LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices



Reply
 
Search this Thread
Old 08-07-2005, 07:15 PM   #1
jaz
LQ Newbie
 
Registered: Apr 2004
Location: midwest
Distribution: fedora core 1
Posts: 12

Rep: Reputation: 6
First Family of Windows Vista viruses unleashed


First Family of Vista viruses unleashed



I knew it wouldnt be long before someone found a way to break the new OS.

-------------------------------------------------------------------------------------------------------
The viruses were written by a hacker calling himself "Second Part To Hell," and published on July 21, just days after Monad was publicly released by Microsoft, according to Mikko Hyppönen, chief research officer with Helsinki's F-Secure. Second Part To Hell is the pseudonym of an Austrian-based hacker who also goes by the name Mario, Hyppönen says.

Because of its sophistication, the new command shell offers new opportunities for hackers, Second Part To Hell wrote in the tutorial, a copy of which was obtained by the IDG News Service. "Monad will be like Linux's BASH (Bourne Again Shell)--that means a great number of commands and functions," he wrote. "We will be able to make as huge and complex scripts as we do in Linux."
-----------------------------------------------------------------------------------------------------
PC WORLD
 
Old 08-07-2005, 07:21 PM   #2
craigevil
Senior Member
 
Registered: Apr 2005
Location: OZ
Distribution: Debian Sid
Posts: 4,734
Blog Entries: 12

Rep: Reputation: 457Reputation: 457Reputation: 457Reputation: 457Reputation: 457
Hehe that took a long time. Let the avalanche begin.

Yep windows is more secure than Linux. Sure it is.
 
Old 08-07-2005, 07:54 PM   #3
cs-cam
Senior Member
 
Registered: May 2004
Location: Australia
Distribution: Gentoo
Posts: 3,544
Blog Entries: 4

Rep: Reputation: 56
Quote:
Yep windows is more secure than Linux. Sure it is.
More to the truth of the matter, Windows is a larger taget than linux.
 
Old 08-07-2005, 08:03 PM   #4
jaz
LQ Newbie
 
Registered: Apr 2004
Location: midwest
Distribution: fedora core 1
Posts: 12

Original Poster
Rep: Reputation: 6
RE:

Quote:
Originally posted by cs-cam
More to the truth of the matter, Windows is a larger taget than linux.

that is true - you knew someone would be out there trying their darnest to find vuneralbilities and they succeeded.
 
Old 08-07-2005, 09:46 PM   #5
J.W.
LQ Veteran
 
Registered: Mar 2003
Location: Milwaukee, WI
Distribution: Mint
Posts: 6,642

Rep: Reputation: 69
My 2 cents -- by default Linux actually is more secure than Windows, and the size of the target is irrelevant. Look at this list of the most stolen cars. Are they the most popular or best selling cars? No. If the size of the target mattered, then the best selling cars would by definition also be the most stolen cars, as they are the biggest target. That's not the case though.

Windows suffers from viruses because it is poorly designed, and as such, creating a successful malicious virus is not all that hard to do. In contrast, creating a successful malicious virus in Linux would be extraordinarily hard to do, because it implements better user permissions. Could Windows be made just as secure as Linux -- Yes, of course it could, but that's not the way it is for 99% of the installations out there, which simply run with Admin privs 24/7. -- J.W.
 
Old 08-07-2005, 10:05 PM   #6
Mega Man X
Guru
 
Registered: Apr 2003
Location: ~
Distribution: Ubuntu, FreeBSD, Solaris, DSL
Posts: 5,339

Rep: Reputation: 63
First, I found peoples who create virus and other things like that, no less criminals then a terrorist. Invading peoples privacy and destroying private and sometimes valuable information is a crime and they should be punished. Thanks for those "rebels", there's a huge, expensive marketing around Windows just surviving thanks to them. If what they want is to make a rebellion against Microsoft, they should know that Windows is not getting any cheaper or less used thanks to them, but on the contrary.

"Anti-Virus" should not be a program. It should be a corporation like CIA or FBI that should hunt down and give life-time charges for those bastards.

Also, I found a lot of virus being spread that should be blocked right before it reaches my computer, say, increased security with ISP.

Windows can be as secure as Linux, say, creating limited user accounts, but its usability drops way to much. Not because of Windows flaw though, but the way programmers create applications for Windows. Take as an example, Winamp. Running Winanp as non-admin account in Windows will make it crash, if at all opens. That's because the program is poorly designed and will only run as admin. Take other applications as The gimp or Open Office and you will notice that the same won't happen.

