Re: [PLUG] Linux vs. Windows Viruses

Paul on 7 Oct 2003 21:22:02 -0000

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Linux vs. Windows Viruses

From: Paul <emailme@dpagin.net>

To: plug@lists.phillylinux.org

Subject: Re: [PLUG] Linux vs. Windows Viruses

Date: Tue, 07 Oct 2003 17:22:00 -0400

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624

Tobias DiPasquale wrote:

1) Art already mentioned that AV companies need virii to survive and are not above creating one (or more) to further their aims. A corollary of this is that public consciousness for virii on Linux will increase and bring with it FUD of its own without any real basis in reality (e.g. some implementation decisions will be swayed by a thought like this: "Linux has virus problems, too so what does it matter which one I use?"). I know plenty of people (IT guys in/around Philly/NYC) who are dying to find some serious problem with Linux so they can stick with their warm, comfortable bedmate, Microsoft.

Should we assume that anti-virus companies have been trying to infect GNU/Linux systems with viruses as part of their daily work? If only in a lab, I really hope they are working on it. If they are, they must not be succeeding. The problem is that we don't know either way. That's why I proposed a public project.

2) Virus writers keep score and gain status by how many machines they infect. The more machines infected and the larger the damage total, the more of a success that that virus was. Therefore, your "public project" would not attract the most talented virus writers, since they will be looking to actually _release_ their viruses in order to infect as many machines as possible. Sociologically, this project makes no sense because the viruses it produces will always be second-rate (since you won't attract the best virus writers/virii) and lead the community into a false sense of security with regards to the number and potency of Linux-based viruses. This is unlike other public projects (re: FLOSS) because it is NOT in the best interests of the community to create the most effective virus, simply because it can then be turned on them by any script kiddie with a motive.

Let them attack! We have laws against attacking computers, but /that/ doesn't stop attacks. Only good counter measures will protect us. Tactics can not be developed if we live in a bubble and never face a real or engineered threat.

Think of tools like Saint and Nmap. They are open source projects. They can be used for good or evil. If we use them for good, they are in the best interests of the community.

GNU/Linux is a good. Used to launch attacks it is bad. We can choose to launch an attack. However, our systems, if compromised, may launch attacks on their own. How would that make Linux look?

Needless to say (I always say things regardless of need.) I don't believe in security by obscurity.

P.S. Public repositories of virii exist already, btw.

Link, please!

_________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce General Discussion -- http://lists.netisland.net/mailman/listinfo/plug

References:

[PLUG] Linux vs. Windows Viruses
From: "Jon Nelson" <quincy@linuxnotes.net>

Re: [PLUG] Linux vs. Windows Viruses
From: Paul <emailme@dpagin.net>

Re: [PLUG] Linux vs. Windows Viruses
From: Tobias DiPasquale <toby@cbcg.net>

Prev by Date: Re: [PLUG] Linux vs. Windows Viruses

Next by Date: Re: [PLUG] Linux vs. Windows Viruses

Previous by thread: Re: [PLUG] Linux vs. Windows Viruses

Next by thread: [PLUG] scientific programming job possibility

Index(es):

Date

Thread