
Yes, the number of viruses will rise as the use of these operating systems rises. However, I don't think they'll have anywhere near as much of an impact on each respective machine.. you know.. stricter permissions and all. If Windows would implement something akin to the *nix 'root' user, it would go a long way in helping with security.
What is your penile percentile?
Let's not take things seriously because the first search result was a non-devastating virus!
Way to brush off the point, pal.
Linux on the other hand generally will not let information flow freely between different apps and the OS, you have to tell it to do something like that, its (infinitely) more transparent.
So while we will see linux virii, they might only work on mandrake 8.2 and red hat 83.42.19, and only if you have the right library installed in the right place and were logged in as root to read your email.
00010111 always try everything twice
Trouble is, if you run XP as a user, the configuration to allow that user to do normal day to day stuff, like install printers/software/access certain files is so complicated, what does harry homeowner do? Yes, run as root all the time.
Until M$ learn how to build a 'proper' system, without all the shit (i.e. registry) to allow a simple administration of the machine, this problem will continue.
mods on crack today? +5 Interesting??? rotfl
can anybody with mod points and a clue mod this funny as it deserves?
At least you don't have all your files in the My Documents Folder in Windows.
In linux you have all your files in your home directory, and the virus will have, if you execute it, full write access to it and can delete everything. Who cares if a virus get's root access or not. It can do more harm as under windows, since it first has to find your files there.
I, and perhaps many others, would be very happy if everyone would just do the following:
:)
1) DON'T BUY SPAMVERTISED PRODUCTS.
2) STOP USING IE. There are lots of great alternatives.
3) Use a decent ingress/egress firewall.
4) Keep AV software updated. And, keep it running!
5) Don't run with admin priviledges. I know this is impossible for most Windows users.
6) Don't call me when you screw up your computer and expect me to fix it as a favor!
P.S. I shouldn't bitch so much. I've made a decent amount of money removing malware during the last six months.
To target Slashdot.
You heard me right. A recent trojan actually used Slashdot to post the IP addresses of infected hosts to a public reading spot, so that the worm authors could collect these addresses and break into the systems. The infections were posted to sid=31337, one of Slashdot's two remaining "troll" discussions. You can click that link to see the approximately 4000 infections that posted their IP addresses (along with a random hash to prevent duplicate messages and defeat the "lame" filter) to the discussion.
Cmdrtaco responded to this terrorism by closing the sid, proving that terrorism works.
If guns kill people, then CmdrTaco's keyboard misspells words.
In that it demonstrates exactly what 90% of America has been successfully convinced of
I for one, welcome our virus replication overlords. For without them, a lot of folks wouldn't have a job.
VIRUSES - A big problem on Windows, currently not a big problem on Linux. I view viruses as a failure of the security model of the operating system.
...
... So the "solution" is to block or slow the most common method of such "infections". Which is Microsoft Outlook and its ability to run executable attachments. Just NOT enabling this functionality on Linux email clients would prevent most trojan attacks from "infecting" the computer.
Windows is still VERY open to viruses but for pure infection rates they can't match
TROJANS - particularly the email types. Dumb user clicks on an attachment and gets infected. The trojan then emails itself to everyone in his address book (on the assumption that dumb people have dumb friends). Trojans will be with us as long as we have dumb users.
-and-
WORMS - The spread without any human intervention. But these should have a very short life span. Patch the flaw and they die.
Which shows why Linux has been so resistant to "viruses" so far.
#1. Worms - Not everyone runs the same services, active, with the same flaws, unprotected by a firewall. And there is no reason to believe that this will ever change. Worms are a minor threat on Linux.
#2. Viruses - the security model for Linux is better at preventing infections than Microsoft's model. Unless this changes (again, why would it), viruses will remain a minor threat on Linux.
#3. Rootkits - a problem, but they rely upon flaws the same a worms do.
#4. Trojans - We'll see. Unfortunately, as I stated above, this is also the largest current "virus" threat today. If you can get a dumb user to go through all the steps necessary to install it
So, while Linux is not perfect, it is far more resistant to viruses, worms and even dumb user trojans than Windows is.
And my reply to above post here.