I seriously don't know who is the most evil out there: Virus programmers (AKA fat-asses-virgem-geeks) who needs to get a life, peoples making money from virus (as Norton or Macfee), my ISP for charging me 50 bucks/month and not offering any security (besides blocking a few ports, so I can't run servers on standard ports), Windows programmers because, well, they don't know how to program (and charge for simple things as text editors or fill it up with spy-crap).

Whoever the most evil mind is, one thing is for sure, Microsoft is the less evil of them... IMHO

Last edited by Mega Man X; 08-07-2005 at 10:07 PM.
 
Old 08-07-2005, 11:08 PM   #7
cs-cam
Senior Member
 
Registered: May 2004
Location: Australia
Distribution: Gentoo
Posts: 3,544
Blog Entries: 4

Rep: Reputation: 56
Quote:
Originally posted by J.W.
My 2 cents --
<snip>
. -- J.W.
That's not exactly how I meant it. I agree with all your points but by saying Windows is a larger target I meant Windows is more targetted, my fault for not being clear enough. By Windows being more targetted, I mean that while there are people writing these sort of things for Windows because the target audience is larger and they mostly are script kiddies so it's a spray n' pray kind of scenario, there are also those leet* Microsoft haters out there that will be writing Windows viruses out of spite.

* denotes sarcasm
 
Old 08-07-2005, 11:12 PM   #8
J.W.
LQ Veteran
 
Registered: Mar 2003
Location: Milwaukee, WI
Distribution: Mint
Posts: 6,642

Rep: Reputation: 69
Agreed on that, cs-cam. Regards -- J.W.

*Thx for being contributing LQ'er!
 
Old 08-08-2005, 06:25 AM   #9
jonaskoelker
Senior Member
 
Registered: Jul 2004
Location: Denmark
Distribution: Ubuntu, Debian
Posts: 1,524

Rep: Reputation: 46
to Megaman X:

Well, I don't know how to say this nicely, so I'm gonna be totally blunt:

One should take responsibility for one's choices. You choose to run windows, knowing the risks. Unless your contract with your ISP includes censorship (i.e. blocking certain content/ports/...), don't blame 'em for not providing it.

You're right: forcing/sneaking/... (note: didn't say writing) malware upon somebody is a bad thing to do. But you can't just scream and shout and then expect not to get affected.

We live in the world we live in, adjust yourself to that world until (`if') you have adjusted the world to you.

my two cents --Jonas
 
Old 08-08-2005, 06:27 AM   #10
jonaskoelker
Senior Member
 
Registered: Jul 2004
Location: Denmark
Distribution: Ubuntu, Debian
Posts: 1,524

Rep: Reputation: 46
Regarding strength (i.e. weakness) in numbers:

grep myth http://www.theregister.co.uk/securit...dows_vs_linux/

--Jonas
 
Old 08-08-2005, 10:39 AM   #11
stabile007
Member
 
Registered: Sep 2003
Location: Philadelphia, PA
Distribution: Ubuntu, Gentoo
Posts: 74

Rep: Reputation: 15
Meh the inherit reason for creating a virus is to cause as much trouble as possible. The Windows Desktop OS has the largest market share somewhere in the realm of 90%. Now if I am a virus writer what would I write a Virus for? An OS a few million people use with the possibility of only a 1% infection rate thus only 1000 people get effected or do I target 1,000,000,000 people where a 1% infection rate targets 1,000,000 people? SInce the purpose of the virus is to make a large amount of trouble and see how much damage one can cause if I was writing a virus I would write it for the one with the largest possible infection rate. That article is flawed because it focuses on servers which inheritly are going to be more secure then John Smiths's home PC, and if someone wanted to deliberatly damage a website I don't think it matters what server system they are running the person will find a way through. Same for viruses if someone wants to make a nasty virus it doesn't matter how secure the OS people claim it to be they will manage a way to do it.

Biological viruses are the same way which had the bigger impact: A virus that broke out in the middle of no where in Africa wiping out a small village that barely anyone knew existed or the SARs virus which spread through major cities like wildfire? Who do you think were better prepared for a viral outbreak? The village who probably has a no medical model or the major cities whith their many hospitals and organized Disease control Centers?
 
Old 08-08-2005, 11:07 AM   #12
jonaskoelker
Senior Member
 
Registered: Jul 2004
Location: Denmark
Distribution: Ubuntu, Debian
Posts: 1,524

Rep: Reputation: 46
stabile007:

While you're right than most servers are more secure, that argument applies to both proprietary (i.e. M$) as well as free (i.e. GNU/Linux, Apache, ...) software.

You're right in (implicitly) claiming that what applies to web servers isn't directly transferable to OSes; however, M$ is known to have a worse security track record than free software (GNU/Linux in particular).

