[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Tuesday 14 March 2006 10:32 am, Tony Sumner wrote: > On Mar 14, 2006, Paul Sutton was like: > > to promote decent software that does > > not suffer from this constant virus, spyware, nonsense > > Is this because virus writers target Windows systems That's why there are the most *attempts* to breach Windows, however the reason why there are so many *successful* breaches in Windows is down to the Windows internals. e.g. Having a house in a high crime area means that you are more likely to have burglars attempting to enter the property. It is, however, possible to secure the property such that the vast majority of attempts are deterred or prevented. It is also possible to ensure that even if the burglar breaches the first line of defence, that they are unable to penetrate further into the property - maybe allowing a determined burglar into the garage but not into the home. As with all security, social engineering is still the most common way to penetrate security. i.e. an inside job. You persuade, bribe or force someone who has *legitimate* access to let you in. e.g. the recent cash depot raid. > Would this > be different if the majority of the systems in the world ran Linux > and we got targeted? Yes. Of course there are vulnerabilities - gnupg had one recently - but the key word there is *had*. Debian unstable/testing users and others who are reasonably up to date, didn't even need to do anything. The vulnerability was announced two days before the fixed release entered Debian. (You need v1.4.2.2 if you want to check.) > For example is it possible that I have received > an attachment that contains a virus but I don't notice because it > won't run? Yes. Even if it was a bash script, your email client wouldn't actually run it by default. Even if you select to open it, it opens it as a text file, not an executable script because permissions are not preserved in the email and the default umask is NOT to execute. That's what I mean about Windows executing arbitrary files - the default is to execute everything and that is simply dangerous. If I send you sillyimage.jpg.sh, a GNU email client won't pretend it's a .jpg, it'll look at the content and realise it's a text file. Windows users sent sillyimage.jpg.exe will just see the .jpg. Lunacy. Sure, this can be turned off, but why is it on by default? If it's a default for Explorer windows, why is that inherited in the email client? (Duh! because some dunce thought it would be good for email to be processed by the same libraries as Explorer!) > Then again we run all sorts of different versions and > different mailers so the virus would have a hard time finding the > addressbook. I have heard people defend Windows on the grounds that > it is a de facto standard so everyone is doing the same thing and > maybe this is what makes them vulnerable. No. The principle reason is that if you send a .pif, .scr, .exe, .bat etc. to a Windows user, when they "open" the attachment it doesn't open in a text viewer, it EXECUTES. > Interesting program on the radio yesterday about viruses. Took me back > a few years. Do you remember the Italian virus -- that put a bouncing > ball on the screen? The only virus infection I ever had was "Fireworks" on Win98SE. Innocuous but taught me a lesson. -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/
Attachment:
pgpP0xBcmkzNB.pgp
Description: PGP signature