Or for that matter, why does the CIA, can't they hire hackers?
I'm doing some research. If you can do me a favor, sign: spam010me@yahoo.com to a ton of spam lists.
Thanks.
God spoke to me.
If you check www.norton.com, there hasn't been in a virus or worm in 2003 and 2004. If you want to check the high impact advisories in 2004: A almost all of them belong to Windows and one belongs to Linux (January 5, 2004). If you look at the current activity of CERT http://www.us-cert.gov/current/current_activity.ht ml
All of them belong to Windows. Go back to the archives for 2004, almost all of them belong to Windows except for May 5, 2004 (Cisco security problem)
There are a lot of reasons why viruses and worms will never be such a huge problem in Linux as they are in Windows now:
Will we see Linux desktop viruses? Almost certainly yes. But they will be pretty rare and not an epidemy like those on Windows today.
What part of this surprises anyone?
A firewall can not protect you from yourself. Turn off what you do not need. Do not use the firewall to do your work.
Some news for you: I happen to do work on my PC. This includes office type tasks, communication by email and sometimes IM, web browsing, software development, graphics work and a load of other stuff. I have to make sure my data is safe in case of nasties like a hard disk failure, which happenned a few months back (easy - DVD-R root fs + rsync'ed /home). I expect to be able to jump on and off my PC because I work from home to make childcare easier.
That's what I do. No games, no dicking around with software I don't have a use for. (Oh yeah, I post on /. though ;-)
I use Linux (or one of the BSDs on my production boxes) because it just works. I can get what I need done and get away without being bothered by the 'computer'. No rebooting, no intrusive update process ie: Windows Update popping up messages asking me stuff while I try and work, no downtime due to viruses, no wasted web browsing sessions due to popups, no wasted email time due to spam, worrying about if my keystrokes are being logged when I buy stuff online.
Contrast this to my two groups of friends who continue to use Windows:
The first group are not generally computer literate. They've mostly given up on their computers as unusable. Spam, viruses, trojans, popups, crashes, reboots. Poor sods. They really want to get stuff done, but the 'computer' just gets in the way.
The second group is probably the user I was when I was about 13 or 14. They have to have the latest, greatest cracked or keygened software, but they don't actually know how to use it or have any real need for it. They're like the trophy hunters in the jungle of Adobe, Microsoft, Corel and friends. "D00d I scored pshop cs last night, r0xx0rz!! how do i put my sisters head on britneys bodey?". They don't seem to care about getting 0wn3d, and thing they're enlarging their l33t sysadmin skillz when they end up reinstalling.
The reality is, I'm too busy to have to do battle with my PC when all I really want to do is get my work done then kick back with a beer and chill. Linux makes this a possibility for me in a way proprietary software can't.
Ready for the desktop? Of course it fscking is! (Hey, my wife uses it on her PC, and she's totally non-techie)
Like tinyurl, but one letter less! http://qurl.co.uk/
Long live Netware!
We know viruii are "up Sharply", simply because they've been making it onto Headline News a couple times a month.
You can talk about solar sails. Or space elevators. You can talk about radio telescopes in Antarctica. You can talk about mercury level in tuna and Islamic terrorists.
Just not this.
(god i love using the word viruii. viruii. viruii. viruii.)
Because the CIA reads Al Jazeera.
When you're serious about security, knowing what your enemy thinks is important. -- more important, even than hiding their version of 'the truth' from your friends.
Free Software: Like love, it grows best when given away.
Yes, but the solution will rarely be "the internet is not for me".
More accurate solutions could be:
Just like car crashes went up dramatically when more automobiles ended up on the road, or cell phones caused dropped calls to increase dramatically, the utility offered by the Internet will be greater than most users' abhorrence of problem solving.
Most users will figure out HOW to secure them. Just like most users figured out how to use a file system and install programs.
Additionally, the users who are having trouble tolerating such garbage are becoming fewer as time moves forward. Kids aged 14-17 are going to figure out how to work the stuff simply to see boobies.
You better watch out, there may be dogs about . .
