On Tue, 08 Jul 2008 22:30:15 +0200, Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
The Tuesday 2008-07-08 at 19:41 -0000, Jim Henderson wrote:
I've run Linux boxes for *years* without on-access virus scanning. And no, I've never been infected. But that doesn't mean that it shouldn't be being worked on; there's enough proof of concept viruses out there (and cross-platform OO - for example - ones) that it's something that should be worked on.
The fact that someone created one shows that someone's exercising some forward thinking about this...Linux hasn't been a target because it's a small segment of the desktops out there. As the desktop market grows, the need will likely grow as well.
But you don't really need on-access-scan to protect linux from possible (future) viruses.
What you need to protect are the entry points to the computer: email, external disks, shared mounts... and some inteligence on the part of the user, like scanning downloaded software, manually if needed.
On access scanning, though, is a proven way of dealing particularly with removable media - rather than: 1. I put a USB key in the drive. 2. I scan the key 3. I use the data on the key This process is streamlined by: 1. I put a USB key in the drive 2. I access the data on the key; if it's infected, I get a notification of some sort and access is denied to the file until it's cleaned, usually with manual intervention. This is the workflow users of DOS, DOS/Windows, and Windows are familiar with. From a "let's migrate people to Linux" standpoint, keeping a technical workflow like this as similar as possible is a good thing. Telling the users "it's your responsibility to scan every file you open on your own, manually" isn't a good approach. After all, end users have demonstrated an inability to do something like this on Windows; we are talking about people who forward "Bill Gates will send you $1,000 if you forward this message along" messages thinking they really will get $1,000 for forwarding a message along. In an ideal world, we *should* be able to expect users to be smarter than that, but in the real world, we really can't. We don't treat other aspects of security lightly in Linux, so why *should* we treat viruses as less than that? I would also think that users would only install services they need on a system, but we still configure a firewall for them. We expect users to login with a username and a password - but we have added autologon for those who can't be trained to login. Etc, etc, etc. Jim -- Jim Henderson Please keep on-topic replies on the list so everyone benefits -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org