Linked by Eugenia Loli on Wed 8th Dec 2004 20:48 UTC, submitted by Nicholas
Editorial I just spent the last several days reading the lengthy essay "Ying and Yang of Security" which explores the origins of security on the personal computer and explains why the current models are outdated. It seems to argue that security systems designed to keep the system safe are relics of the days of mainframes when the system was more important than the user, but for a personal computer the user is more important than the system.
Permalink for comment
To read all comments associated with this story, please click here.
How the *nixes will be the next target.
by The MESMERIC on Thu 9th Dec 2004 20:17 UTC

For a while I was thinking.
It is so damn difficult to write a virus for say Linux.
So how will they get round it.


It's true to say that in Linux (I will keep to this OS) there is no common address book, window manager, activex / vbscripting etc.

But everyone uses a browser.

And what do browser have?
A Plugin.

The vulnerabilities affecting the family of browsers and plugin is scalating.

We are got a recent java vulnerability prety much OS-independant.
Image vulnerabilities still plague Linux - even though they are patched.
Unaware to some RealPlayer - that clumsy video that now come preinstalled with many Linux packages - have a recent bad vulnerability.

Join all that with various cross-browser spoof vulnerabilities.
We will see the birth of the first cross-platform online virus.

Still things are hazy.
And I have no experience (nor want to have) in writing viruses.
But am just wondering even Flash could be used maliciously - another popular requested cross-browser/cross-platform plugin.

It will happen one day.
Window users will laugh at us -
"Where is your God now?"
(the point they will be affected too wont bother them).

The damage will be mitigated because Linux users run in user mode - but still ... security was the foremost reason I jumped OSes.

Before it was pure paranoia surfing the web - how sad if we have to experience all that again.