Linked by Thom Holwerda on Sun 23rd Sep 2007 10:54 UTC, submitted by irbis
Bugs & Viruses "For at least a decade, the standard advice to every computer user has been to run antivirus software. But new, more commercial, more complex and stealthier types of malware have people in the industry asking: will antivirus software be effective for much longer? Among the threats they see are malware that uses the ability of the latest processors to run virtual machines that would be hidden from antivirus programs." Note: Please note that our icon contest is still running! So if you have an idea on how to rework this story's icon, read this.
Thread beginning with comment 273556
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: No
by Lennie on Sun 23rd Sep 2007 12:33 UTC in reply to "No"
Lennie
Member since:
2007-09-22

In Unix/Linux it's quiet a lot easier.

Give the user no privileges to install any software in the normal places, don't set executable-bit at mounting of data and home partitions.

That leaves scripts, but they'll have to be executed as: perl script.pl or equivalant.

For the scripting languages a simple wrapper could do some checks, to prevent that as well.

Done: that's all you need to do in Unix. In windows it's a lot more complicated.

Reply Parent Score: 2

RE[2]: No
by Erunno on Sun 23rd Sep 2007 12:54 in reply to "RE: No"
Erunno Member since:
2007-06-22

Except that viruses can still go on a rampage in the user accessible places (read: home directory) and in the worst case destroy all your data. Contrary to server maintainers I reckon that desktop users care much more about their data than the OS which can be easily replaced.

Reply Parent Score: 5

RE[3]: No
by chrono13 on Sun 23rd Sep 2007 13:19 in reply to "RE[2]: No"
chrono13 Member since:
2006-10-25

Most viruses, by the very definition of virus, spread automatically.

Rights restrictions almost immediately prevents most of these transmission methods.

Yes, it can hit the home directory. Does it have rights enough to start again after a restart? Maybe. Run as a system service or destroy ALL users data? No.

Additionally, a simple cron backup to any other location that requires elevation to write leaves the data, or at least most of it, protected.

Requiring right clicking and changing to executable would mitigate accidents and spoofs, though doesn't address the Dancing Bunny issue.

There are other solutions to this problem as well, but I absolutely agree that the data is the most important, and should always be backed up on a regular, automated basis, preferably to a different drive.

Hard drive failure can happen anytime to anyone and destroy all that data instantly, and more effectively than any virus. That doesn't mean data shouldn't be stored on hard drives, it simply means that the more valuable it is, the more care should be taken to ensure it is not lost.

I can let a friend use my computer and not have to worry about what they are doing. They are a limited user and the worst case scenario is removing and re-adding that user, deleting all problems with it. And I never have to worry about my computer failing to boot tomorrow because of an ini file embed in a website I visit today.

And finally, most Windows problems are not exploit related, but initiated through direct user interaction. Whether downloading a file from freesoftware4free.com or Kazaa, the greatest problem with Windows is that running as admin is default, and because it is default, running limited is not easy.

Losing one users files or login ability is terrible. In Linux, the system still boots, and I can still use the machine. I may even be able to use another user/root to recover the files.

Losing all users files and the ability to log in or use the computer is unreasonable, inexcusable, and far too common on Joe Sixpack machines. Sure, many of the files may be recoverable, but you know exactly what happens when Windows won't boot. The Windows CD goes in and the data is formatted away.

That Windows install CD is responsible for more unnecessary data loss than any virus in history.

Edited 2007-09-23 13:21

Reply Parent Score: 5

RE[2]: No
by Ben Jao Ming on Sun 23rd Sep 2007 12:55 in reply to "RE: No"
Ben Jao Ming Member since:
2005-07-26

It's true that downloading something and executing it might take a little bit of skill in theory. Unfortunately there is still some work left, because certain programs make this hard:

In Nautilius, if you double-click a .pl file, it might run it using perl.. same thing goes with other poorly configured file browsers.

In Firefox if you goto an URL that points to some extension you might give it the right to install.. if you're a stupid user who wants to see dancing_bunny.xpi in action.

and so on...

Another case might be that you download and run a program you trust and then it does something you don't want it to. Even if you're in userspace this might affect your privacy and sniff up stuff like credit card numbers.

