In message , nightjar
writes
"Tony Hogarty" wrote in message
news
an.2004.12.16.17.08.29.773277@tjhpropertyga rbage.co.uk...
...
No unfortunately you are very wrong in your assumption. There have been
attempts to write viruses for *nix sysytems previously and fortunately
they come to nothing because they can carry no useful payload and more
importantly they cannot propogate. Read this article for a fuller
description of the differences http://www.securityfocus.com/columnists/188
Essentially, that says that the main differences are that there are too many
different programmes out there for one virus to be a problem for everyone
and that Linux does not do some of the things that have proved to cause
problems with Windows. The first is consistent with my statement about their
relative obscurity. The second simply means that the system is not
vulnerable to problems that have been identified with an entirely different
operating system in the past. Nothing in the article convinces me that, if a
multi-billion pound industry, which probably motivates it programmers as
much by fear of what happens if they fail as it does by the rewards if they
succeed, would not find vulnerabilities to exploit, if it found the desire
to do so. The relativly better security probably does protect it from the
occasional destructive geek. However, I would need a lot more convincing
that it could withstand the sort of highly organised, well funded attacks
that MS products are subjected to.
It's largely a matter of attitude and policy. Microsoft has tried for
years to move software out of computers and into its own servers, so you
would download Word when you needed it and be charged by the hour. This
gets them away from the enormous problem of maintaining a revenue stream
by constantly producing new versions of everything. Secondly, Microsoft
is trying to make money from third-party content, i.e. entertainment,
again as a continuous source of revenue. Both ambitions cause Microsoft
to look favourably on downloading and running just about anything from
anybody on the Internet, and to downplay the risks, even to themselves.
Hence an email program which routinely runs attachments received in
emails. For a long time, it was not possible to stop Outlook/Outlook
Express running attachments automatically. The preview pane meant that
it was not even necessary to explicitly look at an email. This behaviour
went on long after it became glaringly obvious that it was a stupid
idea. The question is, why was it *ever* considered anything other than
a stupid idea? Even after it had been 'stopped', it was possible to
include an executable in an email and tell Outlook that it was a
harmless audio file. Outlook would swallow this and pass it to Windows.
Windows would assume Outlook knew what it was doing, and run the file. I
kid you not.
Linux descends from Unix, which came into being as a network operating
system. Network administrators were basically there to stop users
('lusers') doing stupid things, and Unix was designed with that purpose
strongly in mind. Microsoft needs to regularly sell new software with
new bells and whistles, *to schedule, not when it's ready*, and its job
is done once the computer manufacturer has pre-installed Windows.
Neither offers any warranty, but which approach would you objectively
expect to result in better security?
Remember with viruses, it's not just the number of infections that
matter, it's the rate of spread. If the common cold was likely to infect
less than one other person during the course of the disease, it would
not simply be extinct, it would never have evolved. Linux viruses exist,
bugs in Linux program exist, but if an infected installation is unlikely
to manage to infect another, the infection doesn't spread. There are
still machines infected with the Swen virus (though Demon finally seems
to have figured out how to spot the emails), but it will never again
spread because most machines are now immune.
It's not *just* the variation in Linux installations, not *just* that
few people run as root, not *just* that nobody has yet been stupid
enough to write a mail client like Outlook. Each of these things keeps
the loop gain well below unity, and it would take major changes in all
of them to make Linux viruses a problem. Immunity to such viruses simply
requires the user to get one of them right.
--
Joe