Paul . L . Snyder on 7 Oct 2003 19:09:02 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Linux vs. Windows Viruses

Arthur S. Alexion" <> wrote on 10/07/2003 10:21:24 AM:

> Paul [; not me! -pls] wrote:
>> I think a public project should be started to encourage the
>> (attempted) creation of viruses for GNU/Linux.

This is a terrible, terrible idea!  We do not want to encourage the
creation of viruses.  Even if (as the securityfocus article states)
the polyculture of linux setups out there inhibit the spread of
infection, the potential for harm and inconvenience is still there.

>> I would expect the
>> response to be increased activity at anti-virus companies and more
>> security-conscious programming.  I do get an uneasy feeling knowing
>> that my Linux computers do not have virus scanners.

The sf article states there are "perhaps 40 Linux viruses".  You do
not, at this time, need a virus scanner because there are not, at this
time Linux-infecting viruses that are a viable threat.  Security is a
process: practice safe computing.

>> Just as remote
>> security scans test firewalls, it would be nice to be able to truely
>> test Linux's anti-virus capabilities.  Even though I've run into
>> dozens of Window$ viruses, I take comfort in knowing that anti-virus
>> utilities for Window$ are effective. (I actual have a blast detecting
>> and cleaning virus infections.)

Virus scanners, for the most part, look for known viruses.  (There are
a number of virus-like behaviors for which heuristics can be devised,
but most of the time you need an identified virus signature.)   When a
new infection hits the wild, it has to infect people, potentially
damaging their data.  It has to be analyzed by the AV vendors, and new
signature files (and possibly new scanning engine code) must be
distributed to and installed on all the clients using that AV engine.

> > Jon Nelson wrote:
> >>

> I am not too excited about getting antivirus companies involved in
> Linux.  As an avid Palm OS user, I was recenly involved in an online
> debate regarding Palm OS viruses.  there haven't been any "confirmed"
> real ones.  None the less three Antivirus companies marketed Palm OS AV
> software in the fall of 2000.  To market it, they spread a virus scare
> via press releases talking about a "virus that had been submitted
> anonymously to their testing labs".  According to the press releases,
> the virus had not been spotted "in the wild".  It is widely believed in
> the Palm OS community that the virus was designed by either Symantec or
> F-Prot in order to launch this marketing push.  Would you want that kind
> of conduct aimed a Linux?

I agree completely.  Companies are trying to sell AV for Windows CE
devices, as well.  Why pay for something that doesn't serve a function?
We don't need to manufacture a market.

Paul Snyder

Philadelphia Linux Users Group        --
Announcements -
General Discussion  --