Secure Coding mailing list archives
Re: Hypothetical design question
From: Crispin Cowan <crispin () immunix com>
Date: Wed, 04 Feb 2004 15:14:48 +0000
Alun Jones wrote:
Antivirus scanners typically work by matching against patterns of known viruses. For VMS that is the null set.Hope you don't mind me saying this, but that's essentially a null argument.
I'm sorry, but that just flies in the face of facts. Viruses are a problem endemic to exactly three platforms: DOS, Windows, and Macintosh, and no others. Why is that? Because viruses thrive in an environment where: * documents are executable * document viewers run with too much privilege On DOS, "documents are executable" was mostly an issue with floppy disks. On Windows, it became true first in MS Office documents, and then when Outlook became the prevelant mail client and it started executing attached scripts. On Macintosh, it was a similar story with floppies and MS Office, but now is going away with OS X. Evidence: consider Linux. 3% of the global desktop market, means there is something like 1 million to 2 million Linux desktop users out there. They are very strongly connected via e-mail mailing lists. Prototype viruses for Linux have been known and demonstrated at least seven years ago. If viruses were going to thrive on Linux, they would have done it by now, and they have not. So all the hand-wringing about the global nature of the virus problem being everywhere is bunk. Viruses are 100% Microsoft's fault. They only exist in non-trivial volume on platforms where Microsoft Office has a dominant share. Now this may change: if the Linux market becomes fully bug-compliant with Microsoft, and starts deploying mail clients (such as Evolution) and applications (such as OpenOffice) that are eager to execute untrusted scripts, then Linux will become a host for viruses too. But it depends on the Linux market repeating Microsoft's critical mistakes., and I do *not* mean buggy software. Crispin -- Crispin Cowan, Ph.D. http://immunix.com/~crispin/ CTO, Immunix http://immunix.com Immunix 7.3 http://www.immunix.com/shop/
Current thread:
- Re: Hypothetical design question, (continued)
- Re: Hypothetical design question Fernando Schapachnik (Jan 30)
- RE: Re: Hypothetical design question Nick Lothian (Jan 29)
- Re: Hypothetical design question Greenarrow 1 (Jan 30)
- RE: Re: Hypothetical design question Carl G. Alphonce (Jan 30)
- RE: Hypothetical design question Jeremy Epstein (Jan 30)
- Re: Hypothetical design question der Mouse (Jan 31)
- RE: Hypothetical design question Shea, Brian A (Jan 31)
- RE: Hypothetical design question ljknews (Feb 01)
- RE: Hypothetical design question Alun Jones (Feb 02)
- RE: Hypothetical design question ljknews (Feb 03)
- Re: Hypothetical design question Crispin Cowan (Feb 04)
- RE: Hypothetical design question Alun Jones (Feb 04)
- RE: Hypothetical design question dtalk-ml (Feb 04)
- RE: Hypothetical design question Alun Jones (Feb 04)
- Re: Hypothetical design question Crispin Cowan (Feb 05)
- RE: Hypothetical design question ljknews (Feb 01)