Slashdot Mirror
Windows Viruses up Sharply in 2004
Brad1138 writes "MSNBC has an article regarding the proliferation of Windows Viruses and collaboration among virus writers and spammers. Also mentions the likelihood that viruses for Linux and handhelds will see a sharp rise."
If that headline were "Fords suddenly accelerating into oncoming traffic more in 2004", we'd see a lot more action than just applause at Gates' empty lies about prioritizing security.
--
make install -not war
I dont think we will see a real change in the viruses for Linux until their market share increases to appeal to the spammers and virus writers...
CS: It is all sink or swim...oh and did I mention there are sharks in that water?
Is it me, or does slashdot report the news that "Windows viruses on the rise!" or some derivation thereof every single fucking day?
I mean, this is just a mainstream news spacefiller about stuff we know all about.
Forget your it and politics sections. Just make a "ms-flamebait" section, and just repost this "announcement" that there are lots of Windows' malware every 15 minutes.
I don't need no instructions to know how to rock!!!!
Is there a smarter person than me who can tell me how likely it is that there will be worms that can distribute themselves via thunderbird, evolution and the likes that bother the end-user directly?
If you mod this up, your slashdot background will turn into a beautiful sunset!
This short article mentions an increase in linux viruses, but fails to mention the obvious fact about a virus that attacks any open source operating system: Any exploit that is found by someone malicious will be quickly fixed by the overwhelming majority that belongs to the benevolent OSS community. The lifetime of a virus attacking and open source OS would be very short, and wouldn't require the use of any third party virus protection software to fix.
From the article:
Spammers, after forking over money to the hackers for access, then flood those hacked computers with unsolicited messages, or spam, that often advertise products or get people to spend money.
That makes it sound like they take over your machine so they can send you spam. No, they take over your machine so that they can USE your machine to send spam to millions of other users.
Eventually what will end up happening from all of the virii and worms being released, as well as the explosion of spam and unsolicited messages will be that people are just going to get fed up and stop using computers as well as the internet as much as previously. The standard home users will abandon the internet, and the .com boom will shrivel more and more until computers will be reserved for direct communication and business purposes. People can only stand so much of the garbage associated with running computers.
I thought last year was supposed to be the 'worst ever' according to this article anyway.
Hmmm, let's review:
2003 - worst year ever
2004 - viruses sharply up (from the worst year ever)
So - when does that 'Great Security Initiative' of 2002 start working? Microsoft please - the authenticated code approach doesn't work. Sandboxes do.
Depends how anally you want to define "virus".
True 'viruses' havent really been a problem for Windows in years, either. The stuff labelled "virus" in the press is all worms, exploits, or other malware.
There are worms and exploits and other malware for linux. Google for root kits. It's not that hard to write, and there are plenty of documented bugs to exploit out there.
I don't need no instructions to know how to rock!!!!
Because you know it would happen.
Symantec also said it expects more viruses and worms in the future to be written to attack systems that run on the Linux operating system and hand-held devices as they become more widely used.
Hmmm, Symantec sells virus protection for hand-helds and Linux. I sure hope that they believe there will be more virus/spam attacks against these systems.
Some people have a way with words, others not have way.
Seriously, is linux actually more secure? Will desktop vendors make it less secure for Joe Sixpack by stuff like root by default? Why aren't people writing linux viruses?
Computers are useless. They can only give you answers.
-- Pablo Picasso
Quoth the article:
Symantec also said it expects more viruses and worms in the future to be written to attack systems that run on the Linux operating system and hand-held devices as they become more widely used.
Hand held devices are already pretty widely used. Also, do they mean Pocket Windows? Palm OS? And have they checked the numbers?
My problem is that there is no great proof that I've seen for or against linux/Mac/Palm OS being more secure or less prone to viruses. A sentence beginning with Symmantec always makes me think this is just FUD to stir up concern on other platforms to purchase products, with no basis in fact.
"All great wisdom is contained in .signature files"
Hmmm... I seriously doubt that there is going to be a "sharp rise" in Linux viruses for a few reasons:
1. Most people, when it comes to doing work, try to do just enough to get by. If it's easier to infect a machine running Windows than it is to do one running Linux, it'll be the Windows machine getting attacked.
2. In the same vein, most people you use Linux or a different flavor of *nix tend to be more technically savvy than the typical Windows user and secure their systems properly (in my experience). Note, I am talking about users here, not computer professionals.
3. And the numbers of Linux systems available for compromise still isn't as high as the number of new computers that boot into Windows when they come out of the box from Dell (IBM, HP, Compaq, etc).
Will we eventually see more Linux systems being attacked? Sure, as people finally get a clue and either secure their Windows systems properly, install a decent firewall (preferably hardware), change OSes, or get get disgusted with the Internet in general and pull the plug.
If "disco" means "I learn" in Latin, does "discothèque" mean "I learn technology"?
