August 14, 2003

Switch to Linux, stay out of jail

- By Robin 'Roblimo' Miller -
It's a scary thought, but Windows users may actually risk going to jail if they don't protect themselves well enough from the many worms, viruses and 'Trojans' that can infect their operating system. Don't believe me? Go read this story. Then come back and learn how to protect yourself against this problem.

Let's assume you must use Windows. There's an application you can't live without and you have been unable to find a Linux equivalent for it. You can't run it with Wine or one of the Wine-derived CodeWeavers products that allow many Windows programs to run directly under Linux.

(You did try Wine or CodeWeavers' CrossOver software with your favorite Windows program before you decided you simply had to keep Windows around, didn't you?)

So, Windows-bound one, you must either stay unconnected to the Internet (as in, stop reading this and pull that phone or network wire out of your computer or turn off your wireless network right now) or take strong, ongoing precautions to keep malicious code out of your computer.

This kind of defense takes time and money.

Note the way antivirus software purveyor Sophos displays a version of the "Man arrested for porn on his computer because of virus" story on their own site as an inducement for you to buy their product for your business.

Antivirus companies love to tell you about all the threats you can avoid if you buy their products. Right now, aside from the "get a virus, go to jail" problem, they're giving big play to the W32/Lovsan.worm (AKA W32/Blaster) that has been messing up Windows computers like mad over the last week.

Virus protection isn't something you buy once and forget. There are new viruses and worms all the time, so you need to keep updating that antivirus software (and keep paying for it), usually a step behind the virus writers, but that's how it goes in the virus business.

Then there are Trojans: Programs you unwittingly download along with something you want, like a filesharing utility, that make your computer do things you don't expect it to do. Like download kiddie porn that can get you arrested, for example. Or make your computer dial expensive foreign numbers that run up your phone bill. Or any one of a number of other nasties.

Almost all Trojans currently "in the wild" only affect Windows, and they can be hard to remove from a Windows PC because Windows and most Windows programs are full of closed-source secrets, so no one knows what's supposed to be in every file on a Windows hard drive.

It is possible to write a Trojan for Linux, and at least one has been distributed -- very briefly, and without doing any notable harm to anyone -- but since every single file in an open source program can be viewed by you, the user, or by a maintainer from the distribution you have chosen, getting rid of a Trojan on a Linux computer is simple, usually a matter of downloading and installing a simple patch or 'delete' script or else manually deleting a few files.

By downloading all your Linux software through trusted sources (and by sticking to open source software) you may not be 100% safe from all Trojans, but you're far safer than if you are running an operating system that is full of files whose source code is kept secret, even if "security" is supposed to be a big reason for that secrecy.

The "download only from trusted sources" advice holds true for all operating systems, by the way. But with Linux and open source software, even if you don't know how to read all of a program's source code to see if it's worth trusting, chances are that someone out there does -- and will check it, and will tell the rest of the world if it's safe.

Note that the only way to install software on a Linux computer that's set up correctly (which it is by default in almost all mainstream Linux distributions) is to log in as root. When you're working under your regular username, even if you download the world's most evil porn-sucking, nasty-dialingest, ad-flashing or system-destroying malicious software, there is no way it can install itself and do bad things to your machine. This is not true with Windows. The current Lovesan/Blaster worm is proof: It installs itself, automatically, without the user doing anything. This sort of worm simply can not infect a Linux computer that isn't run as root, which you never should except while performing admin tasks -- preferably while disconnected from the Internet or other networks.

Of course, one reason not to prefer an operating system (like Linux) that won't 'accidently' download kiddie porn when you're not watching is that you are a juvenile pornography fan and want to have a, "The computer did it!" defense ready in case you end up in court, faced with criminal charges.

We're not saying most Windows users are kiddie porn lovers or that more than a tiny fraction of Windows users will get busted unjustly for kiddie porn downloads caused by bad programs they unknowingly downloaded. And we know plenty of Windows users who have run high-bandwidth Internet connections for many years with neither a firewall nor anti-virus protection, and have never been infected with a worm, virus or Trojan.

But why take the risk? Linux has gotten a lot easier to use than it used to be, and you can almost certainly either find Linux software to replace your favorite Windows programs or at least find Windows-based ones that will work adequately under Linux through Wine.

It may take some time to learn Linux, not because it's hard, but because it's different from what you're used to.

Now think: If that learning time saves you from just one nasty virus or worm infection, won't it have been worth it?

And isn't that learning time even more worthwhile if it saves you from even the remote possibility of an arrest for a crime your computer might commit behind your back?

Editor's note: The recent crack of the ftp server was by a local user; that is, someone who had physical access to the system. In all the talk about "Internet" hacking, cracking, viruses, and worms, it's easy to forget that someone working from behind your firewall can do all kinds of damage even if your system is impervious to outside attacks. This is true of all operating systems.)


  • Management
Click Here!