Re: good anti-virus software to use?
On Sat, Apr 22, 2006 at 09:09:49PM -0700, Michael M. wrote:
> Roberto C. Sanchez wrote:
> >Kamaraju Kusumanchi wrote:
> >>On Friday 21 April 2006 04:19, Johannes Wiedersich wrote:
> >>>Also linux viruses occur only very seldom -- probably because of linux's
> >>>different security approach.
> >>Could it be because there are less number of desktop users using Linux
> >No. It is because Linux was designed from the very beginning to:
> >- support multiple users
> >- have a sane security policy
> >- operate on (dangerous) public networks
> >OTOH, Windows was designed to:
> >- support a single user (not just at a time, but on the whole system)
> >- have no security policy whatsoever
> >- operate on Microsoft's also-ran version of AOL/CompuServe/Prodigy
> >Of course, you can look at Apache and IIS as good comparison. Apache
> >has 66+ % of the web server market (depending on how you measure).
> >However, the percentage of compromises/viruses/whatever are mostly
> >toward IIS. Also, even if Linux and Mac had only 1% of the desktop
> >market each, and there are (optimistically) about 30,000 windows
> >viruses, where are the 300+ Mac viruses and 300+ Linux viruses that
> >should be out there?
> >That says nothing of the server market, where Linux has much more than 1%.
> Honestly, Roberto, while I wouldn't dispute the basic contention that
> Linux and any other UNIX-based OS's are more secure by design than
> flavors of Windows, there is a smugness in the tone of your reply that
> bothers me. Most Windows malware that affects desktop users exploits
> security holes that Microsoft has already patched, in many cases months
> before the exploit appears. Windows malware is as successful as it is
> at least as much because of user inattention as because of any other
> factors. The typical Aunt Matilda Windows User is someone who hears
> "virus" and opens a can of chicken soup. Contrast that with the typical
> Desktop Linux User, who even if he or she is not a tech god/guru, is at
> least sophisticated enough to read some documentation, download and burn
> a bootable ISO, and install an alternative operating system. Aunt
> Matilda is only vaguely aware of what an operating system is, and has no
> idea that any alternatives exist.
> The point is that Linux users as things stand now are a self-selecting
> bunch, and as such are more aware of and informed about the basics of
> system administration and security than Windows users, who range from
> the savvy and sophisticated to ... well, Aunt Matilda. Were that not
> the case, I have yet to be convinced that Linux OS's would be more
> protected from being p'wned than Windows OS's. Surely you subscribe to
> Debian's Security Announcements? Surely you are aware of the hundreds
> ... no, thousands ... of vulnerabilities discovered in apps that are
> practically ubiquitous across most or all Linux distributions, including
> all of the most popular? Many of these vulnerabilities are every bit as
> dangerous and exploitable as anything that exists in the Windows world,
> many of these will cede control of (at the very least) your user account
> to any script kiddie who comes along. The difference is that these
> vulnerabilities are fixed and *the fixes are applied* in the Linux
> world, while the fixes are too often left unapplied in Windows. Any
> computer, no matter how well designed the OS that runs it, is only as
> secure as the person administering it. The fact that Windows is not
> terribly well designed coupled with the overwhelmingly uninformed
> Windows user base makes it a particularly attractive and easily
> exploitable target. But the better design of most Linux OS's would not,
> in and of itself, be enough to prevent much the same thing happening to
> Linux if or when its user base becomes equally as clueless.
Actually, installing security updates in Debian is a painless
activity. Not so in Windows. The so-called "security" fixes can
easily be a greater risk then the bugs they fix. A competent system
administrator for a Windows machine cannot afford to blithely apply
And that *is* a consequence of the emphasis on security -- or lack of it
-- in system design.