Yup
As Evolution, Kontact (KDE's groupware suite, encorporating Kmail) and Thunderbird vie for desktop supremacy new features will be developed, and copied, and theoretically you will start seeing the same technologies popping up in at least the top three dominant mail clients (and web browsers) on the Linux platform. Once you get common technologies, that's when virus writers have something to target that they know will be common across their userbase (or at least a large part of it). That's the situation that has led to so many exploits for Windows software, and the potential is that exploits for Linux software could be developed and could spread.
However, because of the security model of Linux (ie. each user only has write access to his own files) the furthest any worm or virus will be able to spread is to that user's files and directories. So, wipe the user and restore from backup, and your virus woes are dealt with.
As long as the security model for Linux remains unchanged, this will be the case, and viruses and worms, while probably becoming more frequent, will never be able to do significant damage to a machine.
THIS is why Linux is less susceptible to viruses. The arguement that it's a more obscure platform only holds water up to a point.
"The dew has clearly fallen with a particularly sickening thud this morning"
Think of Windows as an ecosystem - one with a large population and a poorly designed immune system. Viruses tend to propagate in such an environment - in many ways we're watching what occurs in natural evolution is now occuring in the computer sphere. What's ironic (well, one of many ironies) is that Windows success relies almost entirely (IMHO) on it's popularity, which is now the key to its undoing.
Linux may be moving into the same position, but I doubt it:
It's simply biology in action. A weakened, overpopulated organism is bound to be infected. Hopefully the surviving systems will be stronger...
/* Dang, I can't type that well. */
It is Highly unlikely a seperate section
for MS-FLAMEBAIT --
As we know Articles realated to Microsoft have
a minimum comment range of 400-500 while max could be anything from 1000-2000 range.
In stark comparison most other articles would only get a minimum of 60 or a max of 350 [ 60-350 Range].
If M$ related stories are moved to a seperate section then the number of comments in main section will drastically reduce!
Which could signal slashdotters that less and less people are visiting slashdot - Slashdot image gets a hit!
And neither will the MS-FLAMEBAIT section get all the hits or comments.
Not many would be inclined enough to GO to M$-F section and bash M$.They do it on M$ stories on Main page coz it infuriates them!
Why does yahoo do this
I didn't say that open source was immune from attacks, just that the OSS philosophy of small simple tools working in concert makes it much more difficult to find a security hole than M$ monolithic OS where everything is tied into everything else (fight features!!).
As an added bonus small simple tools are easy to fix/update/change so security won't be such an endemic problem.
00010111 always try everything twice
One thing a lot of people forget to mention is that Windows has actually been pretty virus resistant per user and per virus sent to infect it. It's a myth that Linux is any better. The only reason Linux doesn't have the same problems is that more tech-oriented people use it and so they already know how to better protect themselves. Windows is an amazingly robust OS if you think about it.
Information theory is life. The rest is just the KL divergence.
I wonder if MS has a secret department dedicated to writing worms for Linux boxes? It seems like it would be a huge publicity boost for Windows if a significant worm or virus broke that affected only *nix boxes.
Linux, Macs and all other OSs are enjoying some degree of protection simply because Windows is a bigger, possibly easier target. But almost any system can be hacked. The attitude that Linux is 100% secure is likely to catch a lot of people with their pants down one of these days.
TODO: come up with a clever sig
Always blame viruses on spammers and not faulty programmers at Microsoft. Then say Linux is next. BS. Open souce has a very fast release cycle and the users love new code.
And if you have the wrong cartoons turned on, all the kids have seziures.
Inbreeding has destroyed entire civilizations (i.e. Ancient Egypt).
Can you tel me where i can get free Mcafee VIRUSSCAN ?i hav win98.
Although Mcafee website does have a free trial page,when u finally finish the sign up process you cannout actually download Virusscan.it says you gotta subscribe first!
No,i dont want to do that Free online virus scan.
Or is Mcafee available as cracked piece at some crack site?
Thanks.
It's not that Linux/*nix is 100% secure. It's that Windows NT is 11.6% secure.
Relativity.
There have been several Linux worms as well, like the Lion worm. BTW: very interesting story about the origins of that one! Some even stay only in memory after infection, so that you can remove them by a simple reboot (and get re-infected 2 minutes later). Not changing any system files makes them harder to detect.
