basic - continued

Rashkae ubuntu at tigershaunt.com
Sun Feb 7 16:18:00 UTC 2010


Odd wrote:

> 
> That is true, but at least a rootkit can't be installed. Anyway, I suppose
> we'll need antivirus on Linux too, if regular users without the technical
> knowhow starts using it in large numbers.
> 

The concept of anti-virus, and even anti-rootkit is badly broken.  I 
know it's the best defence we can provide on Windows, where Users have 
to be afraid of clicking on e-mail for $DEITY's sake, but the idea that 
the only future for computer security is a perpetually infinitely 
growing blacklist depresses me.

Security in Linux is a matter of being vigilant about relevant updates 
to exposed systems and pipelining as much software installation as 
possible through trusted repositories.  Yes, the repository can be 
compromised, but I doubt anti-virus will really help here.  If someone 
had the rare chance to infect a trusted repo, they would probably take 
the time to craft/find an hereonto unknown infection agent.  Same goes 
for significant zero day security exploits (which strangely enough, seem 
to be very rare in open source software.)

Having to rely on the blacklist software, even as a feel good safety 
blanket, means your security measures have already failed, badly.  Take 
for example the recent teacup storm about .Desktop files.  It took 
someone to actually create and publicize a proof of concept to get 
attention to the issue, but sure enough, next version of Gnome to 
release no longer executes commands at a click unless the file was given 
Unix execute permission, (which won't happen from, say, an e-mail 
attachment.)

Compare that to Windows.  It took Microsoft over 10 years, 10 years! 
before they finally admit that Autorun of executable code on media was 
maybe not such a great idea. (Just when you though traditional virii for 
computers were extinct with the obsolescence of boot floppies, they were 
given new life from this vector alone!)  of course, people have been 
saying that since Window 95 first introduced the 'feature.', but it took 
until some of their big government and corporate clients actually had 
their networks p0wned before they could be assed to admit it.  If you 
ever want an example about how serious MS is about security, and why you 
need two - three layers of memory hogging software protection to even 
think of using a windows workstation with access to a public network 
(ie, Internet), there is a great one.

And then there's Adobe,,,, if there's a company in my mind with a recent 
track history of being even more criminally negligent with the security 
of 90%+ computers in the word than MS, it's Adobe,,, but this rant is 
long enough already.





More information about the ubuntu-users mailing list