Yes, the number of viruses will rise as the use of these operating systems rises. However, I don't think they'll have anywhere near as much of an impact on each respective machine.. you know.. stricter permissions and all. If Windows would implement something akin to the *nix 'root' user, it would go a long way in helping with security.
What is your penile percentile?
Linux on the other hand generally will not let information flow freely between different apps and the OS, you have to tell it to do something like that, its (infinitely) more transparent.
So while we will see linux virii, they might only work on mandrake 8.2 and red hat 83.42.19, and only if you have the right library installed in the right place and were logged in as root to read your email.
00010111 always try everything twice
VIRUSES - A big problem on Windows, currently not a big problem on Linux. I view viruses as a failure of the security model of the operating system.
...
... So the "solution" is to block or slow the most common method of such "infections". Which is Microsoft Outlook and its ability to run executable attachments. Just NOT enabling this functionality on Linux email clients would prevent most trojan attacks from "infecting" the computer.
Windows is still VERY open to viruses but for pure infection rates they can't match
TROJANS - particularly the email types. Dumb user clicks on an attachment and gets infected. The trojan then emails itself to everyone in his address book (on the assumption that dumb people have dumb friends). Trojans will be with us as long as we have dumb users.
-and-
WORMS - The spread without any human intervention. But these should have a very short life span. Patch the flaw and they die.
Which shows why Linux has been so resistant to "viruses" so far.
#1. Worms - Not everyone runs the same services, active, with the same flaws, unprotected by a firewall. And there is no reason to believe that this will ever change. Worms are a minor threat on Linux.
#2. Viruses - the security model for Linux is better at preventing infections than Microsoft's model. Unless this changes (again, why would it), viruses will remain a minor threat on Linux.
#3. Rootkits - a problem, but they rely upon flaws the same a worms do.
#4. Trojans - We'll see. Unfortunately, as I stated above, this is also the largest current "virus" threat today. If you can get a dumb user to go through all the steps necessary to install it
So, while Linux is not perfect, it is far more resistant to viruses, worms and even dumb user trojans than Windows is.
5) Don't run with admin priviledges. I know this is impossible for most Windows users.
That's just slashdot folklore. I log in as administrator about once a month, and only because month after month I keep hoping ATi will release a driver that doesn't suck.
Many slashdotters hate windows because they don't understand how to configure and use it. In which case, yes, if you don't understand the basics of windows security and rights assignment, it's much easier just to run as Administrator.
Of course, it's easier to run linux as root and not have to worry about who can mount shares, access the cd-r or
I don't need no instructions to know how to rock!!!!
Fair enough. Clueless users and lazy admins are primarily at fault for most infections. However, there should be some sort of responsibility from the vendor to secure the product -- especially because of its demographic which ranges from the uber1337 to the clueless.
XP SP2 addresses some of those issues -- like the firewalling being turned on by default. I'm willing to bet that Joe Sixpack wouldn't have done that on his own. With worms and viruses that travel through Outlook's preview pane or through sites rendered in IE -- there's some blame for the software.
Time and again, people will open attachments or click on unknown links...and such actions shouldn't be able to jeopardize the security of a machine.
Sure, awareness, knowledge, and healthy paranoia are the ultimate solutions to computer security, but the software has to cooperate, too.
Install just what is needed by default. Have the most secure options turned on by default. Make patching and testing fixes a high priority. If a bug is found and a fix is not immediately available, widely publish a workaround fix instead of hiding the bug until it can be fixed.
Some clueless users and lazy admins still may not follow advisories or patch their machines, and should take responsibility for their fate. Software developers/companies (both OSS and Closed) must take some share of the responsibility if they don't work hard enough to disclose, fix, or create awareness of a problem.
There are a lot of reasons why viruses and worms will never be such a huge problem in Linux as they are in Windows now:
Will we see Linux desktop viruses? Almost certainly yes. But they will be pretty rare and not an epidemy like those on Windows today.
did you read any of them?
I just went through and read a dozen (I've read more in the past, just wanted to see if they had changed). All are listed as easy to remove, low danger. All involve someone doing something *really* stupid (like, "once a user runs this program, it writes to all the files in the same directory..." blah).
NONE are a virus. I could just as easily write a shell script that simply had as its only line:
rm -rf / 2>/dev/null &
You wouldn't know anything was wrong until you were screwed. Would it be a virus? No, it would be someone too STUPID to look at what they are running.
Find a single "virus" in that list that is anything different.
In windows, on the other hand, you can get viruses just by looking at a jpeg, or opening an email, or even just visiting a web site. To be "safe," windows users have to have active virus scanners; all linux users have to do is not have a . in their path, and not run things they don't recognize. How did the file get on the system, anyway? We're *starting* with a breach, when it comes to linux "viruses." If someone can put a file in a directory, they can do far more while they're there (like, modify the programs themselves, change configs, set up keystroke loggers, whatever...why just leave malware?).