Usually these don't have as big an impact as their Windows counterparts, I suspect this has a lot to do with the way the average *nix system is managed in comparison to the average Windoze box. Decent built-in security, and software distributed in source form, makes life a lot harder for worms, spyware and shit like that.
It doesn't really matter if it's a browser-only or other type of exploit. Malware like worms, virusses, spyware, whatever, eat CPU time, memory, can cause unexpected crashes, leak private information, loads of network traffic, or weird/annoying behaviour of your system. In short: they cost you (time and/or money). And what they do (infect other systems, send spam, ...), causes cost on others as well.
Windows is an amazingly robust Nintendo Entertainment System , if you think about it.
I just installed a few extensions. They warned me that I should be careful, but I installed them anyway.
How would a consumer know? This is similar to what ActiveX stuff does. Person gets a dialog box, they hit default of "yes" because they don't know what to do or how to evaluate.
Easy means computer hell.
So there you have it folks. Windows PCs wreck happy homes. ;-)
There are far more Linux machines connected with more bandwidth today than there were net-connected Windows machines when viruses started becoming a problem for those users.
Linux is heavily used by Wall Street and major banks, many websites handling ecommerce, and many sites with fast links. If I was a virus writer, I would aim for the first two if I was after money, and the latter if I wanted zombies for denial-of-service attacks. And if my goal was demonstrating my technical virtuosity, I would go after Linux (and OpenBSD, and Solaris, and Mac) systems rather than Aunt Tildy's Win98 box.
No, the reason there are few Linux exploits is because a properly configured Linux machine is a lot harder to attack, and the different distros make for enough variations that a virus will have a hard time cross-infecting enough of the variants. Linux upgrades are pesky, but frequent and free. If Linspire Linux (log in as root? feh!) ever becomes popular with the newbies, then there will be plenty of exploits - for a while. Then the not-so-newbie users will migrate to more secure but equally easy to use Linux distros (like Xandros), and Linux will regain its well-deserved reputation for security.
Any OS can be made more insecure by carelessness. There are probably hundreds of zombied Linux boxen out there right now. But only proprietary software forbids exceeding the security the manufacturer provides for you. Microsoft and Symantec have some great programmers working on security, but they are few, and limited by corporate monoculture attitudes. It is the search for security excellence among the far more numerous developers and savvy users of Linux that make it grow more secure daily, and it is the democratization and openness of the process that makes good security practices spread among more ordinary users.
Keith Lofstrom server-sky.com
Linux is immune to viruses. This is just another MS attempt to spread FUD and if a virus for Linux does come out, Microsoft probably created it.
They say that Linux viruses may see a sharp increase...
Yah, we might get one.
while wed to apt, i have little proof that other distro's are more vulnerable by design. remember the SSL vuln in debian a year or so back? now that was a lurker.
Sure, Linux is on the rise, but aren't there still a lot more OS X systems than Linux? Could be my memory is wrong, but I'd have figured OS X will see a rise in virii first...
Since SCO code is found in shared
" Microsoft To Share Office Source Code"
a PE-file virus infecting a blaster-style worm. The virus payload is to parse word documents, xchanging will/will not and shall/shall not at very low probablility, and to parse excel spreadsheats, changing the last digit of a few numbers.
The Morris worm was way interesting. It was multi-platform as I recall, targetting Solaris and VMS. It used finger and sendmail exploits. Groundbreaking for its time. Here's an RFC about the worm:
http://www.faqs.org/rfcs/rfc1135.html
Nobody seems to have yet pointed out something that many Slashdotters have advocated over the years, and that has actually come to fruition, so I underscore it here:
These are not simply called "viruses" (in the generic sense) anymore. Even the mainstream media has come to commonly calling them "Windows viruses" in everyday language. Name recognition is a powerful thing, whether positive or negative. The anti-MS crowd has actually achieved a small victory here, and nobody seems to have noticed that most viruses are indeed being called Windows viruses now.
How much you wanna bet that some MSNBC editor will read this post and realize what has come to pass, that there will soon be an executive order coming down that forbids any of their news writers from ever calling them "Windows viruses" again?
