Anti Virus, now Anti Spy-ware
Bart Silverstrim
bsilver at chrononomicon.com
Wed Jun 18 19:54:55 UTC 2008
Dick Dowdell wrote:
> Pardon my failure to understand the invulnerability of Linux. I've only
> been doing this for 36 years. Yes, it is harder to crack into a Linux or
> Unix system. It is, however, not impossible. Anyone who underestimates the
> power of greed is naive. Right now, the cost vs. return equation promotes
> Windows as a target. Some of you may have noticed that Vista has been
> hardened quite a bit more than XP. Windows will not remain an easy target.
It may have been hardened, but it is softened once users find ways to
make it less annoying. I've had plenty of cases where poorly designed
software is demanded by users, and part of what I had to do was give
full access to system or program directories so they'd work properly. It
bypassed security, but it let the user get their work done. Best
practices out the window, but I still need the paycheck.
And as I previously pointed out; if you start running through every
scenario of how your data could be stolen, cracked, monitored or broken,
is there a guide on how to keep the ninjas from stealing your CPU when
you're out of the house? Mine's wired with motion-activated explosives,
but I had to put the desk on motion dampeners in case there's an
earthquake, but there's also the matter of the faraday cage to act as an
RF shield around the system to keep the satellites away...wouldn't want
George W. knowing what youtubes I watch :-)
> If you're attacked through your browser, your user space can be
> compromised. If your user space is compromised and you use sudo or su, root
> privileges could ultimately be compromised. As the power of browsers
> increases, so does their vulnerability. Attaching malicious code to a
> browser plug-in could cause a severe decrease in your bank account or a
> serious increase in your credit card balance---without even touching Linux.
That sounds like a very targeted attack vector worthy of Rube Goldberg.
I would point out that part of that thinking is that it comes from
Windows; Windows uses an HTML rendering engine that is intertwined among
IE, Outlook/OE, and the Explorer interface, so a vulnerability there
will spread to all of them. Linux distros tend not to have such a
generous design...another reason I say that Windows has a flawed
architecture, and a point that I don't think many of the "windows is
popular so it's a target, Linux will be targeted just as much if it were
as popular too" crowd doesn't seem to understand.
More information about the ubuntu-users
mailing list