Replies

"The reason that we have not seen a real Linux virus epidemic in the wild is simply that none of the existing Linux viruses can thrive in the hostile environment that Linux provides. The Linux viruses that exist today are nothing more than technical curiosities; the reality is that there is no viable Linux virus"

I really shouldn't bash Windows so hard without admitting to the terrible truth that all operating systems have shortcomings and vulnerabilities.

In truth, you are correct Joe. Malware can be created for Linux as with any other operating system. The issue is that of a transport and support vector. In the past, we had things such as the "wiz" command still enabled in certain versions of sendmail, the horrible and inexcusable holes historically found in BIND for DNS, a perpetual bad security history with PHP.

But there are a couple of things to bear in mind. First, MS-Windows "assumes" that the owner IS the owner and therefore knows better. In truth, most people don't understand the concept of a remote privilege exploit much less the results. Practically every Windows PC that I ever touch when helping people has been set up for their user account to be admin equivalent. When I point this out, they point out that they "need" for it to be this way in order to install certain software packages. To illustrate my point just a little further, I'm willing to wager that most people don't know what Conficker really does. Most know that it disables access to real anti-virus solutions, and that it makes copies of itself and infects other Windows platforms. But what does it REALLY do? It establishes a botnet for a future yet to be determined function. We can be assured that this function will not be for the better good of mankind. :-)

Linux, on the other hand, has lately gotten away from permitting the user to even casually use the privileged account. Debian and Ubuntu even have some very NICE ways of permitting regular users to perform privileged functions, and these operating systems in particular make it DIFFICULT for the user to even use the root account. Out of the box, Ubuntu establishes a root account with a mangled password (!!) and is pretty much unusable via the shell for most normal users. The user access it via group membership and sudo, and wrappers for sudu for the KDE and Gnome graphical environments.

But I do hold Windows responsible for their entirely unbelievable line of crap about their model of security review and patching in their development cycle. That's simply a lie and motivated by money. It's patently untrue. If people were to go look at time lines for discovery of problems and the turn around times for release of patches, they'd discover that Microsoft is way behind the curve on this. In fact, sometimes they hide it from the public at large for months. This is nearly impossible to do in an Open Source environment. Also, Windows has created the perfect attack vector for malware by continuing to foster their bad code security review practices. They've enabled the creation of an entire industry...anti-virus and malware prevention (see www.bluecoat.com). The only reason we EVER run AV on Linux is to protect Windows systems!

Sorry for the "long-ish" opinion about what a lot of people already know. I just wanted to clarify malware and open source operating systems. :-)