> Windows Viruses up Sharply in 2004.
I'm not surprised. It is, after all, Windows, and, Windows is a horrible operating system.
> Also mentions the likelihood that viruses for Linux and handhelds will see a sharp rise.
Won't do much good due to APL's. This is the great thing about Linux.
That's true, but from coming from the perspective of the kid aged 17, it's difficult. Reguardless if kids are surfing for pr0n or not, it's almost impossible to hide from these problems. I say this in outrage that I formatted last night, reinstalled XP Pro, then installed all Microsoft updates, Mozilla Firefox, Microsoft Office 2003, and Norton System Works 2004, and the first thing that happens the next day is that a virus is found on my computer. All I did that day was surf the internet, with Firefox on secure settings and third party downloads disabled. I got a virus! Explain that. I wish I could. I'm trying now to learn Linux (SuSe 9.1) so I don't have to deal wit h this, and hopefully if I can learn it, I can slowly convert my friends to this system. The downside is that whenever anything is popularized, they become a phenomenon, and people like to rain on the uninformed, relativly unintellegable's parade.
... makes it.slashdot.org have no color contrast? Man, this virus must be nasty if it still hasn't been cleaned.
1 713213
Behold! Cleanse your eyes!
http://shit.slashdot.org/article.pl?sid=04/09/20/
Microsoft's patchwork (pun intended) is hard to maintain and hard to follow. On Linux everything is modular: If some program (or the kernel) has a problem, usually versions = are safe. You don't need to upgrade any other programs either. Simple. Easy. Not so on Windows. On Windows you have to deal with service packs which are risky because they change so much that companies even have to test them on test-machines because they can break anything or with patches which are pretty complicated to track (which machine has been patched and which wasn't is pretty challenging.) Therefore Windows-machines are not as often updated as Linux machines.
I disagree 100%. This is one place where Linux is sorely lacking. Updates on most Linux distributions are still much too difficult for most users. There's no cohesive way of updating everything relating to the OS, so I would think that most people running Linux as a desktop are running with old software. MS has it's very, very simple automatic updates. There's nothing like it in Linux-land.
I don't respond to AC's.
No antivirus software? heh.
Until you're on Linux, I'd strongly suggest anti-virus software on a windows box.
And as a linux newbie myself, I'd suggest giving Mandrake a shot. Pretty painless to install and be up and running in no time.
Pretty dern newbie-friendly.
You better watch out, there may be dogs about . .
if we get a virus in *n?x, actually the author have to be really smarter than the autotools guys :). heck, i've problems compiling/running kde on different distros, let alone a virus recognizing all the not-so-small differences between different systems.
(since many virii are in assembly, good luck and tell me when you've finished... )
Windows: one company, one way to do things... one way to crash it all.
42.
So one time, I'm reformatting somebody's Windows machine for them, get done with that and put in the MSN CD. Run the program and sets you up with a special online connection to download the rest of the MSN software. Why they couldn't just include it all on the CD is beyond me. Anyway, midway through the download, my computer reboots. I know the download can't be done yet, and pretty soon it becomes apparent that the truly ridiculous has occurred. It was actually the first and only time I'd seen Sasser, and here I was getting it from the MSN download site. Fortunately I had an AOL CD and managed to get online and get the patches before I ran into it again. But for a new user, one who might not recognize it, this is just plain bad news.
...anyone who may have wanted to write a Windows virus got their virus written and released before XP service pack 2 was released and made the whole business impossible so of course the stats look worse for this year, right?
Input error. Replace user and press any key to continue.
when Microsoft starts writing Linux products. :-P
:(
Putting the joke aside, just imagine: MS Office for Linux, MS Visual Studio for Linux... *shudders*
With Linux 2.6 released, finally the option of clean (compileless) nice installs will come.
This will eventually end up with the Windows (NOT Microsoft) monopoly. Do you think Microsoft will sit in there with their arms crossed? No, they'll start writing for Linux. *shudders*
Think about it. Most viruses today are not *Windows* viruses. They're *WORD* viruses, *Microsoft JScript* viruses, *Outlook* viruses, *ActiveX* viruses...
even if you sandbox your MS installations, they'll end up doing what they were (re)programmed to do.
