[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Spyware / Adware

On Tuesday 31 August 2004 13.30, Volker Tanger wrote:


> Yes and no. When surfing as normal user *ware programs cannot install
> themselves as system services or overwrite programs simply as you/they
> do not have the (file) permissions to do so.

Technically, for most purposes, malware installing itself into an 
unprivileged user account and automatically starting itself through 
~/.bashrc or whatever is entirely possible, especially since most malware 
these days seems to be used only as a base for DDOS attacks (including 
sending spam), so no special privileges are necessary here. (And KDE and 
Gnome are currently catching up nicely in the number of little useful (?) 
daemons that are started on a desktop machine.)

Windows currently having >90% of the desktop market protects Linux and other 
systems currently: malware could not propagate fast enough. Also, most 
email clients don't offer to execute arbitrary email attachments. OTOH, I 
wouldn't trust the Javascript implementations in the Linux browsers any 
more than I trust the Javascript implementation of IE.

Another thing that protects Linux systems: heterogenity. Binary exploits 
usually only work properly when a program is compiled and linked with 
specific compiler and library versions -- with different versions, all you 
get is a crash (which does no real harm in most cases). I think there are 
far more different Linux versions out there than there are Windows 
versions, so I *think* that even with Linux becoming a more attractive 
target, you'll never get a single malware spreading with a speed comparable 
to what's happening in Windows today.
-- vbi

According to my calculations the problem doesn't exist.

Attachment: pgpaL_nUD146c.pgp
Description: PGP signature

Reply to: