Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Debunking the "Linux is virus free" Myth

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
This topic is archived.
Home » Discuss » DU Groups » Computers & Internet » Computer Help and Support Group Donate to DU
 
RoyGBiv Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Feb-12-09 09:23 AM
Original message
Debunking the "Linux is virus free" Myth
Edited on Thu Feb-12-09 09:25 AM by RoyGBiv
I want to highlight this for a couple reasons.

First, the idea that any operating system is immune from malware infection is absolute rubbish (I'm looking at you, Mac OSX). Further, the idea that you can load up your system with a phalanx of security tools and overcome the deficiencies in the operating system is also rubbish. Indeed, the false sense of security one gets from all those notifying windows letting us know the Latest and Greatest anti-virus package is working can lead one to engage in ever more dangerous behaviors. This makes the malware author's job just that much easier and the risk of infection and losing your credit card and social security numbers to some script kiddie living in Siberia that much more the likely.

Second, if you're inclined to follow the link in this brief blog post to another that inspired it on how to write a virus for Linux, you can get a little insight into how all this works. Securing your system to the best of your ability involves checking your personal behavior. It's about developing good habits. Linux *is* a more secure operating system than Windows, as far as it goes. But the user-friendly desktop environment and the tools one uses to connect to a network or run a server or applications on that server are not. Each convenience or layer of complexity introduces exponentially more avenues for infection and more tools for the malware author to use to infect you.

A case in point described by these blog posts is the venerable e-mail attachment. Never, ever, ever, ever, ever just click on an e-mail attachment to run it. I don't care of Jesus Himself gets online, confirms his identity, and declares to the world that this is the e-mail to Bring World Peace and End Hunger ... if you just click this link. Don't. Do. It. This kind of thing supposedly cannot work under Linux. Well, that's just wrong.

Not so fast. Modern desktop environments, such as Gnome and KDE, conveniently offer a nice "workaround" called 'launchers'. Those are small files that describe how something should be started. Just a few lines that specify the name, the icon that should be displayed and the actual command to execute. Conveniently, the syntax of those launcher files is the same for Gnome and KDE. And those launchers don't have to have any execute permissions set on them! Desktop environments treat those files as a special case, so when you click on them Gnome or KDE will happily execute the command that was specified within the launcher description and without the need for the execute bit to be set on the launcher itself. Now we are getting somewhere!

http://www.cyberciti.biz/tips/debunking-the-linux-is-virus-free-myth.html


And do note that this is a Linux-centric blog posting this. That's the point. Wise computer users are not fanboys. They know or try to find out where the problems are and freely share the information with others.

Also note that if you read the comments, some are trying to parse this down into wordplay, which is just silly. "By definition, it's not really a virus he made ..." "That's more of a Trojan ..." "No, that's really a worm ..."

I don't care what you call it, and neither will you when your system has become the central zombie for a bot-net that's distributing kiddie porn to half of Asia without your knowledge.

Printer Friendly | Permalink |  | Top
Tandalayo_Scheisskopf Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Feb-12-09 10:07 AM
Response to Original message
1. Oh, you must be talking about...
The "Aaron Bruns" trojan. ;-)
Printer Friendly | Permalink |  | Top
 
RoyGBiv Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Feb-13-09 09:25 PM
Response to Reply #1
3. Heh ...

It would not surprise me if he tries to use a defense based on the idea his computer was infected with a trojan. That individual is pure scum.

And I'm just curious. Does *anyone* (other than him apparently) really think that if the folder where you keep files you don't want others to see isn't named !!OMGPORN!! that this really hides it?
Printer Friendly | Permalink |  | Top
 
hobbit709 Donating Member (1000+ posts) Send PM | Profile | Ignore Thu Feb-12-09 01:12 PM
Response to Original message
2. I keep telling people
ANY computer that connects to the outside world is vulnerable-doesn't matter what OS or type of computer.
Printer Friendly | Permalink |  | Top
 
RoyGBiv Donating Member (1000+ posts) Send PM | Profile | Ignore Fri Feb-13-09 09:31 PM
Response to Reply #2
4. Exactly ...

My uncle kept trying to corner me into telling him what the *best* anti-virus/anti-spyware package was, the point of which was to try to get me to admit something really expensive is better than free versions of similar software. He's pathological in his opinion that any software that is "free" is naturally inferior; however, he doesn't seem to have the same qualms about my "free" labor.

Anyway, fed up with the circular logic he kept using, I finally told him I'd found the best method available to secure his computer, but it cost a few grand at least. Excited by my admission, he wanted me to tell him what it was. I answered, I'll take a sledgehammer and beat your computer until it won't even spark. That's the expensive route, 'cause you'll have to replace the computer, and I assure your desk is going to have some issues afterward and that I'll break a window or three. Or, I'll unplug it from the wall. That's the free route. You decide which is better.

He has no sense of humor ...
Printer Friendly | Permalink |  | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view 
this author's profile Click to add 
this author to your buddy list Click to add 
this author to your Ignore list Thu Dec 26th 2024, 06:16 AM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » DU Groups » Computers & Internet » Computer Help and Support Group Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators


Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC