September 18, 2003

Yet another wormy reason to switch from Windows to Linux

Author:

- by Joe Barr -
The recent spate of email borne viruses/worms/trojans and similar nasties which have befallen Windows users isn't over, and it isn't likely to be for some time. Discussions about why this is true and who -- if anyone -- can be held responsible for the mess are for a different time. I simply want to make the point that Linux users have a huge advantage over those running Windows: We don't have to be afraid of the email we receive.

I participate in several mailing lists where I am definitely in the minority because I'm running Linux.

Because I am sometimes vocal with other list members about "feeling their pain" and encouraging them to move to Linux as first one, then another of them is forced to drop off the list for a day or longer in order to have their PCs cleansed and rid of the virus-of-the-day, I'm often asked what virus/email protection program is best for Linux. They don't understand that it is an inherently safer platform than Windows.

I am acutely aware of the fact that many Windows users are frightened by what they receive in the mail, even if it appears to be from someone they know and trust.And nobody can blame Windows users for being frightened. But some sick individuals are taking advantage of that fear to wreak even more havoc amongst them. Take a look at this email I received this afternoon:

It purports to be from Microsoft. It's not of course, it's probably from some machine which has a trojan on it and whose owner is blissfully unaware of how it's being used.

As you can see from the mail headers I snipped from the message source, it appears to have originated with a Comcast.net customer rather than Microsoft. Another Newsforge editor received the same email a short time later which originated elsewhere.

Received: from [204.127.198.39] (helo=rwcrmhc13.comcast.net) by host3.indyserv.net with esmtp (Exim 4.20) id 1A03wE-0007r1-SV for joe@pjprimer.com; Thu, 18 Sep 2003 14:55:34 -0400
Date: Thu, 18 Sep 2003 18:55:27 +0000 (GMT)
X-Comment: Sending client does not conform to RFC822 minimum requirements
X-Comment: Date has been added by Maillennium.
Received: from xbzqo (pcp02560386pcs.owngsm01.md.comcast.net[68.55.27.175]) by comcast.net (rwcrmhc13) with SMTP id ; Thu, 18 Sep 2003 18:55:25 +0000

It also claims to be a cumulative patch which "fixes all known security vulnerabilities affecting MS Internet Explorer, MS Outlook, and MS Outlook Express." Savvy Windows users will realize that can't be true, because such a patch would probably fill several CDs. But oh, pity the unwary who follow instructions and "Run attached file. Choose 'Yes' on the displayed dialog box."

As a Linux user, I'm glad that my world is not as frightening as Windows users'. This sort of thing doesn't make me feel smug that I'm immune. It makes me angry at the rats who taking advantage of people's fear in this way for no other purpose than to harm them.

Joe Barr has been writing about personal computing for 10 years, and about Linux for five. His work has appeared in IBM Personal Systems Journal, LinuxGazette, LinuxWorld, Newsforge, phrack, SecurityFocus, LinuxJournal.com, and VARLinux.org. He is the founder of The Dweebspeak Primer, home of the official newsletter of the Linux Liberation Army, an organization in which he holds the honorary rank of Corporal-for-life.

Category:

  • Linux
Click Here!