June 7, 2002

The latest 'cross platform' virus won't help Linux users

- By Robin "Roblimo" Miller -
One of the great defects in Linux compared to Windows is that it is not infected by cool viruses. Viruses are obviously fun, as is made obvious by the refusal of so many Internet-connected Windows users to switch to Linux as the easiest way to make themselves virus-free. For a few days there, we hoped the new cross-platform Simile.D virus would let us Linux users in on the fun, but it turned out to be a false alarm.
I know beyond a shadow of a doubt that Windows users love viruses, because they spread so many of them. I get at least 100 Klez emails every day, and you know that if the people who were spreading this virus didn't love viruses they would switch to Linux.

Or perhaps they love giving money to virus-fighting companies. I have trouble understanding why people like Windows in the first place, but obviously there's a masochism component to their strange love, and I assume that once they've gotten the idea (from where I do not know) that Bill Gates deserves their money more than they do, it is not much of a stretch for them to believe that every proprietary software company in the world should be allowed to dip into their wallets at will.

But this is speculation for psychologists, not for us. We are more interested in practical questions here, like, "Can the Simile.D virus really infect my Linux box?" and, "If it can, what should I do about it?"

The answers seem to be, "No, the Simile.D virus won't infect your Linux box unless you are a complete moron," and "if you are a Linux user who wants to protect himself or herself against Simile.D, all you need is an IQ in the high two digits (or greater) and the ability to read instructions, and you'll be fine."

As this somewhat alarmist ZDNet story says, " While Simile.D spreads successfully to Linux machines, the risk is lessened by the fact that only systems running in so-called superuser mode can be fully infected."

How many people do you know who habitually run their Linux systems as root?

In my case, the answer is "zero."

So that's the end of that.

Symantec's instructions on how to remove the Linux version of Simile.D are easy to follow if you suspect your box has been infected, and you don't need to buy any special software from Symantec (or anyone else) to follow them.

This is both the beauty and the danger of an Open Source operating system like Linux:

The beauty is that because there are no hidden files, it is easy for anyone who can follow simple instructions to locate and delete anything in their system that doesn't belong.

The danger is to the financial health of the antivirus companies: If ordinary users can eliminate viruses by following simple instructions instead of by spending money for special software to do it for them, all the antivirus software companies will go out of business and you will see lots of former antivirus software developers carrying "Will Disinfect Your System for Food" signs standing on street corners, looking for handouts.

Maybe someday someone will write a virus that can log into your Linux system as root and really mess it up. This hasn't happened yet, and chances are that when it does, a simple fix will be posted all over the Internet (and here on NewsForge) within an hour or two.

As Windows apologists are fond of pointing out, Linux can't possibly compete with Windows until it can match it feature for feature, and then some. I hold out little hope of Linux ever matching Windows on the virus vulnerability front, so it looks like the old dream of Linux eventually overtaking Windows and becoming the world's most popular operating system will never come to pass.

So it goes.


  • Management
Click Here!