October 3rd, 2003, 02:24 AM
Email Virii: MS vs *nix
Full Article [ here ]
We've all heard it many times when a new Microsoft virus comes out. In fact, I've heard it a couple of times this week already. Someone on a mailing list or discussion forum complains about the latest in a long line of Microsoft email viruses or worms and recommends others consider Mac OS X or Linux as a somewhat safer computing platform. In response, another person named, oh, let's call him "Bill," says, basically, "How ridiculous! The only reason Microsoft software is the target of so many viruses is because it is so widely used! Why, if Linux or Mac OS X was as popular as Windows, there would be just as many viruses written for those platforms!"
Of course, it's not just "regular folks" on mailing lists who share this opinion. Businesspeople have expressed similar attitudes ... including ones who work for anti-virus companies. Jack Clarke, European product manager at McAfee, said, "So we will be seeing more Linux viruses as the OS becomes more common and popular."
Mr. Clarke is wrong.
Sure, there are Linux viruses. But let's compare the numbers. According to Dr. Nic Peeling and Dr Julian Satchell's Analysis of the Impact of Open Source Software (note: the link is to a 135 kb PDF file):
"There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux. Most of the Windows viruses are not important, but many hundreds have caused widespread damage. Two or three of the Macintosh viruses were widespread enough to be of importance. None of the Unix or Linux viruses became widespread - most were confined to the laboratory."
I came across this article on SecurityFocus and figured it would be of interest here. It points out alot of interesting reasons why *nix and OSX make viri alot less successful and prevent their spreading as opposed to Windows' design which seems to make it much easier for a virus to cause havoc and propagate itself. Not doubint the authors experience or knowledge, but I would like to ask the members here who are actively employed in the IT Security field if they find this article to be relatively true, or somewhat off target?
You're not your post count, You're not your avatar or sig, You're not how fast your internet connection is, You are not your processor, hard drive, or graphics card. You're the all-singing, all-dancing crap of AO
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
October 3rd, 2003, 03:03 AM
I am sure I will get shot down for this but here goes:
*nix was either commercial or academic? until recently? (hey I have Red hat and SuSe Cds that are probably collectors items now ) In the academic environment, any exploit was probably local and not published?
Commercial environments have sysadmins and security officers, so tend to be much more aware and better defended? They can also afford the best in AV and firewall protection.
It would almost be a "self fulfilling prophesy" that attacks would be launched against home users with the more common operating system (Windows), and little or no idea of security.
Recent trends in e-commerce and home working have brought the home and business environments much closer, which is why the problem has now impacted the workplace much more severely?
Up to date, there have been few "viruses" for *nix but quite a few trojans/exploits. I put this down to the fact that *nix was being used for servers, with Windows clients. You need to be a bit more astute than the average skiddie to write something that will work and transport between the two OSes? (Just finding an address book on a *nix box would be a challenge?)
Also, look at the nature of the targets? the *nix boxes were corporate servers, which might be "fun" to hack, but not to trash?................home computers are a different story............the bottom line is that if you will send me a nice shiny new hard drive you are welcome to the one that is currently on this machine...........I have nothing of any real interest/secret on it at all (I knew I was a boring old fart)
Now that Linux/*nix is getting more popular, I would expect a growth in attacks, because it can now be found on far more home computers, and is being taught in our schools.
I will end with a simple analogy.................if I have 5,000 sheep and 5 horses and I expose them to a virus, what will be the absolute infection rate?
Just my £0.02