The future of Linux viruses
 

+--------------------------------------------------------------------+
| Korean Mozilla Binaries Infected |
| from the caught-with-their-pants-down dept. |
| posted by CmdrTaco on Wednesday September 21, @09:40 (Mozilla) |
| http://linux.slashdot.org/article.pl.../09/21/1252213 |
+--------------------------------------------------------------------+

[0]Magnus writes "Korean distributions of Mozilla and Thunderbird for
Linux [1]were infected with Virus.Linux.RST.b. This virus searches for
executable ELF files in the current and /bin directories and infects
them. It also contains a backdoor, which downloads scripts from another
site, and executes them, using a standard shell."

Discuss this story at:
http://linux.slashdot.org/comments.p.../09/21/1252213

Links:
0. http://www.trojanhunter.com/
1. http://www.viruslist.com/en/weblog?calendar=2005-09

(Slashdot)


Linux can be infected with a virus... could this mean that Linux may be as bad

as windows?

EDIT> Well not actually no, I found out that it's been running wild since 2002.
But still, If linux became popular, would be sse more viruses?

Seriously, I doubt it. Linux has such a consistent file structure and a very well thought permission system locking users to their home that without root access, not much can be done. Also, Linux is not as integrated as Windows. Get a virus using Internet Explorer as a normal user in Windows and your system is compromised... you can't "remove" IE, so it's natural that peoples will try to find exploits on it (which is not that difficult to do, since MS security is a joke).

Also, Linux is a community driven-based Operating System. It means that most of it's community works together to improve the system, not to ruin it. I doubt you would spit on the same plate you eat...

On the top of it, its open-source philosophy let everybody to look at the code and search for malware. As long as you download your programs from trusted sources (say, grab Mozilla from mozilla.org, not from some underground crap) you should be fine.

Virus in Linux might increase if Linux gets more market share. Still, I would believe that Linux robust design for the file structure, permission settings and open-source will make it very difficult to fat kids who never get laid to create viruses for it... (because for me, virus creators are just that... virgin 35+ yo guys using a cracked compiler who never kissed a girl before...)

That's how I see the whole picture :)

if market share had anything to do with it, it would already be happening. a larger percentage of web servers run on a combination of apache + linux/bsd/*nix than windows.

and i doubt it's for lack of effort. there has got to be some black hats trying to increase their street cred by infecting linux.

Realistically, any OS can be infected by a virus. Some just make it easier than others. One of the major problems with Windows is that users are expected to run as Administrator by default. In fact, I've come across desktop software that really shouldn't need Admin rights, but demands them in order to run. So, effectively, any virus that a user runs on Windows can overrun the system unchallenged.

In Linux, on the other hand, it is very uncommon for a person to log in as Root for everyday use. Therefore, a virus would be much more limited as to what it may infect. Unfortunately, some distros, such as Linspire, are starting to move away from this practice. If Linux vendors insist on repeating Microsoft's mistakes then, yes, I think Linux viruses could become a problem.

it seems to be a common belief that the reason linux doest have viruses is because its not in the mainstream like windows,
i dont belive this is true, the fact is linux is not like windows and is much more secure and harder to write viruses then it is for windows!!!

does it boil down to the filesystem, more than likely.

There are something like 11 viruses for Linux and they are all proff of concept and none are particularly new. As long as you don't run regularly as root, you are pretty safe.

That's not to say that there will never be a virus, but regular peer review and lots of communication on this mean that we are likely to see fixes for viruses for Linux coming out in days if not hours rather than weeks, months, years for Microsoft products.

Iread the if you read the signing of whatever you're downloading you should be safe. How do I do that? Is it PGP signing or fsum (is that right?) signing.

Actually, I read an article on the subject that said there are a little over 100 known Linux viruses, as opposed to the tens of thousands of known viruses for Windows.
I can't seem to find the link now, but If I come across it again, I'll post it.

JohnTzu

These days we're seeing worms being called as viruses. The proofs of concept Linux's viruses (ie, Silvio Cesare's) are real viruses conceptually

The undeniable fact is that Unix / Linux isn't the most proper ground for their breeding. You must reach root (or exploit permissions), and any use of root privileges just to infect executables is a waste. We shouldn't care for future virus writers targeting Unix/Linux's aura in case it gets "popular". We don't need antivirus software. We have tripwire, aide, samhain, etc. and they're better

Another (maybe the best) reason why viruses are so prevalent in windows but not in linux is that
there is a huge difference betw. the computer savvy and awareness of the avg. linux user and that of windows.

virus writing and virus hunting/prophecies sometimes could be big buisness and big cash for some , encourage as many computer users to to switch to linux as you can ...

Something to think about is no OS is perfect, no OS is 100% secure and no OS is completely virus immune.
However the number of viruses for a given OS is dependant on more factors that just its populatiry or number of users or mainstreamness.
The default security and amount an OS can be secured will play a factor. Linux is more secure out of the box and can be made more secure than windows.
OS design plays another part, how integrated are the apps that are open to the outside, for example since Internet explorer is so integrated with the Windows OS, exploits for IE tend to be expooits for the OS.
The ability of the user is another. The typical windows user who bought their fist PC at walmart and signs up for AOL so they don't have to learn how to setup and internet connection are the ones that don't want to be educated about the dangers of opening unknown attachments, not going to websites such as yahoo games, etc.
My MIL is a god example, she keeps getting crap on her pc and its from the places she surfs to. She has the attitude of "Oh well" when we tell her to stay away from AOL/AIM and Yahoo and other places the uneducated hang out but she keeps going back because she knows that I will fix it for her. So my fixes are becoming more of reformat and be done with it rather than wasting my time trying to figure out what its been infected with or saving her data.

not to say which os is more secure or better , but i'm curious about one thing , are there any linux users surfing sites like yahoo and it similar or are there any linux users receiving emails with attachments ??

A lot of those crappy sites like yahoo games their crapware will only work in IE. Also most linux users are already running popup stoppers and know not to install some antispyware program from a popup window. Also most linux users know to not open attachments from paypal saying here is your password and such.

The user being dumb or smart contributes to about 90% of the security of the OS. I refer you to this part of the Seinfeld episode "The Robbery": No matter how secure you make Linux, Windows, or whatever, if the user is dumb, malware will proliferate.