Let's just hope that Microsoft doesn't DARE touch Linux!
Images of doomsayers come to my mind right now - someone either kill this post or give a comforting answer, I'll have nightmares tonight!
What an odd statement! I could just barely see Linux viruses becoming a problem, given the increasingly insecure configuratin of systems like Linspire, but handhelds?
... tricking the user into running a script or downloading and running an executable. Before "Melissa", for example, all mail viruses propogated by social engineering]
Look, for a virus to propogate it needs these things:
1. Get a copy of itself to the target system undetected.
2. Launch that copy as an executable or script.
3. Break out of the sandbox (if any).
4. Subvert system security (if any).
5. Arrange to get re-launched after its current environment terminates.
You can prevent virus infection completely by breaking any of these steps. The earlier you stop it the better.
Antivirus software and firewalls attempt to block step 1. For systems that normally run unconnected, or that don't have a mechanism to routinely transfer files from one device to another, this step generally requires too much social engineering to make it a good virus platform.
[social engineering
Step 2 requires a social engineering attack on most platforms. The Outlook family of mail readers on Windows was the first client application that I know of where a script could be run without the user deliberately downloading or launching it, and outside the Outlook and IE family of applications this remains a theoretical attack only.
Steps 3 and 4 only matter on systems where users or applications run unprivileged. Linspire and Windows, for example, typically give users enough local privileges to make step 4 meaningless. Step 3 generally requires a social engineering attack, or a security flaw in client software.
Step 5 is the easiest one. Most platforms provide lots of places for viruses to hide scripts or commands that will re-launch them when a system boots or a user logs in.
So, for a handheld, step 1 is generally not possible. Wireless connected devices with "always on" bluetooth seems to be the main exception.
For just about any platform except the combination of Windows and IE-based applications, step 2 can be defeated by education.
So... simply switching from IE and Outlook to other browsers and mail applications, and taking a moderate amount of care (primarily refraining from running unexpected attachments in email messages), is usually going to be enough to break the cycle of infection. You don't even need to stop using Windows: Windows without IE is actually a reasonably solid desktop environment.
I had previously used Mandrake around Mandrake 7.1 or so, but now that I've found SuSe 9.1, i'm very happy with it, as it serves all dual functions with windows and linux, as it has built in OpenOffice and support for most hardware accessories, except that it locks up when I use my RoamAbout 802.11b network card, but I remember that it didn't work with mandrake either. I think it's just a driver conflict that locks up the computer upon PCI scan. Oh well. Laptops not designed for Linux can be difficult to get working in Linux, but persistance is often the best remedy! Good luck with Mandrake, and thanks for the suggestion.
...and it won't be the first or last time, but I have been under the impression that no art museum likes people to photograph paintings, as the flash deteriorates the pigments.
:p
--and no, never checked Snopes on that either. It very well could be an urban legend, but I do recall getting nailed for it at a museum once a long time ago...
This a testimony to the slackness of the people installing and running the boxes - they generally don't even know that they're running it.
Most Linux distros explicitly list services like that as they start up, but OTOH they very rarely have to start up. On the gripping hand ps uwax, service -s and the other what-is-my-machine-doing commands (and GUI tools) don't exactly hide the processes involved.
Got time? Spend some of it coding or testing
Have a look at the nature of the vulnerabilities, including those beyond IIS6 and Apache2. Typically, an Apache crack will get you limited access as user nobody or apache, but an IIS crack will get you carte blanche on the machine.
Would you rather break into a bank that had layer upon layer of security including internal hardwall partitioning, or one that only had thick external walls and a few alarms on those? Maybe ripping off the day's float would be not much different between banks, but what if getting into the vault is not significantly harder than getting the float at one bank?
It's not the admins (or at least, the difference in admin quality is not overwhelming enough to explain the differences in cracks). Roughly 80% of all email is transported by FOSS mailers, and yet where do practically all MTA attacks land? Shall we compare the difference in hardening between, say, PostFix or QMail and MS-Exchange?