Saying that Linux/Unix is safe from this kind of stuff is wrong, but assuming that the user is smart enough to avoid it is more likely than for xp users.

Reply Parent Score: 4

RE[3]: No
by Gone fishing on Sun 23rd Sep 2007 13:15 in reply to "RE[2]: No"
Gone fishing Member since:
2006-02-22

I agree on reason Linux doesn't have malware is it's generally savvy users. Ubuntu just doesn't have the same number of idiot users as Windows. However, I think it's hard to over estimate how poor windows is you don't have to do something real stupid in Windows to catch a cold. Yes I can see that when Ubuntu has 30% of the home user market share some will run Sudo so they can see the dancing bunnies, they might even need an AV, but Windows provides basically the ideal conditions for growing malware (even makes me feel quite nostalgic for RISCOS)

Reply Parent Score: 2

RE[3]: No
by chrono13 on Sun 23rd Sep 2007 13:24 in reply to "RE[2]: No"
chrono13 Member since:
2006-10-25

"Saying that Linux/Unix is safe from this kind of stuff is wrong"

Absolutely. No OS, Mac, Linux, BSD, Vista, XP... none is imunne from at least the logged on users rights to files. All those files are potentialy at risk.

And yes, all operating systems are vulnerable to spoofs, since the attack is against the user, not the OS.

I'm talking about direct attacks on the OS, other users files, and so forth. If I came accross otherwise, I didn't mean to.

Edited 2007-09-23 13:25

Reply Parent Score: 2

RE[2]: No
by netpython on Sun 23rd Sep 2007 17:13 in reply to "RE: No"
netpython Member since:
2005-07-06

How many linux/unix users harden their boxen as any admin worth his/her salt does?

Reply Parent Score: 4

RE[2]: No
by Doc Pain on Sun 23rd Sep 2007 17:16 in reply to "RE: No"
Doc Pain Member since:
2006-10-08

"In Unix/Linux it's quiet a lot easier."

In principle, it is, but not in reality. Let me explain:

"Give the user no privileges to install any software in the normal places, don't set executable-bit at mounting of data and home partitions. "

This would imply a difference between the user (who may not do the things mentioned above) and the administrator (who may do because it's his job). In today's world of UNIXes and Lunix, there's hardly a difference between user and administrator. A PC at home - a server at home (intended or due to malware running), but no administrator. Or put into other words: User and system administrator are the same person. Due to a lack of interest, knowledge, experience and maybe time, the "administrator part" does not do his work, but the "user part" wants to see the dancing bunnies.

The weakest part of a chain will cause a fraction. THis part usually is the user. The best means of security won't work if they are bypassed to increase comfortability or a "look and feel" the software manufacturer assumes his customers to require.

Of course, security is more important to UNIX / Linux than it is (or at least, has been) to "Windows". Hey, the Internet runs on UNIX, we can't afford dancing bunnies in routers and name servers! :-)

If you can't increase users' interest in security, even AV software will fail. Reality proves that it does in fact - just imagine why more than 90% of mail today is spam.

If you take responsibility away from users, they feel everyone thinks they're stupid. If you give responsibility to them, they feel overwhealmed and uncomfortable. In my personal opinion, today's Linux desktop OSes have found a good balance here. I wish "Windows" would do so, too, but - without wanting to insult anyone - "Windows" users still "have no time" to care about important things when they use a PC; the Linux users seem to be more educated and responsible in these regards. Of course, a computer is just a tool, but you still need to know a few things in order to handle it properly. Linux users have understood this requirement, so have Linux OSes.

Reply Parent Score: 3

RE[3]: No
by netpython on Sun 23rd Sep 2007 17:39 in reply to "RE[2]: No"
netpython Member since:
2005-07-06

Linux users have understood this requirement, so have Linux OSes.

That will change rapidly the more easier it becomes to install and run linux.

If you can't increase users' interest in security, even AV software will fail.

How much should "the user" know?
I mean if you are going to be operated should you for maximum effect be interested in surgical instruments?

In my personal opinion it's the IT sec scientists and other warriors job to educate those who write software.
If only a lot of software including OS's wouldn´t contain so much attack vectors.

Most people have an incomplete picture of organised crime. They simply don't comprehend organised crime has made an entry in cyberspace a long time ago.

Reply Parent Score: 2