Tobias DiPasquale on 7 Oct 2003 19:34:02 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Linux vs. Windows Viruses


On Tue, 2003-10-07 at 13:35, Paul wrote:
> I think a public project should be started to encourage the (attempted) 
> creation of viruses for GNU/Linux.  I would expect the response to be 
> increased activity at anti-virus companies and more security-conscious 
> programming.  I do get an uneasy feeling knowing that my Linux computers 
> do not have virus scanners.  Just as remote security scans test 
> firewalls, it would be nice to be able to truely test Linux's anti-virus 
> capabilities.  Even though I've run into dozens of Window$ viruses, I 
> take comfort in knowing that anti-virus utilities for Window$ are 
> effective. (I actual have a blast detecting and cleaning virus infections.)

This is not a good idea for two reasons:

1) Art already mentioned that AV companies need virii to survive and are
not above creating one (or more) to further their aims. A corollary of
this is that public consciousness for virii on Linux will increase and
bring with it FUD of its own without any real basis in reality (e.g.
some implementation decisions will be swayed by a thought like this:
"Linux has virus problems, too so what does it matter which one I
use?"). I know plenty of people (IT guys in/around Philly/NYC) who are
dying to find some serious problem with Linux so they can stick with
their warm, comfortable bedmate, Microsoft.

2) Virus writers keep score and gain status by how many machines they
infect. The more machines infected and the larger the damage total, the
more of a success that that virus was. Therefore, your "public project"
would not attract the most talented virus writers, since they will be
looking to actually _release_ their viruses in order to infect as many
machines as possible. Sociologically, this project makes no sense
because the viruses it produces will always be second-rate (since you
won't attract the best virus writers/virii) and lead the community into
a false sense of security with regards to the number and potency of
Linux-based viruses. This is unlike other public projects (re: FLOSS)
because it is NOT in the best interests of the community to create the
most effective virus, simply because it can then be turned on them by
any script kiddie with a motive.

P.S. Public repositories of virii exist already, btw.

-- 
<< Tobias DiPasquale >>
88FA 30C9 1E63 CFE2 CBD8  37C4 DA1C E2BF 1D26 F036
http://cbcg.net/

Attachment: signature.asc
Description: This is a digitally signed message part