Got time? Spend some of it coding or testing
If it didn't exist, they'd have to invent it. The regime needs a boogey man-men really. Al Jazeera fits the bill. It's headquartered in qatar, which for all practical purposes is a little known but important country in the mideast not only for having a ton of oil and natgas, but because it's a place where all the factions and spooks can get together and conduct real business-much like switzerland or portugal in ww2.
If the US regime didn't want al jazeera to exist it wouldn't, and starting with the grand poobah there, he knows where his bread is buttered and how he stays in power.
No, you can't. You can get small patch collections separately, but you can't get down to the level of an individual patch, and nor can you (reasonably) alter those patches at all.
With Linux, you always have the choice of downloading the patch proper and rebuilding the thing yourself (typically rpm -bb package). Then if it causes you problems, you can delete or modify one element of a patch collection to make it happy again for you. You can also inspect the patch to see exactly what it does, rather than what the vendor says it does.
That's the GPP's point: Microsoft don't do the proactive thing nearly as well as the major FOSS packages. Part of this is that the MS code is not open to wide inspection, part of it is because Marketing rules the roost at Microsoft, and part of it is that William Henry "Trey" Gates III holds dear to his heart the principle of releasing new features in preference to fixing bugs - which attitude his company will eventually, inevitably propagate.
Got time? Spend some of it coding or testing
I often wonder whether there's a relationship between the anti-virus software companies and virus writers, as clearly the former can only stay in business if there's enough of the latter...
--
Try Nuggets , the mobile search engine. We answer your questions via SMS, across the UK.
All easily enough discoverable by blundering around the menus. IPOF, it took me longer than it would a neophyte because my eye lit upon [Network & Internet] before the more obvious [Security] so I went bumbling around in there for a few seconds. Mandrake Linux, and the other major distros are all roughly as easy.
You can try the same thing in XP, and it's not many more clicks, not much more obscure, but the important thing about XP's equivalent tool is that it doesn't turn everything off.
Your point about hiding complexity but having it available immediately offstage is, however, a very good one.
Got time? Spend some of it coding or testing
I now have a nice ironic screenshot of that headline with an MS "what will they call you?" ad above it.
Got time? Spend some of it coding or testing
Comment removed based on user account deletion
Comment removed based on user account deletion
Those are excellent reasons listed, and I'd like to add examples from what I call "the real world".
I think its obvious to everyone at slashdot that there are many in the l33t h4x0r community that use linux because it is more powerful.
The media, software companies, MS, and even fellow geeks often like to claim that viruses will one-day explode into the linux scene. But its common knowledge that the same l33t h4x0rs that write windows viruses will use linux. Why has there not been a SINGLE noteworthy virus in linux yet? Don't try to pass it off as virus writers havent "noticed" linux yet and are purely after marketshare for their viruses.
Viruses are proof-of-concepts that escape half the time, and hackers like to fiddle around in linux. Yet no virus explosions.
I make the bold claim that we will never see viruses like MSblaster, SoBig, Sasser, etc, hit linux.
Simply put, people can be ignorant on Windows and they can be ignorant on Linux (or OpenBSD for that matter). In the name of easy computing, people can easily make Linux just as insecure as Windows. Just as competent people can make Windows (without IE) just as secure as Linux. I have XP at home with two accounts, one admin and one limited account. With a decent personal firewall that even blocks application launches, it's actually MORE secure than a default Linux distro in some ways. With anti-virus, it's also more secure (Eg. have you checked that wine won't run .exe files automatically in your distro, or that viruses can't use wine to infect your system?). But of course these things are really OS-independent and meaningless to compare.
Security is a process which requires competence. Nothing else will save you.
There's not much of a difference between my Linux system and XP system in terms of security, other than that I have to run anti-virus on XP and its a heavily targetted platform. None of the systems offer a true solution to the halting problem (as have been proved impossible for now).
If Linux where as popular as Windows is today, lots of clueless people would run it and tarnish its reputation. Easily. Are you so narrow-minded you don't see this?
You say you don't worry about bugs and exploits, ignoring the fact that root-exploits will let anybody 0wn your box, no matter what OS it runs.
