Re: Anyone else notice that Swen is slowing down?
On Thu, 2003-10-02 at 07:17, ScruLoose wrote:
> On Wed, Oct 01, 2003 at 07:56:07PM -0500, Michael D Schleif wrote:
> > "Karsten M. Self" <kmself@ix.netcom.com> [2003:10:02:00:37:35+0100] scribed:
> > >
> > > Please share this knowledge. What executables are you awaree of
> > > affecting non-Microsoft systems which are in general circulation and
> > > which auto-execute on receipt by arbitrary systems in stock
> > > configuration?
> >
> > Seriously, I do understand and empathize with what you are saying.
> >
> > What I am saying is -- IMHO -- especially in light of the problems that
> > I have experienced with Swen, auto-executing virus/worms are only *part*
> > of the problem. Social engineering is often scoffed at as a real
> > threat; but, what we see with Swen is so real looking that people I know
> > have actually __manually__ clicked on those attachments!
>
> Of course, there's also the fact that since they run Windows, they are
> of necessity logged in with admin privileges *all* the time, so it only
> takes one click to install an executable that then has full access to
> the system, including network devices...
>
> > That kind of executable -- one that entices a user to click on it -- is
> > just as real a threat to non-Microsoft userland, that I insist that your
> > point is not all inclusive of the threats at hand. Simply because there
> > is not yet a major, far reaching virus/worm propagating primarily from
> > Linux boxen, does not rule out the existence of a threat . . .
>
> Most non-MS users are not likely to be logged in as root when they
> check the mail, so whether some virus auto-executes or entices them to
> click on it, the damage is generally going to be pretty well contained.
>
> It's going to take a _hell_ of a lot of social engineering to convince
> me to su, provide my root password, install and run some program that
> showed up in my inbox. No matter how pretty a message it's packaged
> in. Even assuming that the user getting the infected mail _has_ the
> root password.
>
> Besides, everything about MS seems designed to actively encourage
> clueless behaviour. The whole system is designed to placate the user,
> to deliver a message of "accept, don't try to understand." Given that
> starting point, social-engineering the user into blindly running one
> _more_ piece of completely mysterious code isn't gonna be too hard.
>
> Finally, given the long, rich history of dangerous code propagating on
> Windows boxes, the absence of _any_ example of a widespread,
> communicable nasty on _any_ other platform does seem to indicate
> something about the success of the different security models.
> Does it prove that there can never be a nasty virus for Linux? No. Of
> course not. But it definitely indicates a huge discrepancy in the
> _degree_ of exploitability of different systems.
>
I am guessing that the fact that most of these viruses etc. appear on
windows is more due to popularity then security.
The fact that it is also easier and thus every script kidy can patch up
a virus of of a couple of scripts found on the internet probably helps
also.
Linux is just not popular enough yet to entice script kidys and macs are
just to damn hard to program for (at list up to os9, don't know where
osX stands).
> At least, that's how it looks from where I sit.
>
> Cheers!
--
Micha Feigin
michf@math.tau.ac.il
Reply to: