Re: Does Linux have viruses?

To: debian-edu@lists.debian.org
Subject: Re: Does Linux have viruses?
From: Conrad Newton <conrad.newton@broadpark.no>
Date: Sat, 4 Dec 2004 11:53:30 +0100
Message-id: <[🔎] 20041204105330.GC13759@siisu.kleppe.newton>
Mail-followup-to: debian-edu@lists.debian.org
In-reply-to: <[🔎] 20041204013330.GA14902@bzzware.org>
References: <[🔎] 20041203230754.GA8594@siisu.kleppe.newton> <[🔎] 20041204013330.GA14902@bzzware.org>

>From Finn-Arne Johansen on Saturday, 2004-12-04 at 02:33:30 +0100:
> On Sat, Dec 04, 2004 at 12:07:54AM +0100, Conrad Newton wrote:
> > While it is clear that it is *much easier* to write viruses for Windows,
> > it does not seem altogether *impossible* that it could be done for
> > Linux, too.  Unfortunately, "much easier" is not easy to quantify, and
> > therefore open to dispute!
> 
> Yes, I've heard (rumors) about viruses that will attack Linux. But
> lets start the other way around. 
> 
> Lets start with personal experience: 
>
> <long discussion of server security>
> 
> Lesson learned: 
> - Dont run services you dont need availible from the outside. 
> - Security patch as soon as the patch is availible. Set your servers to
>   check for patches at least once a day.  
> 
> Okay, what about if I dont have anything open to the outside - then I'm
> safe ? 

Right, this is the issue I care about.  We know that servers are
problematic, but suppose I have a family situation (no hostile users,
only ignorant users), operating behind a well-configured firewall . . . 
how safe are they?

> - Well, you have the users on the inside. They may comprimise your
>   system, for not so long ago there was a bug that would cause the
>   kernel to lock up 100% of the kernel. BTW I think
>   debian-edu/Skoleinux was one of the first "distros" to patch this
> - The webbrowser could have a bug in the way it handle some pictures
>   that could make it possible to execute an app and start a
>   hole/backdoor
> 
> Still here the cure is Update with the latest security patch as soon as
> it's availible. 

This is a hostile user scenario.  What if there are no hostile users?

> Okay, is this worse with Open Source Software than with Closed Source
> Software. Well, I dont trust black boxes. you never know what they are
> running. 

In the future, we have to assume that most people _will_ be running
black boxes.  So we have to make them as safe as possible.
Your emphasis on frequent security patches is undoubtedly a good one.
With the numbers of broadband users constantly increasing, it becomes 
more realistic for the black box to update itself on a regular basis.

Conrad

Reply to:

Follow-Ups:
- Re: Does Linux have viruses?
  - From: Finn-Arne Johansen <faj@bzz.no>

References:
- Does Linux have viruses?
  - From: Conrad Newton <conrad.newton@broadpark.no>
- Re: Does Linux have viruses?
  - From: Finn-Arne Johansen <faj@bzz.no>

Prev by Date: Re: Does Linux have viruses?
Next by Date: Sarge Prereleases for Debian-Edu
Previous by thread: Re: Does Linux have viruses?
Next by thread: Re: Does Linux have viruses?
Index(es):
- Date
- Thread