Re: Hit by virus !? Help, please...
In foo.debian-user, you wrote:
> I'm curious about virii and Linux...
>
> Am I wrong to assume that Linux is not immune to virii (I don't even know if
> virii is a word - but it just sounds cool :) ? Obviously the security
> features of Linux can prevent some virii from affecting certain files on your
> system... but what about the boot sector? And what if you happen to be su'd
> or logged in as root when you get (and heaven forbid) execute an infected
> program?
>
> Is there a need for virus scanning software on Linux? My guess is Linux
> isn't a targe right now because of it's lack of market share - but as more
> users realize that Linux is better than Windows (imho), I would imagine that
> virus software will start appearing in our beloved OS as well.
Of course Linux is not immune from virii, but it does have many advantages.
As you pointed out, the smaller market share makes it less of a target
for the virus writers slaving away in the backrooms of antivirus software
companies.
Virii are written to be small, stealthy, and to spread without much helpful
human interaction. This becomes easier when you have a consistant
environment to operate in, such as that offered by the millions of
binary equivalent versions of Win95 and Win98 that clutter the desktops
of the world. With the diversity of the different GNU/Linux distributions
that exist, it becomes harder for the virii to hide/spread. Win9x is like
a 10-generation, inbred, backwoods, hillbilly family where a common
cold can be introduced and wipe out the whole clan. GNU/Linux has a much
more robust gene pool.
Because of the Unix security model, spreading of virii is harder. Notice
how many more viris warnings you see for Win9x than for NT.
Data files in GNU/Linux tend to be common ascii text. This would be much
harder for a virus to hide in than the corfortable, dark and damp interior
of a MSWord file. (data files are a common way for virii to spread)
Since GNU/Linux users are not conditioned to blindly run binary-only
programs, they are less likely to comply when they get that fateful
email with an attached executable and the spiffy subject line of
"Cool... run me. Fwd to your friends"
Also, I would hope that if antivirus software does become necessary
for Debian users, some smart people would step up and put the virus-cleaners
under a Free license, so we can use apt's auto-web-update capabilities
to sleep well at night.
-Mitch
Reply to: