Hans Witvliet wrote:
On Wed, 2007-08-08 at 14:59 +0200, Joachim Schrod wrote:
James Knott wrote:
Hans van der Merwe wrote:
Why is this not an issue with anyone? Deleting a normal users data is a big thing. They consider the PC broken if their files disappear.
That's a minor issue, compared to some of the other things malware can do. Stuff such as stealing passwords and other personal info, spam generators, corrupting the entire computer etc.
Exactly.
As the CEO of a company that does security consulting, I can confirm that malware is not restricted to Windows in its effectivity. Windows malware volume is larger, but it's frightening to see the mindset "we're safe because we run Unix/Linux/MacOS/take your pick" that appears in many posts in this thread. We have been called quite some time to clean up security incidents with Unix systems (Linux included) at customers -- and these were folks with enterprise-level IT processes. I shudder when I think about the perceived security of private users. But obviously this real-life experience and the untold man-hours that were needed for cleanup can not happen because they must not happen.
Joachim
Indeed,
Some of the sites harbouring virii-collections have all sorts of virii that can do harm to linux systems, (When not configured & maintained properly)
Thankfully, these are a minute portion of all the worms, virii, backdoors or other evil stuff that has M$ as their target...
HW
For a real life example of a linux infecting site, Bruce Schneier
blogged this article:
http://www.schneier.com/blog/archives/2007/08/how_a_linux_ser.html which
mentioned the location of an infection site at:
http://83.19.148.250/~matys/pliki/
I'm afraid it's still live as of tonight. Believe me, they are around,
live and you do not want anything from there on your linux system.
*