Re: Anyone else notice that Swen is slowing down?
From: Kjetil Kjernsmo (kjetil_at_kjernsmo.net)
Date: 10/02/03
- Previous message: Alphonse Ogulla: "establishing ppp connection as non-root"
- In reply to: ScruLoose: "Re: Anyone else notice that Swen is slowing down?"
- Next in thread: John Hasler: "Re: Anyone else notice that Swen is slowing down?"
- Reply: John Hasler: "Re: Anyone else notice that Swen is slowing down?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: debian-user@lists.debian.org Date: Thu, 2 Oct 2003 11:58:23 +0200
Well, to respond to the subject first: No, Swen is definately not
slowing down here... And my attempt to install amavis/clamav was a bit
of a failure, so I'm seeing a lot of crap...
On Thursday 02 October 2003 06:17, ScruLoose wrote:
> Most non-MS users are not likely to be logged in as root when they
> check the mail, so whether some virus auto-executes or entices them
> to click on it, the damage is generally going to be pretty well
> contained.
>
> It's going to take a _hell_ of a lot of social engineering to
> convince me to su, provide my root password, install and run some
> program that showed up in my inbox. No matter how pretty a message
> it's packaged in. Even assuming that the user getting the infected
> mail _has_ the root password.
Well, a virus like Swen wouldn't need root access to spread. I don't
know what Swen does to a Windows machine (and I don't care, I haven't
got any), but just to annoy people with enormous amounts of e-mail,
someone could imageinebly write a perl script with its own SMTP-engine.
If a non-priviliged user was fooled into executing the perl script, it
could still spread to any platform with Perl installed.
Indeed, it is unlikely that such a virus would make any significant
impact on the system, unless of course, it was then able to exploit a
local vulnerability to gain root (or gid 'games', I love those
upgrades! :-) ). However, most users have their most important
documents in their home dir anyway, so a virus deleting those would do
real damage anyway, and it would do real damage to Linux' reputation as
being more secure.
Scenario: A perl script deleting all the files in the homedir of
infected users, spreading to all the contacts that is in user's
addressbooks. This would likely include all the homedirs of all the
users in an organization:
PHB: Sysadmin, what's happening?
Sysadmin: A simple virus. It didn't damage the system, we're running as
normal.
PHB: What do you mean, didn't damage the system, it deleted all my
files!?!
The PHB is not going to care a lot for the integrity of the system once
his files are all gone, his perception of damage is going to be very
different from yours.
>Besides, everything about MS seems designed to actively encourage
>clueless behaviour.
I agree, and this is the major point that we have to ensure as MS
marketshare starts dropping and we start taking over the desktop, Linux
users are more clued. A company starting migration to Linux must
realize that for their own security, they have to train their employees
better than they did with MS systems.
Anyway, I think the main technical strength lies in that a lot of
seemingly unimportant fixes are given attention, so that there will not
exist many possibilities to execute code unless the user knows about
it.
Cheers,
Kjetil
-- Kjetil Kjernsmo Astrophysicist/IT Consultant/Skeptic/Ski-orienteer/Orienteer/Mountaineer kjetil@kjernsmo.net webmaster@skepsis.no editor@learn-orienteering.org Homepage: http://www.kjetil.kjernsmo.net/ OpenPGP KeyID: 6A6A0BBC -- To UNSUBSCRIBE, email to debian-user-request@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
- Previous message: Alphonse Ogulla: "establishing ppp connection as non-root"
- In reply to: ScruLoose: "Re: Anyone else notice that Swen is slowing down?"
- Next in thread: John Hasler: "Re: Anyone else notice that Swen is slowing down?"
- Reply: John Hasler: "Re: Anyone else notice that Swen is slowing down?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
