Interesting article found at securityfocus

[tonybradley]

I read the article, but I don't agree with it.

I am from the camp that feels that a big part of the reason that most viruses and worms exploit Windows machines is because they provide a target-rich environment and not because they are inherently less secure than *Nix.

As has been pointed out, Linux- and many of the accompanying 3rd-party open-source programs that are installed by default on many versions of Linux- have new vulnerabilities discovered constantly. I don't think it would be too big a stretch for a malicious coder to compromise a Linux machine if they wanted to.

The author says:

This sort of social engineering, so easy to accomplish in Windows, requires far more steps and far greater effort on the part of the Linux user. Instead of just reading an email (... just reading an email?!?), a Linux user would have to read the email, save the attachment, give the attachment executable permissions, and then run the executable.

The claim seems to be that because everything is harder to do or requires more steps and more user intervention that these sorts of things won't be issues if everyone ran Linux. But, he also goes on to point out that Lindows- the user-friendly Linux- has made some exceptions in security in favor of ease of use.

He also says:

Unfortunately, running as root (or Administrator) is common in the Windows world.

Linux gurus tend to be more computer-geek than your average Windows user. The average "Joe" who decides to dabble in Linux A) doesn't know enough to secure it properly or not run as root, and B) tends to install the more Windows-like and user friendly flavors of Linux.

I am rambling. My main point is that its a circular argument. Its like trying to debate that if pigs could fly there would be a 300 pound bird. Pigs can't fly, and in order for them to do so they'd have to grow wings and shed 250 pounds making the original assessment untrue.

In this case, in order for the majority of the home users to adopt Linux it would have to become more user-friendly and make those ease-of-use concessions that make Windows "inherently" less secure therefore reducing its overall security and making the original assessment untrue.

The assessment can only be true if you could somehow have the majority of home users in the world not only adopt Linux platforms, but ALSO learn everything that the existing Linux-guru base knows about computers and how to work with Linux. Since that will happen when pigs fly the whole argument is moot.

Just my $.02

[BourneAgain]

nihil that qoute was not mine it was straight out of the article
"Linux vs. Windows Viruses
To mess up a Linux box, you need to work at it; to mess up your Windows box, you just need to work on it."

Bourne: you said: I see where your coming from with that statment however i disagree. When a windows virus comes out we take our windows box off line and wait (impatiently) for Microsoft to write a patch.......

Have you read my account of an online attack I posted within the last 48hrs (lazy about time zones).....new virus...take it offline.......NO I fought that on my ground and won. If you do not know what you are doing and do not take elementary precautions I think you deserve what you get? Rule one: "Learn your operating system", Rule two: "Refer to rule one"?

personaly i haven't as of yet had a virus i try to take as many precautions as i know how. the average user does not know even " elementary precautions" thats why i said take the comp. off line. the average user would not be able to fight off a hacker or figure out how to fix a infected comp. anyway my intent surly was not to start a MS bashing thread just to read an artitcle to get the writers point of veiw anyway i'm to be up @5:00 so goodnight all

[nihil]

Hi Bourne.

I was not having a go at you, I put the quote in red as I knew you were quoting it yourself, and that it was not your opinion, necessarily. Just another clever dick comment from a smartass, so to speak (it was phrased rather well, I must admit).

Was the bit about taking windows offline and waiting for a patch also a quote from the same source? If it was, I am sorry, I took that to be your own comment

I take your point about the average user's competence.

My remark referred to the User who thinks that they "know"...........the enemy from within.......give them linux and they are history..sure...but could they still do their (proper) job?

Take care

[amorphous]

When a windows virus comes out we take our windows box off line and wait (impatiently) for Microsoft to write a patch and thats all well and good however linux being open source when a vulnerability is known or a virus comes out there are thousands of people that are more than capable to fix the issue. I feel that on account of the open source that makes for a better OS However this is my humble opinion.

And how long does that usually take? M/s does a very good job of getting patches and updates to security issues out rather quickly. One of the major failings of windows users is their failure to actually use them.

personaly i haven't as of yet had a virus i try to take as many precautions as i know how. the average user does not know even " elementary precautions" thats why i said take the comp. off line. the average user would not be able to fight off a hacker or figure out how to fix a infected comp.

