Mailinglist Archive: opensuse (3337 mails)

< Previous Next >
Re: [SLE] [OT] Another good windows glitch - like we needed another one.
  • From: kai <kai@xxxxxxxxxxxxxxxx>
  • Date: Fri, 7 Apr 2006 08:27:47 -0700
  • Message-id: <200604070827.47170.kai@xxxxxxxxxxxxxxxx>
On Friday 07 April 2006 06:23 am, Chris Jones wrote:
> Is it impossible to write Spyware, Viruses, Malicious Software for
> Linux? Or is just that Microsoft is the favorite target?
>
> I keep my Windows firewall and anit-virus, anti-spyware programs up to date
> (all free ware) and I haven't had any problems.


Impossible...no. Linux is no less suseptible to buffer overflow exploits or
other code-related exploits than any other operating system.

However, the difference is this. Linux was designed from the ground up to be a
secure OS with multiple users sharing the same space and having to "play
nice" with each other. Windows NT was (and still is under the guise of
2K/XP/Vista) a single-user OS with some multi user features hacked in.

In order to do pretty much anything of value on a Windows system, you have to
run as the administrator equivalent. This is partially a result of the
design of windows and a result of programmers insisting on using HKey Local
Machine to write settings. To be fair to Windows, if you have everything
locked down tight, run proper firewalls, anti-virus, and don't let anyone run
as local admin - you should be more or less safe. However, most people just
run as admin, since that's the default. This allows virus writers more access
to your system and lets them create havoc to the unsuspecting public.

Since most linux distros (with the exception of Lindows/Linspire) highly
discourage running as root, this sort of thing doesn't happen. Even if a
virus were to get on your machine, the worst it could do was to infect your
files and not root's. Also it would be very difficult to spread, since your
privileges aren't supposed to be sufficient to accomplish such things.

This is an article I wrote on the subject last January. I probably should
revisit it.

http://www.perfectreign.com/modules/articles/article.php?id=2

Also here's a blurb on Windows vs. Linux security.

http://www.perfectreign.com/modules/articles/article.php?id=15

< Previous Next >