Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

The illusion of invulnerability (Linux)

May 10th 2006 in Uncategorized

There is an excellent, albeit short, article about security for Linux users that is worth a quick read:

I’ll leave you to read the entire article, and will only highlight pertinent quotes here:

“Pretty soon, it dawned on us exactly what the biggest threat to Linux systems is: the almost overwhelming belief in the invulnerability of Linux.”  This is dangerous.  If you think you are safe, you are more likely to do dangerous things – to take risks.  I’ve always said that no browser is safe; nor is *any* operating system safe.

“The number of new malicious programs for an operating system isn’t related to the number of known security flaws, but to the number of installations.” That’s right, the bigger that target is on your butt, the more likely it is the bad guys are going to think you are worth going after. The really bad guys aren’t bypassing Linux because its invulnerable, they’re bypassing it because the number of users out there doesn’t make it worth their while.

Also, don’t be fooled into thinking that because its Linux, and its geeky, and you have to be ‘smart’ to use it, that writing malware targetting Linux will be beyond the means and ability of the bad guys that are out there now.  They *can* do it, and they *will* do it, as soon as they decide that the Linux user head-count is big enough.

“To access a system, a virus writer doesn’t need 300 vulnerabilities – one is enough.”  Write that one down and stick it on the side of your monitor.

“… coming to the conclusion that your own system is practically invulnerable will make it easy for malware to spread on Linux systems in the future. … when the day comes, will users and companies have enough time to choose and install a reliable virus scanner before their systems are hit?”  Enough said.

Oh, and while we’re on the topic of Linux vulnerabilties:

This is the mantra:  No web browser is *safe*.  No operating system is *safe*. 

Comments are closed.

Symantec are patting themselves on the back again.  Their latest “Symantec Enterprise Security News Clip” has proudly announced that “Industry Leaders Back Symantec Phish Report Network”(cite: http://www.symantec.com/about/news/release/article.jsp?prid=20060501_01)
So, let’s have a look at Symantec’s new service at http://www.phishreport.net/.  A nice, professional looking site – very pretty. 
“Senders” can submit URLs for free only after agreeing to […]

Previous Entry

IE7 crashes whenever I try to post a comment to Rob’s blog, so I’ll use the trusty trackback.. I know Rob will see it.
All good thoughts and vibes are heading your way for you and your Mom…  I may have introduced you to quality single malt scotch whiskey, but you introduced me to car seats […]

Next Entry