Your account can also easily become a zombie or spam-relay for a spammer or virus of some sort. Have you blocked outgoing ports as I have done on my XP and Linux box? I don't think so, for even many experts claim it's not necessary. Cluelessness abound.
Most Linux distros MAY be more secure than XP out of the box (which MAY change with SP2), but as I said, security is a never-ending process independent of OS. If you can understand that, you've come a long way.
Btw, Mozilla was also found vulnerable of jpg-exploits. That means your system could get infected with something by just browsing the Internet. The only things saving Linux, are that it's not a widely deployed OS yet, and that the users are more tech-savvy.
And no, clueless users will always fail to patch their system. It doesn't matter that you release a patch quickly when it's not downloaded.
However, I won't claim IE with its ActiveX-crap is any secure. But my Personal Firewall blocks IE from starting up without my confirmation..
We started filtering viruses from our incoming mail in November, and as the sysadmin for the mail server in question, I was nervously awaiting the first onslaught of viruses. The statistics for the first couple months were dismal, with the number of viruses canned being at only about 2-300 a day, and sometimes a lot less.
Then MyDoom came out January 28, 2004. This day will live on in infamy since I posted to usenet about it and it's in Google's cache.
We went from 300 a day to 15,000 a day in two days.
After a while though, it died down. To about 5000 a day, still more than 10 times what it used to be. Then Zafi came out on June 11th and in three days the number of virus hits hit their peak at about 110K per day.
Again, it died down, but now we're cleaning *coughcough*only*cough* 15,000 messages per day out of our mail. Yes, that's right, we're now filtering more viruses on a daily basis than at the *peak* of MyDoom.
If the people at F-Prot, or the developers of qmail-scanner are listening, thank you. You've saved a lot of people a lot of pain.
"No problem. I have the capacity to do infinite work so long as you don't mind that my quality approaches zero."-Dilbert
I would hate to get this virus because just look at the removal instructions!
"1. Obtain the most recent virus definitions. There are two ways to do this:
* Run LiveUpdate. LiveUpdate is the easiest way to obtain virus definitions. These virus definitions have undergone full quality assurance testing by Symantec Security Response and are posted to the LiveUpdate servers one time each week (usually Wednesdays) unless there is a major virus outbreak. To determine whether definitions for this threat are available by LiveUpdate, look at the Virus Definitions (LiveUpdate) line at the top of this write-up.
* Download the definitions using the Intelligent Updater. Intelligent Updater virus definitions have undergone full quality assurance testing by Symantec Security Response. They are posted on U.S. business days (Monday through Friday). They must be downloaded from the Symantec Security Response Web site and installed manually. To determine whether definitions for this threat are available by the Intelligent Updater, look at the Virus Definitions (Intelligent Updater) line at the top of this write-up.
Intelligent Updater virus definitions are available here. For detailed instructions on how to download and install the Intelligent Updater virus definitions from the Symantec Security Response Web site, click here.
2. Start Norton AntiVirus (NAV), and make sure that NAV is configured to scan all files. For instructions on how to do this, read the document How to configure Norton AntiVirus to scan all files.
3. Run a full system scan.
4. Delete all files that are detected as Linux.Jac.8759. Replace deleted files from a clean backup or reinstall them."
Where in the Gnome menu can I find the LiveUpdate option? I hope I don't have this virus! Someone please help!
Use a hardware router that filters out *ALL* unsolicited incoming internet connections. This should 'hide' your computer from others while on the internet. In addition, use a software firewall program such as Outpost.
Install an antivirus program such as AVG and keep it constantly up-to-date.
'Harden IE' by disabling ActiveX, Java, and Javascript. No more IE 0wnage!
Delete/rename the Windows Scripting Host. No more 0wnage via VBScript!
By doing all of the above, it should now be safe to use Outlook (Express) to check your email and not get 0wned by some email-based exploit. Be on the lookout for spam (FREE V14gr4!!!), phish (id theft attempts), fraud (Nigerian advanced fee fraud), and malware (the latest Wintel/OE mass-mailing-virus). To avoid running emailed malware by accident, consider using my approach which renders known and unknown emailed malware 'inert' and safe to handle provided the system hasn't been compromised first.