On Tue, Apr 29, 2003 at 02:50:02PM -0700, Michael Toomim wrote:
> Jose Carlos Garcia Sogo wrote:
> >On Tue, Apr 29, 2003 at 11:36:40AM -0700, Michael Toomim wrote:
> >
> >>Hylke van der Schaaf wrote:
> >>
> >>
> >>>I've seen several cases of users that messed up their system. But a main
> >>>reason there are no virusses for unix systems is that users are not root.
> >>>I don't think that should be changed...
> >>>
> >>>Hylke
> >>
> >>There are TONS of virii and worms on unices, and hackers seem to PREFER
> >>getting into unix machines over windows machines.
> >
> > WTF have you smoked?
> >
> > You must be referring to all those I receive in my inbox and can
> > delete without being automatically infected.
>
> I've had linux boxes broken into at least 3 times. I've never had a
> windows box broken into.
And how services are being runned in each one? Is the Linux one a net
server and the windows one a desktop box? Are you taking care of
installing security fixes? Are you taking care of closing services you
don't need to be provided to the Internet?
Security is something active.
>
> You think that the root/user separation somehow prevents virii from
> attacking unix machines? That's absolutely ridiculous! Virii and worms
> don't WANT root permissions. All they need to do is grab your address
> book (or whatever other list of contacts) and eat up your CPU trying to
> infect other computers. In fact, its probably easier to grab your
> address while running under your UID than it is running under root,
> since it's hanging out in your home folder.
Where do you get the software you run?
If you want, I can send you a file right now that can blow up your
machine. But damn! you shouldn't execute it!
The main prblem in Windows is that people is very used to execute
attachments they receive (also because they won't receive the code),
and that there are programs that execute things by themselves.
But if you get the software from verified locations (which usually
means Debian, as you can get 99% of the software there) you won't be
infected.
>
> The only difference between a multi-user system and a single-user system
> from a virus-protection perspective is that it's possible to infect
> multiple users simultaneously on a multi-user system. That'll *really*
> slow your workstation to a crawl. :)
How? I cannot infect another user in this machine, because I don't
have rights to do so.
> Why do crackers attack unix and email virii attack windows? The former
> want a server, the latter want a ubiquitous operating environment -- end
> of story. The root/user separation has nothing to do with why windows
> users are plagued by things like the I Love You virus.
Because a cracker is an intelligent person and a virus is a program.
--
Jose Carlos Garcia Sogo
jsogo@debian.org
Attachment:
pgpJV_8W883qy.pgp
Description: PGP signature