[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Wednesday 04 May 2005 2:13 am, Mark Mitchell wrote:
On 5/1/05, Neil Williams <linux@xxxxxxxxxxxxxx> wrote:Virus writers pick on Windows because writing a virus for Windows is trivial. Writing a virus for GNU/Linux is hard.This is all a contentious issue. I doubt that (in the end) Linux will be found to be entirely immune to viruses (or "virii" if you insist)
It is already known that exploits do exist in GNU/Linux but these are patched quickly and there is little excuse for systems not being updated.
and I think Linux users should at least acknowledge there may be reasons Linux doesn't have this problem aside from inherently better security.
Of course security is not complete - GNU system admins need to be on the watch for rootkits and network attacks, systems can suffer at the hands of a successful Windows attack via DDoS, systems are attacked directly - all manner of threats need to be considered. However, the fact remains that it is difficult to infect a GNU system, it is difficult to disseminate that infection within a GNU system and it is more difficult to then spread that infection to another GNU system. It's not impossible, just a lot more difficult. This comes through in the figures as a lower overall threat because if an attack cannot spread easily or quickly, there is ample time to apply the fix and halt it completely. Windows, historically, has suffered from slow acceptance of a problem, slow provision of the fix and rapid spread of the attack. Overall, GNU has a history of rapid acceptance, rapid provision of fixes and slow spread of attack. This is responsible for a large part of the difference in how easy an attack can be on Windows compared to GNU.
For example, one possible reason virus writers tend to pick on windows is that if you're going to write a virus you might as well write it to infect the most widely used OS.
If GNU/Linux was more common than Windows, attacks would increase but the success of those attacks would be diminished compared to the present with Windows so dominant - as a direct result of the fundamental differences in the security handling of each OS. Of course, if Apache suffers a bad exploit then a large number of systems are affected - but generally systems use dissimilar programs in dissimilar ways on disparate filesystems. That makes it much harder to exploit on a large scale. Don't make the mistake of thinking that Windows' problems are down to increased market share - it's down to poor design and poor implementation. Market share just means that attacks spread over a larger area - the speed of the spread is determined not solely by the number of machines but how easy they are to identify, attack and co-opt. Also don't confuse exploits with attacks. Just because an exploit exists, it does not mean an attack is possible or that an attack would be capable of spreading to another machine. The problem for Windows has always been this spread - historically it has been far too easy to infect one Windows machine from another. This has nothing to do with users - some of the most damaging malware on Windows attacked servers and spread between Windows servers. -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/
Attachment:
pgp86rfhWne7u.pgp
Description: PGP signature