Re: Debunking the "Linux can't have viruses" myth ...
From: Rick Moen (rick_at_linuxmafia.com)
Date: 11/24/04
- Next message: paul Morriss: "Re: GPG/PGP Usage"
- Previous message: Rick Moen: "Re: Debunking the "Linux can't have viruses" myth ..."
- In reply to: Sundial Services: "Re: Debunking the "Linux can't have viruses" myth ..."
- Next in thread: Rick Moen: "Re: Debunking the "Linux can't have viruses" myth ..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 24 Nov 2004 00:49:20 GMT
Sundial Services <info@sundialservices.com> wrote:
[I'm-the-victim special pleading, ignored]
> By the selfsame arguments, Windows is secure too. If you know how to
> set it up, Windows can be very secure indeed.
To repeat: No, it cannot -- because of fundamental design and
implementation flaws that cannot be corrected by admins.
But that is completely out of scope for this newsgroup, so we are not
going to go there. In case you wish to do so anyway, followups have
been set accordingly.
> As shipped by the vendor, Linux systems today .. in the hands of a neophyte
> .. are inherently more resistant to viruses simply because the ordinary
> user is not "root."
No. To repeat yet again, that is _not_ the primary reason.
You can read a bit more on that subject at my recently updated
virus rant page: http://linuxmafia.com/~rick/faq/index.php?page=virus
> Yet a bogus e-mail could be sent with a carefully crafted content
> designed to look like it came from Red Hat, and a bogus RPM could be
> in it, and ... zip! ... in it goes.
Requires extreme stupidity to su to root and "rpm -Uvh" a package
received from a blatantly untrustworthy source.
To reiterate: When we of the Linux community encounter someone who goes
that far out of his way to sabotage the mechanisms carefully erected to
protect even naive admins, we tell them, not unkindly, "Wow, that's some
hole you shot in your foot. After you've bandaged it, would you like to
learn how to aim elsewhere?"
That is:
1. One maintains Red Hat using RNH/yum or apt-get, not by installing
RPMs that arrive as e-mail attachments from nowhere in particular.
Real updates are _never_ sent the latter way.
2. RH security advisories get sent to RH's security alert mailing list,
not to J. Random User's mailbox.
3. RH security advisories bear the GPG signature of the Red Hat
Security Team, thus verifying automatically on an RH box.
4. RH security RPMs -- received via proper maintenance mechanisms,
rather than via dodgy e-mail attachments -- are likewise GPG-signed
such that /usr/bin/rpm automatically checks them before being willing
to proceed.
Destroying your system is a learning experience pretty much all of us
have gone through, some of us many times. We've all been there, and so
will not be too harsh to people who blew their system security sky-high
by doing something unbelievably stupid like installing as root a
file-attached RPM, something that pretty much telegraphs in screamingly
painted, foot-tall letters "I'm idiot-bait". But we _would_ make sure
to make them realise that. Gently.
But all of this is news to you, because you don't know jack about the
subject but think your wacky suggestions have merit anyway.
> I obviously hit a nerve when I said "'Linux can't have viruses' is a myth."
> Didn't mean to.
"Nerve"? More like "We're tired of crappy, time-wasting straw-men
arguments posted by people who obviously know better."
You know better. Shape up, Senor Services, or get killfiled. You are
wasting our time.
- Next message: paul Morriss: "Re: GPG/PGP Usage"
- Previous message: Rick Moen: "Re: Debunking the "Linux can't have viruses" myth ..."
- In reply to: Sundial Services: "Re: Debunking the "Linux can't have viruses" myth ..."
- Next in thread: Rick Moen: "Re: Debunking the "Linux can't have viruses" myth ..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
