Re: Does Linux have viruses?

To: debian-edu@lists.debian.org
Subject: Re: Does Linux have viruses?
From: Conrad Newton <conrad.newton@broadpark.no>
Date: Sat, 4 Dec 2004 00:52:46 +0100
Message-id: <[🔎] 20041203235246.GC8594@siisu.kleppe.newton>
Mail-followup-to: debian-edu@lists.debian.org
In-reply-to: <[🔎] 41B0F6E1.5010701@ntlworld.com>
References: <[🔎] 20041203230754.GA8594@siisu.kleppe.newton> <[🔎] 41B0F6E1.5010701@ntlworld.com>

>From Ben Higginbottom on Friday, 2004-12-03 at 23:29:37 +0000:
> Conrad Newton wrote:
> >
> >Up to now, the only formulation that I find reasonably satisfing is the
> >following:
> >
> >   Ask a Linux user when he or she last had a virus, and you will
> >   encounter only confusion:  although security experts agree that Linux
> >   _could_ have viruses (in theory), in practice I have never met a
> >   Linux user who suffered from one.
> >
> >This seems a little weak, but at least it is honest.  Many of the more
> >detailed discussions are completely unusable.
> 
> I've been using unix based/inspired operating systems for over ten 
> years, and have never had a virus or trojan (a much more serious problem 
> for linux than viruses). The only case of a virus infecing a *nix box I 
> got second hand from a LUG meeting. Someone with root access to a box 
> logged direcly into it as root, and then used evolution to read their 
> emails and was infected.

This is pretty interesting.  Do you know any more details?
The story is consistent with my picture of what could happen:
you read mail, mime calls a vulnerable program, and bang!

> In other words, the user screwed up.

Root access is dangerous of course, but normally I would not
blame the user for reading their e-mail!  What was the actual
point of vulnerability?

> One thing I've discovered since atrting to work full time with linux is 
> that no-one from a windows background I've met has a grasp on multi-user 
> operating systems. Not surprising given windows single-user background, 
> but that lack of a grasp means that they fail to understand that any 
> genuinely multi-user OS (not just linux) must have a radically different 
> security model than those with single user only, be that operating 
> system windows, BeOS, NeXT or even linux distros such as linspire.

Yes, so maybe a short security article should concentrate on this point
instead of discussing the highly theoretical possibility of viruses ...

> The fact that the Windows security model is inherently flawed is an 
> entirely different topic, and probably not relevant for getting your 
> point across.

My original plan for a security article was to never even mention
the word W....ws---just let the story speak for itself, and the
guilty parties will know who they are!  :-)

> BTW, congrats on your recent award.

Thanks, Conrad

Reply to:

Follow-Ups:
- Re: Does Linux have viruses?
  - From: Herman Robak <herman@skolelinux.no>
- Re: Does Linux have viruses?
  - From: Ben Higginbottom <ben.higginbottom@ntlworld.com>

References:
- Does Linux have viruses?
  - From: Conrad Newton <conrad.newton@broadpark.no>
- Re: Does Linux have viruses?
  - From: Ben Higginbottom <ben.higginbottom@ntlworld.com>

Prev by Date: Re: [debian-edu] Does Linux have viruses?
Next by Date: Re: Does Linux have viruses?
Previous by thread: Re: Does Linux have viruses?
Next by thread: Re: Does Linux have viruses?
Index(es):
- Date
- Thread