Re: What protects Unices from Virus like attacks ??

From: Alan Connor (xxxxxx_at_xxxx.xxx)
Date: 08/24/03 

Date: Sun, 24 Aug 2003 20:57:42 GMT

On 24 Aug 2003 20:07:17 GMT, Gianni Mariani <gi2nospam@mariani.ws> wrote:
>
>
> qazmlp wrote:
>> Windows machines very often have virus/worm attacks. I am wondering
>> what protects all Unix machines from such similar problems.
>>
>> Thanks!
>
> If a vulnerability is found for Unixen, the same problems could happen
> (and they have in the past).
>
> Microsoft, ignored (I think with extreme negligence) many of those
> lessons. I met security engineers that were aghast at some of the
> "features" (read vulnerabilities) that Microsoft was placing in their
> products with arrogance when it started coming out with them. Many
> predicted this scenario and Microsoft completly ignored it.
>
> Unfortunately, Microsoft is learning the hard way about security and
> their customers are paying the cost. I'm surprised that a class action
> over this has yet to happen.
>
> I'm not an MS basher. I don't think that they're all evil. Some of my
> bestest friends are *softies and even they shake their heads on this one.
>
> However, unicies have some protections which Windows systems do not.
>
> a) Root privledges are unusual - a virus can't usually go messing with
> system libraries when a user loads malicious code.
>
> b) Unicies have been around longer. Unix developers are just more
> mature as to dealing with vulnerabilities.
>
> c) Listening on ports (1-1023) requires root provledges. Any user can
> open up a web server on port 80.
>
> d) Attachments to emails don't "just run" native code.
>
> e) The Unix protocols used are simple and it is difficult to do things
> like the blaster worm (not necessarily impossible).
>
> The reason why MS products are hit so hard is that they are both
> prolific and low hanging fruit. Many MS customers don't know what to do
> to keep their equipment safe. I've been hacked twice, both times I
> figured it out within minutes of the attack and immediatly removed the
> machine from the net. First time was due to ignorance ( and I had
> plenty of warning ) and the second time was an error I made (laziness)
> when I patched the vulnerability. Both of these exploits could have
> been used to create a nasty worm.
>
> The other thing that makes it more difficult for exploits against
> unicies is that each setup can vary widely. For example, the last hack
> I described, the hacker attempted to change my web page only he changed
> the wrong file altogether. So pissed he was that he deleted all the
> email on the server ... very annoying but he inadvertently left his
> tools behind which showd me just how they operate. Nasty stuff.
>
> So, unicies are not immune, it's just that MS has been so dumb on the
> security issue at huge risk of burden to their customers. I have no
> doubt that the MS engineers knew all along that this could happen but
> the ability to market a whiz bang product and capture market share was
> much more important than the potential costs to their customers.
>
> ... And they ain't seen nothin yet.
>
> On the positive, Microsoft is trying hard to close the barn door, even
> though the herd has already bolted.
>
> See:
> http://www.crn.com/sections/BreakingNews/dailyarchives.asp?ArticleID=43944
>
> The company has put in some security experts as gate-keepers to projects
> and priorities have been set.
>
> Many MS customers are just so annoyed that I think they are in desperate
> search of alternatives.
>
>
> ... I have no idea what I wrote such a rant. I must be bored.
>
>
>

I think you are ignoring the fact that a LOT of money is made from so-called

"accidental" security holes. Fighting viruses and worms and intrusions are

BIG business. Wouldn't you like to own some Norton stock? Billy does.

Haven't you noticed that when a hole shows up that M$ has the patch out
before the ink is even dry on the page? They KNEW it was there all along.

It's just another capititalist scam. And you can bet the same problems are
going to start showing up in the commercial linux distros. You know, the ones
where you can't tell without asking whether they are M$ or linux?

Alan C

 

Relevant Pages
Loading