Re:Unintelligent criticism is worse than no critic
Posted by: Anonymous Coward
on April 11, 2006 10:56 PM
Any readers of this post who think there are no mechanisms by which a linux executable might be triggered by clicking on a link and having code be executed are obviously not looking at the *daily* security alerts regarding common Linux applications. Human beings apparently can't write code that is simultaneously complex and secure. It doesn't matter if it is open source or not.
Protecting the *system* is pointless if what you are trying to protect is USER DATA, either from theft, deletion, or corruption. Root by itself is just an easy path to other user accounts. If the accounts can be compromised, then root protects almost nothing of value.
Users on systems they do not administer themselves frequently install apps in their homes because that it is their only option. These could open source or even commercial. Thus their apps can be infected. If they allow other users to run their apps, there is the potential for cross-user infection. Once the administrator's non-root account is taken, all bets are off. They frequently leave their non-root executables in their path because they are useful. Even if users do not have executables, the ability of a virus to modify things like<nobr> <wbr></nobr>.bashrc allows a virus to do virtually *anything*, including leaving back door insecurities to allow later access when some later local suid-root exploit is discovered.
Viruses, not worms, require that humans activate them to give them the ability to replicate. This could be through an exploit of a bug in your browser, or simply running a normal executable which is infected. If that infected executable has the ability to infect other executables, it is a virus.
I'm not saying windows is any better, but a well administered Windows box is more likely secure than a Linux box *adminstered*, (not just installed), by someone who doesn't know how to program in C and bash.
Linux zealots are worse than FUD. They make real linux advocates want to WRITE linux viruses. If you aren't knowledgeable enough to write a Linux virus, you should refrain from making statements about how it is impossible to for one to exist.<nobr> <wbr></nobr>:^P
Learn about Linux
Download Linux
Get Linux help
Re:Unintelligent criticism is worse than no critic
Posted by: Anonymous Coward on April 11, 2006 10:56 PMProtecting the *system* is pointless if what you are trying to protect is USER DATA, either from theft, deletion, or corruption. Root by itself is just an easy path to other user accounts. If the accounts can be compromised, then root protects almost nothing of value.
Users on systems they do not administer themselves frequently install apps in their homes because that it is their only option. These could open source or even commercial. Thus their apps can be infected. If they allow other users to run their apps, there is the potential for cross-user infection. Once the administrator's non-root account is taken, all bets are off. They frequently leave their non-root executables in their path because they are useful. Even if users do not have executables, the ability of a virus to modify things like<nobr> <wbr></nobr>.bashrc allows a virus to do virtually *anything*, including leaving back door insecurities to allow later access when some later local suid-root exploit is discovered.
Viruses, not worms, require that humans activate them to give them the ability to replicate. This could be through an exploit of a bug in your browser, or simply running a normal executable which is infected. If that infected executable has the ability to infect other executables, it is a virus.
I'm not saying windows is any better, but a well administered Windows box is more likely secure than a Linux box *adminstered*, (not just installed), by someone who doesn't know how to program in C and bash.
Linux zealots are worse than FUD. They make real linux advocates want to WRITE linux viruses. If you aren't knowledgeable enough to write a Linux virus, you should refrain from making statements about how it is impossible to for one to exist.<nobr> <wbr></nobr>:^P
#