Re: Anyone else notice that Swen is slowing down?
Well, to respond to the subject first: No, Swen is definately not
slowing down here... And my attempt to install amavis/clamav was a bit
of a failure, so I'm seeing a lot of crap...
On Thursday 02 October 2003 06:17, ScruLoose wrote:
> Most non-MS users are not likely to be logged in as root when they
> check the mail, so whether some virus auto-executes or entices them
> to click on it, the damage is generally going to be pretty well
> contained.
>
> It's going to take a _hell_ of a lot of social engineering to
> convince me to su, provide my root password, install and run some
> program that showed up in my inbox. No matter how pretty a message
> it's packaged in. Even assuming that the user getting the infected
> mail _has_ the root password.
Well, a virus like Swen wouldn't need root access to spread. I don't
know what Swen does to a Windows machine (and I don't care, I haven't
got any), but just to annoy people with enormous amounts of e-mail,
someone could imageinebly write a perl script with its own SMTP-engine.
If a non-priviliged user was fooled into executing the perl script, it
could still spread to any platform with Perl installed.
Indeed, it is unlikely that such a virus would make any significant
impact on the system, unless of course, it was then able to exploit a
local vulnerability to gain root (or gid 'games', I love those
upgrades! :-) ). However, most users have their most important
documents in their home dir anyway, so a virus deleting those would do
real damage anyway, and it would do real damage to Linux' reputation as
being more secure.
Scenario: A perl script deleting all the files in the homedir of
infected users, spreading to all the contacts that is in user's
addressbooks. This would likely include all the homedirs of all the
users in an organization:
PHB: Sysadmin, what's happening?
Sysadmin: A simple virus. It didn't damage the system, we're running as
normal.
PHB: What do you mean, didn't damage the system, it deleted all my
files!?!
The PHB is not going to care a lot for the integrity of the system once
his files are all gone, his perception of damage is going to be very
different from yours.
>Besides, everything about MS seems designed to actively encourage
>clueless behaviour.
I agree, and this is the major point that we have to ensure as MS
marketshare starts dropping and we start taking over the desktop, Linux
users are more clued. A company starting migration to Linux must
realize that for their own security, they have to train their employees
better than they did with MS systems.
Anyway, I think the main technical strength lies in that a lot of
seemingly unimportant fixes are given attention, so that there will not
exist many possibilities to execute code unless the user knows about
it.
Cheers,
Kjetil
--
Kjetil Kjernsmo
Astrophysicist/IT Consultant/Skeptic/Ski-orienteer/Orienteer/Mountaineer
kjetil@kjernsmo.net webmaster@skepsis.no editor@learn-orienteering.org
Homepage: http://www.kjetil.kjernsmo.net/ OpenPGP KeyID: 6A6A0BBC
Reply to: