arachnid said:
The biggest threat to a Linux machine is a direct attack by a hacker on
that specific box. Hackers are usually after valuable financial,
corporate, and government databases (and the desktop machines that are
often the gateway to the database). Linux sysadmins religiously use
various intrusion detectors and kernel capabilities which by their nature
would also catch file changes due to viruses, spyware, etc. Being
open source, those same tools are readily available at no cost to home
users paranoid enough to care.
Well, my main point here was that it was being inferred that there is no
need for protection if you are running linux, when in fact there is. Open
source is available to hackers as well as the sysadmins.
Enough Linux desktop machines are tightly secured that it's simply not
credible that there are Linux viruses floating around out there that
haven't triggered someone's security system.
It is credible, just because you don't see it doesn't mean it doesn't exist.
We're talking users, not sysadmins here. You only need one unguarded
machine. There are plenty around that have no idea what is going on with
their systems. Linux and Vista are both tightly secured, but there are
already 'proof of concept' bugs for both.
"Prevention" is approached a little differently under Linux. Rather than
relying on A/V scanners to catch infections after the fact, the developers
issue immediate patches for any specific vulnerabilities that the virus
or worm needs to get a toehold. If the virus takes advantage of an
algorithmic weakness then the algorithms will also be changed so the virus
can't simply be tweaked a little and used again.
The number one way these vulnerabilities come to light is immediately after
a bug is written to exploit it. Like Window developers, they are re_acting,
not pro_active. One of the downsides of the many iterations of Linux is that
there is not one central developer releasing updates to protect them all.
You are beholden to the distributor of your version for assistance. While
Linux proposes to be a collaberative effort, it is often very devisive
instead.
This system works a lot better for Linux users than it would under Windows
because a) open source means that a single updater can cover all of a
user's applications as well as the core system; and b) we're more
comfortable enabling automatic updates because, unlike Microsoft, Linux
distributors don't abuse updates to shut down our systems, force
"features" on us that we don't want, or infect our machines with nasty
things like DRM, WGA(N), etc.
a) That's great provided the developer remains interested or involved and
has enough time to work for free. The hobbiest nature of the home user
distributions is one of the reasons Linux does not become more widely
accepted.
b) No doubt that some updates are pushed out unnecessarily. I dislike DRM,
WGA as much as you, but it is Microsoft's operating system to do with as
they please. If they displease enough consumers, the market will shift.
They're targeted less frequently because the channels by which malware
automatically spreads under Windows are very effectively blocked under
Linux. Email attachments aren't executed, the browser is a userland
application instead of being foolishly woven into the kernel, applications
in the consumer-oriented distro's are only installed from an approved
repository, etc. This will remain so no matter how much of the market
Linux gains in the future.
Study up on the changes made in Vista, much of which you just stated is
implemented in the Vista user experience. Also, it's funny how people
complain about proprietary software for Windows, yet in Linux you must also
get your applications from an approved repository.
I have a Windows/Mac comic based on the recent Apple commercials that goes
like this:
Mac: Hi, I'm a Mac. Obviously because I'm a young hip guy.
Win: And I'm the nerdy old loser, so apparently I'm a pc.
Mac: Yep, no thinly-coated subliminal imagery here at all.
Win: Whew, I don't feel well. I think I caught a virus. There were over
one-hundred thousand viruses for pc's last year.
Mac: Ahh, yeah. On pc's. Not on Mac's though.
Win: Wow, is that because Mac's have superior protection and antivirus and
stuff?
Mac: No, it's.....well....nobody even bothers trying to make viruses for the
Mac. I think they figure Mac users are suffering enough already.
Win: Wow, you can't even get negative attention. That's sort of depressing.
Mac: Yeah, I cry myself to sleep a lot....
Substitute Linux for Mac, as it's the same effect. Linux is not targeted, so
development of attacks and the search for exploits is not as far along as it
is for Windows. If the market shifts to a predominantly Linux environment,
you can be assured that the virus development will shift similarly and
quickly advance. To think otherwise is to turn a blind eye.
--
Best of Luck,
Rick Rogers, aka "Nutcase" - Microsoft MVP
Windows help -
www.rickrogers.org