Slashdot Mirror

← Back to Stories (view on slashdot.org)

Torvalds Creates Patch for Cross-Platform Virus

Posted by ryuzaki0 on from the just-here-to-make-things-work dept.

Newsforge is reporting that Linus Torvalds took a few minutes to review the cross-platform proof of concept virus covered yesterday and has proven that the virus does indeed not work with latest kernel version 2.6.16 and even released a patch in order to fix this "problem." From the article: "The reason that the virus is not propagating itself in the latest kernel versions is due to a bug in how GCC handles specific registers in a particular system call. [...] So the virus did a number of strange things to make this show up, but on the other hand the kernel does try to avoid touching user registers, even if we've never really _guaranteed_ that. So the 2.6.16 effect is a mis-feature, even if a _normal_ app would never care. It just happened to bite the infection logic of your virus thing."

6 of 195 comments (clear)

  1. Re:mis-feature by Anonymous Coward · · Score: 3, Interesting

    Imagine how /. is going to spin this as "not a linux problem".

  2. Re:mis-feature by shotfeel · · Score: 4, Interesting

    From TFA:

    Leave it to open source hackers to debug and fix aging viral code so that it works correctly.

    That's what I find amazing -fixing things so the virus will run properly.

  3. A bug is a bug. by Spy+der+Mann · · Score: 3, Interesting

    Who says this bug didn't mess up with WINE libs, preventing OTHER programs from working correctly?

    Of course, we'll need a sandbox patch or something BEFORE windows viruses start affecting WINE+linux :)

  4. Best part by slashflood · · Score: 5, Interesting

    from TFA:

    This lends support to the speculation that this virus is not new code at all, in spite of how Kaspersky Lab is trying to use it to drum up new business. [...] And shame on the anti-viral industry, Kaspersky Lab in particular, for its attempts to deceive the public by passing off old code as something new.

  5. More on Linus + virus by caffeination · · Score: 5, Interesting
    From Newsforge
    We sent an email to Linus Torvalds to let him know about our testing. He replied:

    That said, it sounds like it's a regular program that just happens to work on both Windows and Linux, and that happens to do things that are perfectly OK per se (i.e. writing to files that are owned by the user). So it's interesting just because of the "works on both Linux and Windows" angle, not because of any viral nature.

    This is a really good insight, I think. While the rest of us are thinking about the "virus" and wondering what it means for the future, Linus identifies all these ignored technical aspects.

    The power of a mind untouched by Slashdot?

  6. Re:Fix it? by Anonymous Coward · · Score: 3, Interesting

    yes, but it was a flaw in the operating system nonetheless. Just because a virus discovered the flaw doesn't mean the flaw shouldn't be fixed.

    If someone validates your website, and points out to you that it's invalid, do you complain that they use IE? No, you correct the page to make it valid again. (of course, it still won't work in IE, but c'est la vie)