Get a clue, and realize its not just zealotry speaking when someone says Linux, and UNIX in general, doesn't have to worry about viruses. They also don't have to worry about playing WoW, or using MS Office. They're simply different environments than Windows.
Your world is pretty small, I know of a third group that runs Windows and is never infected by viruses, hit by exploits or other nasties, their computer hums along just nicely and they use their computer to do stuff. I know, because I'm one of them. Nice to meet you.
You want to know who isn't running Firefox 2.x? They spell it "definately" and "rediculous".
As Evolution, Kontact (KDE's groupware suite, encorporating Kmail) and Thunderbird vie for desktop supremacy new features will be developed, and copied, and theoretically you will start seeing the same technologies popping up in at least the top three dominant mail clients (and web browsers) on the Linux platform. Once you get common technologies, that's when virus writers have something to target that they know will be common across their userbase (or at least a large part of it). That's the situation that has led to so many exploits for Windows software, and the potential is that exploits for Linux software could be developed and could spread.
However, because of the security model of Linux (ie. each user only has write access to his own files) the furthest any worm or virus will be able to spread is to that user's files and directories. So, wipe the user and restore from backup, and your virus woes are dealt with.
As long as the security model for Linux remains unchanged, this will be the case, and viruses and worms, while probably becoming more frequent, will never be able to do significant damage to a machine.
THIS is why Linux is less susceptible to viruses. The arguement that it's a more obscure platform only holds water up to a point.
"The dew has clearly fallen with a particularly sickening thud this morning"
It is Highly unlikely a seperate section
for MS-FLAMEBAIT --
As we know Articles realated to Microsoft have
a minimum comment range of 400-500 while max could be anything from 1000-2000 range.
In stark comparison most other articles would only get a minimum of 60 or a max of 350 [ 60-350 Range].
If M$ related stories are moved to a seperate section then the number of comments in main section will drastically reduce!
Which could signal slashdotters that less and less people are visiting slashdot - Slashdot image gets a hit!
And neither will the MS-FLAMEBAIT section get all the hits or comments.
Not many would be inclined enough to GO to M$-F section and bash M$.They do it on M$ stories on Main page coz it infuriates them!
Why does yahoo do this
Mozilla/Firefox had similar vulnerabilities in BMP and PNG in the last couple of weeks. Linux isn't going to help that much.
Yeah it does. Firefox doesn't run as root.
There are far more Linux machines connected with more bandwidth today than there were net-connected Windows machines when viruses started becoming a problem for those users.
Linux is heavily used by Wall Street and major banks, many websites handling ecommerce, and many sites with fast links. If I was a virus writer, I would aim for the first two if I was after money, and the latter if I wanted zombies for denial-of-service attacks. And if my goal was demonstrating my technical virtuosity, I would go after Linux (and OpenBSD, and Solaris, and Mac) systems rather than Aunt Tildy's Win98 box.
No, the reason there are few Linux exploits is because a properly configured Linux machine is a lot harder to attack, and the different distros make for enough variations that a virus will have a hard time cross-infecting enough of the variants. Linux upgrades are pesky, but frequent and free. If Linspire Linux (log in as root? feh!) ever becomes popular with the newbies, then there will be plenty of exploits - for a while. Then the not-so-newbie users will migrate to more secure but equally easy to use Linux distros (like Xandros), and Linux will regain its well-deserved reputation for security.
Any OS can be made more insecure by carelessness. There are probably hundreds of zombied Linux boxen out there right now. But only proprietary software forbids exceeding the security the manufacturer provides for you. Microsoft and Symantec have some great programmers working on security, but they are few, and limited by corporate monoculture attitudes. It is the search for security excellence among the far more numerous developers and savvy users of Linux that make it grow more secure daily, and it is the democratization and openness of the process that makes good security practices spread among more ordinary users.
Keith Lofstrom server-sky.com
Actually, most of the software I run is OSS and I thank you for the compliment. I do have a clue as to what I'm doing.
I was merely responding to your implication that there are only two types of windows users: the ones that lie back and 'enjoy' it or the ones that invite disaster by pirating software. Windows users are like every other computer user, they need to be educated. I'm pleased to say that I've done plenty of that.
You want to know who isn't running Firefox 2.x? They spell it "definately" and "rediculous".
Have a look at the nature of the vulnerabilities, including those beyond IIS6 and Apache2. Typically, an Apache crack will get you limited access as user nobody or apache, but an IIS crack will get you carte blanche on the machine.
Would you rather break into a bank that had layer upon layer of security including internal hardwall partitioning, or one that only had thick external walls and a few alarms on those? Maybe ripping off the day's float would be not much different between banks, but what if getting into the vault is not significantly harder than getting the float at one bank?
It's not the admins (or at least, the difference in admin quality is not overwhelming enough to explain the differences in cracks). Roughly 80% of all email is transported by FOSS mailers, and yet where do practically all MTA attacks land? Shall we compare the difference in hardening between, say, PostFix or QMail and MS-Exchange?
Got time? Spend some of it coding or testing