Speading even more FUD
|
| Author | Content |
|---|---|
| qcimushroom Jun 19, 2009 11:34 AM EDT |
Quoting:Safety in fewer numbersSome one needs to educate this individual |
| rijelkentaurus Jun 19, 2009 11:39 AM EDT |
Not entirely. The large number of web browsers, email clients and other programs is in fact a giant boon to FOSS, and it really is harder to write bugs for multiple programs and have a profitable effect. Even if Linux were 95% of the market share, writing bugs would still be a challenge, beginning with the inherent permissions, and moving onto a userland with a wide variety of programs. Genetic diversity, in both life and software, ensures survival. |
| qcimushroom Jun 19, 2009 12:02 PM EDT |
I liked the article until I came to the part I quoted. read: What Myth Do You Want To Kill Today? http://linuxlock.blogspot.com/2009/06/linux-security-through... |
| phsolide Jun 19, 2009 12:48 PM EDT |
I have to agree with the article: a fractured software base does keep viruses at bay. The Microsoft Monoculture is essentially to blame for the virus epidemic of the late 80s to early 90s (mainly boot sector and Word macro viruses, really) and for the 2002-2004 Years of the Worm. I think this sort of thing is overlooked by the "Anti-Virus" community, as they mainly deal with Windows software monoculture. There's really not that many Windows email programs in use (as opposed to the linux software base using Thunderbird, Pine, Mutt, Emacs, nail, etc etc etc), and each Windows mail reader doesn't have that many versions floating around. That's a direct consequence of the centralized, closed source model. Even though I use "pine", I actually use "alpine" downloaded and compiled by me, not the "pine" that came by default with Slackware 12.0 There's just way more versions of any given software for linux floating around. You can see that in the last major Linux worm, Slapper. It had hard-coded values in it for 5 or 10 distros and versions. That just wouldn't happen in a IIS worm, since there's really only about 3 versions of it in use at any given time. |
| gus3 Jun 19, 2009 2:17 PM EDT |
The first computer virus I ever saw was on a Macintosh, in 1988. And yes, the environment was very monocultural. There was one PC to be found, a handful of Commodore 64's and 128's, and the rest (>1,000) were all Mac Plus, SE, or II. |
| kingttx Jun 19, 2009 5:16 PM EDT |
@phsolide
That may be true but only to a very slim degree, and I mean VERY slim. I don't know what kind of infection vector you are thinking of, but all of the distros have one glaring thing in common: they are based on the Linux kernel! Additionally, almost every single one of them use the bash shell, meaning a malware writer could bypass packaging and use built-in tools (like 'find' with its exec) to make shell scripts that would cover the possibility of trying to find a file that may exist in a different directory depending on what distro it's in. But that really doesn't matter! 1. By default, all distros that I know of use a umask that don't enable execution of files in a user's home directory. Of course, with some social engineering, a user can really screw up ANYTHING anyway, right? "You can't cure stupid." So if the user gets some clever message saying, "Save this to your desktop and be sure to add the ability to run it by blah blah blah. You'll be asked to run it with privileges; trust us and do it!" Dangle enough bait and some users will do anything. However...; 2. By default, users don't HAVE to run as root to use their apps. They do need to do so for updating and installing, and a savvy admin won't be burdened with allowing root privileges once the apps and updates are installed. Therefore...; 3. By default, a Linux system isn't really threatened by drive-by malware and most remote exploits. If a user is running without root, that user cannot touch the system's main files. Also, if we're talking about a Linux server with an admin worth his salt, the server is going to be hardened and probably also use SELinux with proper policies along with strong passwords and key pairs whenever possible. It boils down to this: In Linux, the weak link is the user. In Windows, the weak links are the user and the OS. |
| phsolide Jun 20, 2009 11:23 AM EDT |
Sure, all distros are based on a linux kernel, but each distro has the kernel compiled slightly (or even greatly) differently. I personally recompile a kernel for my machines, leaving out filesystems I know I won't use, and compiling in ethernet card, etc drivers I know I will use. I think this practice is pretty widespread. So, we have version diversity even amongst distros. As far as the bash shell goes... I use zsh, and it has something of a community. I still think that version diversity would play a big part in virus resistance if your factors (1), (2) and (3) didn't make a huge difference, too. You've hit the nail on the head with those 3. I believe you are correct in your summary. |
Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]
Becoming a member of LXer is easy and free. Join Us!