Linux Format forums Forum Index Linux Format forums
Help, discussion, magazine feedback and more
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Talk about a flame war!

 
Post new topic   Reply to topic    Linux Format forums Forum Index -> Discussion
View previous topic :: View next topic  
Author Message
Bazza
LXF regular


Joined: Sat Mar 21, 2009 11:16 am
Posts: 1462
Location: Loughborough

PostPosted: Tue Jun 21, 2011 3:07 pm    Post subject: Talk about a flame war! Reply with quote

Hi guys...

Make sure you read the comments too!

http://www.pcworld.com/businesscenter/article/230569/postmacdefender_linux_looks_better_than_ever.html

;-(
_________________
73...

Bazza, G0LCU...

Team AMIGA...
Back to top
View user's profile Send private message
johnhudson
LXF regular


Joined: Wed Aug 03, 2005 2:37 pm
Posts: 857

PostPosted: Tue Jun 21, 2011 7:01 pm    Post subject: Reply with quote

As they say, 'Don't let facts get in the way of a good story.'
Back to top
View user's profile Send private message
Rhakios
Moderator


Joined: Thu Apr 07, 2005 12:18 am
Posts: 7602
Location: Midlands, UK

PostPosted: Tue Jun 21, 2011 7:18 pm    Post subject: Reply with quote

One thing about the original article, it claims that one of Linux's strengths is diversity, and yet we are often told that "under the hood" all Linuxes are very similar and our favourite magazine tels us it uses the command line in so many tutorials because that is the common factor between distros. So, if Linux became wildly popular, how long would it take malware writers to learn to exploit the underlying unity of Linux?
The main advantage is that "script-kiddies" aren't going to have much luck, but enterprising and clever malware writers might well be able to create kits from which others can create exploits.
In any event, social engineering will leave Linux, as well as any other OS open to interference.
_________________
Bye, Rhakios
Back to top
View user's profile Send private message
guy
LXF regular


Joined: Thu Apr 07, 2005 1:07 pm
Posts: 1041
Location: Worcestershire

PostPosted: Tue Jun 21, 2011 8:34 pm    Post subject: Reply with quote

Social engineering is certainly the easiest route in for any malware (since IE6 anyway). Linux is only safer as long as the malware expects Windows or maybe MacOS underneath.

Once in, a standardised platform is bad news. Android malware is growing, and current attempts to standardise the code - merging all those crayzee forks - will make things worse.

People generally don't pick up food lying in the highway and eat it. Yet they pick up shiny stuff lying in the information highway and click it, then wonder why they get the virtual runs.

BTW Bazza said, "Make sure you read the comments too!" I don't see any, but then NoScript tells me there are seven script servers itching for me to let them rip. I do wonder if there is a (socially engineered) connection. Rolling Eyes
_________________
Cheers,
Guy
The eternal help vampire
Back to top
View user's profile Send private message
nelz
Site admin


Joined: Mon Apr 04, 2005 12:52 pm
Posts: 8364
Location: Warrington, UK

PostPosted: Tue Jun 21, 2011 9:16 pm    Post subject: Reply with quote

Hardly an impartial piece. He complains about the use of security by obscurity by other platforms, then praises the diversity of Linux distros for providing exactly that. In ignoring the real security advantages of Linux he does more harm than good.
_________________
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
Back to top
View user's profile Send private message
guy
LXF regular


Joined: Thu Apr 07, 2005 1:07 pm
Posts: 1041
Location: Worcestershire

PostPosted: Tue Jun 21, 2011 10:00 pm    Post subject: Reply with quote

nelz wrote:
Hardly an impartial piece. He complains about the use of security by obscurity by other platforms, then praises the diversity of Linux distros for providing exactly that. In ignoring the real security advantages of Linux he does more harm than good.

Eh? I think he praises the diversity of distros for being incompatible at the exploit level, making it hard for a black hat to reach a wide population. That's not the same thing.

Meanwhile aren't the user privilege model and openness of code genuine advantages over certain other OS?
_________________
Cheers,
Guy
The eternal help vampire
Back to top
View user's profile Send private message
nelz
Site admin


Joined: Mon Apr 04, 2005 12:52 pm
Posts: 8364
Location: Warrington, UK

PostPosted: Wed Jun 22, 2011 12:10 am    Post subject: Reply with quote

Not exactly the same but similar. Neither approach actually blocks any form of attack, just makes the entry point a little harder to find. Yes, he does mention the real advantages, but gives them less credence. Had he concentrated on those advantages the piece would have been far better, but instead he detracted from them.

Having said that, I don't believe the user privilege model provides significant protection. It may prevent malware from modifying your root partition (if you don't fall for the social engineering aspect and give a password) but it in no way stops your computer being used as a spambot for example.
_________________
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
Back to top
View user's profile Send private message
johnhudson
LXF regular


Joined: Wed Aug 03, 2005 2:37 pm
Posts: 857

PostPosted: Wed Jun 22, 2011 9:38 am    Post subject: Reply with quote

nelz wrote:
Hardly an impartial piece. He complains about the use of security by obscurity by other platforms, then praises the diversity of Linux distros for providing exactly that. In ignoring the real security advantages of Linux he does more harm than good.


I'd assumed Katherine Noyes was a woman.
Back to top
View user's profile Send private message
Marrea
LXF regular


Joined: Fri Apr 08, 2005 10:32 pm
Posts: 1868
Location: Chilterns, West Hertfordshire

PostPosted: Wed Jun 22, 2011 9:56 am    Post subject: Reply with quote

johnhudson wrote:
I'd assumed Katherine Noyes was a woman.

I was just wondering how long it was going to take for someone to mention that! Smile
Back to top
View user's profile Send private message
View previous topic :: View next topic  
Display posts from previous:   
Post new topic   Reply to topic    Linux Format forums Forum Index -> Discussion All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Linux Format forums topic RSS feed 


Powered by phpBB © 2001, 2005 phpBB Group


Copyright 2011 Future Publishing, all rights reserved.


Web hosting by UKFast