I am an average user. I have run windows since '95 came out. I have NEVER had a virus infect one of my computers nor have I ever been hacked. I have no computer security background nor do I work in the field, but I can guarantee you barring physical access to my computers you would have one hell of a hard time doing anything to them.

[lumpyporridge]

I have yet to find a nix viruses that actually does anything exciting or dangerous. Yet dows seems to get all the fun if you know/have of a good or interesting one please send it to me tomyork@shaw.ca (yes this is one of my email addys and not a joke)

[Arcanus Aegis]

Linux gurus tend to be more computer-geek than your average Windows user. The average "Joe" who decides to dabble in Linux A) doesn't know enough to secure it properly or not run as root, and B) tends to install the more Windows-like and user friendly flavors of Linux.
~tonybradley

I definately have to agree with this statement. Linux is not an 'average' user OS, it is for people who have a much deeper understanding of the operating system and how it functions. 60% of Windows users are non-computer literate, mail/web surfers, who barely know how to turn the computer on let alone write scripts or work through a command prompt. These are the people who are going to be the main targets an victims of malicious attacks.

[nihil]

We seem to be getting a little confused?

As I see it, *nix has very few "viruses" as such, most *nix malwares are "exploits". I think that this is because it has traditionally been a server OS? Now that far more home users are on *nix, I would expect to see more true "viruses"

Windows has traditionally been far more widely distributed on the desktop and at home, so tends to have a more even balance of "exploits" and "viruses", simply because its distribution has been more exposed?

I think that MS provide patches for "exploits" not "viruses".........the latter are the responsibility of the User?.....and they do tend to use perfectly legitimate utilities in a malicious way: Macro viruses for example?

I will leave you with one final thought:

"If Microsoft created a totally secure operating system that was stable 24/7/365, wouldn't a lot of us be out of a job?"

Answers in no more than 600 words or 2 sides of A4 to William Gates III.................

Cheers

[tonybradley]

Windows has traditionally been far more widely distributed on the desktop and at home, so tends to have a more even balance of "exploits" and "viruses", simply because its distribution has been more exposed?

My only response to this would be that- at least in Windows, the two are not very separable. Most, if not all, of the major and recent viruses and worms have worked because they exploited a vulnerability.

Microsoft does release patches to repair vulnerabilities- and not anything to block specific viruses or worms per se. However, if everyone had a fully patched and updated system the flaws attempting to be exploited by the viruses and worms wouldn't work and the virus or worm would die before it even got going.

To me- the virus or worm is just a way for a malicious coder to automate the exploitation of a vulnerability. So, when you say:

As I see it, *nix has very few "viruses" as such, most *nix malwares are "exploits".

I see that as saying that the OS is flawed and potentially vulnerable but that the incentive hasn't been compelling enough for a malicious developer to take one of those exploits and automate it by converting it to a virus or worm.

My own belief is that it is partially due to malicious developers being more from the hardcore geek, anti-MS side of the world, and has a lot to do with the fact that there are so many more Windows machines attached to the Internet.

There is a reason Honda Accords are stolen more often than Porsche 911's and it isn't because they are easier to break into or are more "vulnerable" to being stolen. Its because they outnumber the available Porsche's probably 10 to 1. The same argument is true when deciding whether to attack a Windows or a Linux computer system.

[nihil]

Tony,

I think we agree in principle?...............I am afraid that I use a rather pedantic and old fashioned definition of "virus", that is, it must infect . To me, worms and trojans etc just travel , they do not infect, so those I regard as mostly being "exploits", although some are just social engineering?, that is, they use a perfectly legitimate application for a malicious purpose.

Someone posted a "top twenty" for September a few days ago...........I think it was from Kaspersky... there was a pie chart in it that showed only about 2% were "virii", so I guess that they use the same kind of definition as I do?

I know that there are a few hybrids that do both.

The only reason I make the distinction is because I feel that "exploits" are more the responsibility of the OS and its vendor. I would not like them to get off on a technicality

Virii and social engineering I see as the responsibility of the user.

Cheers