Re: Debunking the "Linux can't have viruses" myth ...

From: Sundial Services (info_at_sundialservices.com)
Date: 11/24/04 

Date: Tue, 23 Nov 2004 18:44:09 -0500

Rick Moen wrote:
> Still flogging the straw man? Or do you think we're all more than a bit
> dim?

Not at all. But here's the counter-argument... hear me out _without_
jumping to the conclusion that I'm a troll, or calling anyone dim, or
trying to start a flame war. :-O

By the selfsame arguments, Windows is secure too. If you know how to set it
up, Windows can be very secure indeed. Trouble is, as shipped by the
vendor none of those security mechanisms are in place, and the owner/user
of the system does not posess sophisticated knowledge, and thus there are
millions of systems out there which are (needless) sitting ducks.

As shipped by the vendor, Linux systems today .. in the hands of a neophyte
.. are inherently more resistant to viruses simply because the ordinary
user is not "root." Yet a bogus e-mail could be sent with a carefully
crafted content designed to look like it came from Red Hat, and a bogus RPM
could be in it, and ... zip! ... in it goes. The user would have to enter
a password and it would be the /root/ password and so we have an "all or
nothing" authorization going on. Because we have two security levels:
all, or nothing. If users are aware of "wheel" and of groups (which of
course could be used as a foundation for a stronger and more defensive
system-update technique), then of _course_ they could employ them to set up
an even-more-defended system. But my premise presupposes that they don't.

I obviously hit a nerve when I said "'Linux can't have viruses' is a myth."
Didn't mean to.

Quantcast