APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Viruses and Unix

I was in a meeting last week where a customer was exploring switching from a Unix platform to Windows. Of course one thing mentioned in favor of the Unix platform was the lessened threat from viruses, but someone brought up the old "popularity" argument: if Unix were as popular as Windows, it would have just as many virus problems.

That's just not true. I didn't want to get into an argument at the table, but I did mention that basic OS flaws have a lot to do with Windows problems. The "popularity" proponent disagreed, stating that all operating systems have flaws.

Of course that's true. But Windows has some problems that Unix doesn't have. If that weren't true, then why is Microsoft working to planning to change things in Vista?

Unix and Linux don't suffer from the basic stupidity of built in privilege problems. Privilege escalation exists in Unix and Linux, but it's always a mistake, not a design decision as it has been with Windows. Windows made this mess on purpose because they wanted "ease of use" more than they wanted security. That's about to change, but as I've noted in the article referenced above, I think too many horses are already out of the barn: the Windows community will thwart these controls and do everything they can to continue having complete administrative power.



Got something to add? Send me email.


3 comments



Increase ad revenue 50-250% with Ezoic


More Articles by

Find me on Google+

© Tony Lawrence







Sun Oct 2 16:41:03 2005: 1146   BigDumbDinosaur


I occasionally get the popularity argument from Windows weenies who don't understand the UNIX security model and think "security through obscurity" is what protects the average UNIX or Linux machine from intrusion. I'm quick to point out to them that another piece of software that is very popular and runs on UNIX with its backside fully exposed to the Internet doesn't suffer from the constant security breaches that seem endemic to Windows, thus blowing the popularity argument out of the water. Of course, I'm referring to Apache.

The security woes that plague Windows are there because security in that vaunted operating system was an afterthought -- a "bolted on" feature that was suddenly necessary when Microsoft finally got a Windows networking model in place and it became possible for user B to get into user A's machine. Contrast that to UNIX's security model, which was built into the kernel itself, starting back when Ken Thompson was hunched over that old PDP-7's keyboard some 35 years ago. 35 years of continuous use and development have given the UNIX community a lot of time to find and elminate security weaknesses. While I wouldn't be so naive as to suggest that all of them have been found, the facts say that UNIX is far more secure than anything Microsoft has produced to date.

As Tony pointed out, security breaches in the UNIX space are inevitably due to misconfiguration or some similar sort of administrator error, not from inherent defects of design. Windows, unlike UNIX, came from a single user environment where the notion of security didn't exist. Short of a scratch rewrite of the Windows kernel, where all aspects of system access control are in one place and follow a unified model, I fail to see how anything is going to be changed.



Sun Oct 2 19:19:47 2005: 1147   drag



Yep. There are some basic fundamental differences between Unix model and Windows security model that lend Windows to be popular for widespread viruses.. One flaming example is how many many Windows programs are simply unable to function properly without the user having 'administrator' rights, often with no good reason. If this was to happen in Linux/Unix arena the program would be considured fundamentally broken and avoided at all costs.

Now it's perfectly possible to write Linux viruses if people wanted to.. any reasonably good programmer could do it today if they felt like it. The trouble is getting the virus to actually be successfull at spreading itself.

Also be very carefull of using anti-virus software, especially from companies that normally make Windows software. There have been serious flaws in some of the software that would possibly cause your computer to be root'd.

Here is a good FAQ page on Linux viruses and the need for virus scanning. I've found it very informative.
(link)

And just so people know it's perfectly possible to write a Linux virus, here is the howto:
(link)



Sun Oct 2 19:20:01 2005: 1148   TonyLawrence

gravatar
It's worse than "bolted on" - Windows was designed to bypass any security for ease of use.

In the Unix world, security breaches are admin or programmer error - and in the case of admin, it's often from the same cause that plagues the Windows world: a desire to make it easy for the users. But at least the OS itself is under no such influence.

Of course some Windows problems are also just admin or programmer errors, but when the os starts out flawed, it just gets worse.




------------------------
Kerio Samepage


Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us





An incompetent attorney can delay a trial for years or months. A competent attorney can delay one even longer. (Evelle J. Younger)





This post tagged: