basic - continued

[Odd]

Rashkae wrote:
> Odd wrote:
> 
>> That is true, but at least a rootkit can't be installed. Anyway, I suppose
>> we'll need antivirus on Linux too, if regular users without the technical
>> knowhow starts using it in large numbers.
>>
> 
> The concept of anti-virus, and even anti-rootkit is badly broken.  I 
> know it's the best defence we can provide on Windows, where Users have 
> to be afraid of clicking on e-mail for $DEITY's sake, but the idea that 
> the only future for computer security is a perpetually infinitely 
> growing blacklist depresses me.

How about a whitelist then? Seems that would be a good solution.

> Security in Linux is a matter of being vigilant about relevant updates 
> to exposed systems and pipelining as much software installation as 
> possible through trusted repositories.  Yes, the repository can be 
> compromised, but I doubt anti-virus will really help here.  If someone 
> had the rare chance to infect a trusted repo, they would probably take 
> the time to craft/find an hereonto unknown infection agent.

Heuristic anti-virus could be of help in those cases.

But I think social engineering is by far the biggest security threat.

-- 
Odd