Also, I think (i.e. guess) that your argument is fallacious: the infection rate on M$ systems would be higher (dare I say *much* higher) than on GNU/Linux systems. Once GNU dominates the market (when, not if), we'll be able to harvest empirical data supporting my theory: there is no strength (or weakness) in numbers.

Biological viruses are a totally different beast, and I don't think comparisons mean much.

my two cents --Jonas
 
Old 08-08-2005, 11:12 AM   #13
phil.d.g
Senior Member
 
Registered: Oct 2004
Posts: 1,192

Rep: Reputation: 101Reputation: 101
Quote:
Originally posted by J.W.
My 2 cents -- by default Linux actually is more secure than Windows, and the size of the target is irrelevant. Look at this list of the most stolen cars. Are they the most popular or best selling cars? No. If the size of the target mattered, then the best selling cars would by definition also be the most stolen cars, as they are the biggest target. That's not the case though.
If I were to steal a Ford Fiesta (currently the best selling car in the UK - according to Society of Motor Manufacturers and Traders) then it ain't going to affect any other Ford Fiesta. If I were to write a virus that affected my personal Windows XP machine chances are it can affect every other Windows XP machine out there unless it exploits a security hole in a rare piece of software. I'm afraid this argument's invalid.

The reasons for stealing a car are very different to those for writing a virus therefore the target audience will be selected due to different factors. for example off the top of my head a ford fiesta and a peugeot 106 are parked next to each other - similar sized car, similar performance but the fiesta is the UKs best seller and the security on the 106 is the UKs worst (don't know if this is true or not) which am I going to steal the more popular or the one thats easier to rob?

Similarly - I'm going to write a virus to annoy people, why else are viruses written? Am I going to choose Linux, not very widely used or known or the most popular OS in the world?

EDIT, I am not saying Windows is as secure as Linux, but the fact that it is the most popular OS is one of the many reasons why it is more targeted then Linux

Last edited by phil.d.g; 08-08-2005 at 11:16 AM.
 
Old 08-08-2005, 11:16 AM   #14
stabile007
Member
 
Registered: Sep 2003
Location: Philadelphia, PA
Distribution: Ubuntu, Gentoo
Posts: 74

Rep: Reputation: 15
Well the analogy would be wrong if the goals of both types of viruses were not the same. To replicate itself as much as possible regardless of the damage caused. And if a virus broke out in the linux community and 1000 PC's were infected and a Windows Virus broke out at the same tiem and infected 1,000,000 computers which do you think would have a bigger impact? Its the same for my virus analogy if a virus wipes out a small african village no one cared about but veryone died does the rest of the world really notice? Maybe the CDC but thats all. Now if a different virus not so fatal but still dangerous breaks out like oh say SARs in an area populated with 1/3 the world population like oh say China..... which do you think would people take notice to more?

basiclaly what I am saying is in order to ensure a larger impact the virus writers will target the largest group. And since thats the only reason for a virus is to cause trouble who else is the virus writer going to target?

Also its amusing if MS trys to release a patch fixing a vulnerability people moan and bitch at MS saying how "See how its insecure they had to issue a patch to fix a problem that shouldn'thave been therein the first place" the linux kernel has a flaw and they create a patch to fix that and people are like "See open source works we have a hole and we fixed it" there just exists a double standard. I am sure linux is more secure then windows however if it were as close as popular as windows was I doubt we would see it being any less violated by viruses.
 
Old 08-08-2005, 01:07 PM   #15
Megamieuwsel
Member
 
Registered: Sep 2002
Location: Haarlem , the Netherlands
Distribution: VectorLinux SOHO 5.1
Posts: 465

Rep: Reputation: 35
Stabile007 , I'm gonna use your own reasoning to debunk your own point:

What causes a bigger impact ; a couple of thousands of PCs on "average Joes' desks" or a few hundred important Servers , on which millions of PCs are relying?...
Were I a virus-writer , in search for "The Biggest Bang" , I'd be targetting the biggest SERVER-OS , to make the biggest impact.
And those are not MS-Servers.....

Yet , that doesn't happen.
Any notion why?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
OT: Windows Vista dudeman41465 General 44 12-24-2007 01:47 AM
Windows Vista (formerly Longhorn) jaz General 39 02-19-2007 09:27 PM
First Windows Vista (Longhorn) Virus xpression General 8 07-21-2006 07:51 PM
Now THIS is a good reason to avoid Windows Vista... Megamieuwsel General 34 10-15-2005 12:34 PM
Windows Vista is out! futurist Linux - General 8 09-09-2005 11:33 PM


All times are GMT -5. The time now is 05:29 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration