Paul on 7 Oct 2003 21:22:02 -0000


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Linux vs. Windows Viruses


Tobias DiPasquale wrote:

1) Art already mentioned that AV companies need virii to survive and are
not above creating one (or more) to further their aims. A corollary of
this is that public consciousness for virii on Linux will increase and
bring with it FUD of its own without any real basis in reality (e.g.
some implementation decisions will be swayed by a thought like this:
"Linux has virus problems, too so what does it matter which one I
use?"). I know plenty of people (IT guys in/around Philly/NYC) who are
dying to find some serious problem with Linux so they can stick with
their warm, comfortable bedmate, Microsoft.



Should we assume that anti-virus companies have been trying to infect GNU/Linux systems with viruses as part of their daily work? If only in a lab, I really hope they are working on it. If they are, they must not be succeeding. The problem is that we don't know either way. That's why I proposed a public project.


2) Virus writers keep score and gain status by how many machines they
infect. The more machines infected and the larger the damage total, the
more of a success that that virus was. Therefore, your "public project"
would not attract the most talented virus writers, since they will be
looking to actually _release_ their viruses in order to infect as many
machines as possible. Sociologically, this project makes no sense
because the viruses it produces will always be second-rate (since you
won't attract the best virus writers/virii) and lead the community into
a false sense of security with regards to the number and potency of
Linux-based viruses. This is unlike other public projects (re: FLOSS)
because it is NOT in the best interests of the community to create the
most effective virus, simply because it can then be turned on them by
any script kiddie with a motive.



Let them attack! We have laws against attacking computers, but /that/ doesn't stop attacks. Only good counter measures will protect us. Tactics can not be developed if we live in a bubble and never face a real or engineered threat.


Think of tools like Saint and Nmap. They are open source projects. They can be used for good or evil. If we use them for good, they are in the best interests of the community.

GNU/Linux is a good. Used to launch attacks it is bad. We can choose to launch an attack. However, our systems, if compromised, may launch attacks on their own. How would that make Linux look?

Needless to say (I always say things regardless of need.) I don't believe in security by obscurity.

P.S. Public repositories of virii exist already, btw.



Link, please!


_________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.netisland.net/mailman/listinfo/plug-announce General Discussion -- http://lists.netisland.net/mailman/listinfo/plug