Hi David, you've made some valid points, however they're not all entirely correct (It's not entirely prudent to comment on something you're not using and up with the state of play on.), windows NT,2K etc.. have a proper user/group based security model and with NTFS it does give a permissions structure that prevents a number of problems you've discussed, alho' the unix permissions structure is by far a better design (NT has no permissions inheritance from higher level directories...) it won't stop a number of the virus attacks like boot sector deleters and the like.
In relation to your point about goodwill and the like, sure the current crop of programmers will keep making nice stuff, but like in any system theres always a bad element that will migrate as the system evolves and becomes larger, people who write viruses for windows will write viruses for linux if they start using linux, nothing about the hugs and kisses world of open source will change that. Microsoft doesn't turn people bad, people will be do bad things anyway, you can't blame them for everything... Microsoft doesn't have a community like the linux one granted, it's more like the real world, it's incredibly diverse unlike the linux community and therein lies a lot of it's issues, it has to cater to so many different people wanting to run everything from old dos apps to 16bit windows apps to the latest 32bit stuff, more bloat more chances of holes etc, but it's because the people demand that, if linux is to compete it has to give the people what they want... this is one of the reasons I'm anti linux on the desktop because if it wants to truly compete it's going to have to do what windows does, unfortunately ms set the standard for what people expect on the desktop, I think the whole linux on desktop movement is negative for the future of linux (but thats a rant for another time :-). jeremyb http://www.jeremyb.net > From: David Lane <[EMAIL PROTECTED]> > Date: 2002/03/12 Tue PM 08:31:53 GMT+12:00 > To: CLUG <[EMAIL PROTECTED]> > Subject: Why Linux won't suffer from viruses like Windows/Outlook > > Hi Jeremy, > > I don't normally get involved in discussions like this, but I must say > that Linux isn't like Windows for a number of very important reasons. > Very few of the reasons are technical - nearly all are philosophical, > and they're are the same reasons that I don't use Windows, and haven't > since 1994. Linux is not likely to ever have email viruses like > Windows/Outlook regardless of its marketshare for 4 simple reasons: > > 1. Design: a proper multiuser architecture like that employed by UNIX > and Linux creates a "sandbox" for each user. As long as a user doesn't > read/execute a hypothetical email virus as root, it's unlikely to affect > more than their individual account. If they do read mail as root, then > they're sadly naive and probably need to get the virus to teach them a > lesson in prudence. > > Windows is sort of like shooting fish in a barrel. There is *no* > security by default, no proper permissions, no nothin'. > > 2. Diversity: there is no email client monoculture on Linux like there > is on Windows. There are many very capable email clients, none of which > has unfair precedence over another (as Outlook does by virtue of being > preinstalled and default on the desktop), therefore there's no clear > vector for transferring an email virus. > > All Windows machines of any given type are essentially identical, with > all the same files in the same places by default. A virus can be very > simplistic because it doesn't have to look very hard to find the > vulnerable parts of the system. That's the definition of a > monoculture. In nature, they don't last long for good reason: because > they're weak. > > 3. Default settings: Linux, by and large, is configured with > everything potentially dangerous turned off by default (or specifically > asks you if it should turn things on). > > Windows, on the other hand, is designed to maximise MS's income. Full > stop. That means pleasing the majority, which has always meant pleasing > the lowest common denominator - the naive and minimally skilled. > > It also means keeping the anti-virus manufactures in business - ever > wonder to what degree MS is invested in Symantec or Norton? Isn't it > ironic that some of the foremost companies in computing are blindingly > successful simply because the fix something in another company's > software that should never have been broken? > > <rant>There has never, perhaps until now with the ascent of Linux, been > ANY financial incentive for MS to create a secure or bug-free Windows. > It makes them (with "upgrades"), their "partners", OEMs, and legions of > support technicians the world over employed, earning $billions for > fixing the same, known problems, time and time again. They drop those > crumbs to keep the scavengers in their IT "ecosystem" well fed and eager > to shout the praises of their master.</rant> > > 4. Goodwill: when a clever (or even not-so-clever) programmer wants to > make his/her mark in the Linux world, there are many creative, positive > ways in which s/he can make a splash be contributing to an open project > - everyone knows that, given a choice, it feels much better to build > something than it does to destroy something. Linux promotes an ethos of > goodwill due to its openness and inclusiveness. It would be uncool in > just about anybody's book do something destructive to anything that is > the result of so many people's generosity. > > With Windows, no such good will exists, and the only way to have an > impact is by being destructive. In my opinion, the ethos MS projects > brings out frustration and destructiveness in people. > > Dave > > On Mon, 2002-03-11 at 11:51, Jeremy Bertenshaw wrote: > > Okay, so maybe I should've said... wow! are there new advancements in other >operating systems that make them impervious to viruses? > > > > Granted Outlook opens up a whole bunch of issues, but _My_ point was that theres >no point knocking micro$oft when you can be in the same boat no matter what OS you're >using, it's the popularity that makes it more likely to be hit. > > > > jeremyb > > > > http://www.jeremyb.net > > > > > From: Christopher Sawtell <[EMAIL PROTECTED]> > > > Date: 2002/03/11 Mon AM 09:21:57 GMT+12:00 > > > To: Jeremy Bertenshaw <[EMAIL PROTECTED]>, > > > Johnno <[EMAIL PROTECTED]>, [EMAIL PROTECTED] > > > Subject: Re: Re: Mail Virus Scanners > > > > > > On Monday 11 March 2002 09:41 am, Jeremy Bertenshaw wrote: > > > > Wow! Is there some new advancement in linux that makes it impervious to > > > > viruses? > > > > > > No. As distrubuted by the major vendors Linux is not particularly secure, > > > but getting rid of Microsoft will get rid of all the Outlook problems and > > > other viruses which depend on there being no effective permission structure > > > in the file system. It's just that in any mono-culture the whole population > > > is prone to infection. > > > > > > Next time, read my posts carefully and note that I never mentioned Linux, and > > > remember that that there are several operating systems which are "not > > > Microsoft" and are perfectly capable of doing all the things that most people > > > need to do. > > > > > > > > From: Christopher Sawtell <[EMAIL PROTECTED]> > > > > > Date: 2002/03/10 Sun PM 10:23:21 GMT+12:00 > > > > > To: Johnno <[EMAIL PROTECTED]>, [EMAIL PROTECTED] > > > > > Subject: Re: Mail Virus Scanners > > > > > > > > > > Belt & braces is a good idea, but tell them that if they really want to > > > > > get rid of viruses they need to get rid of Microsoft. > > > > > > > > -- > ** David Lane, Director - Egressive Limited * [EMAIL PROTECTED] ** > ** PO Box 24162, Christchurch, NZ * www.egressive.com * 025 229 8147 ** > ** Open Source: software for the discerning palate * www.openz.org ** > >
