Anti Virus, now Anti Spy-ware

Wed Jun 18 11:48:07 UTC 2008

>> That's not necessarily true anymore.  Many kinds of malware are installed
>> by Web sites that exploit security holes in browsers.  Fortunately, they are
>> seldom targeted at Linux.  As Linux gains users, that will change
>> --
>
> I tend to agree. The reason why windows systems are targeted so much is that
> they are the popular ones. Those wanting to do the crimes are after s many
> potential targets as they can get. If linux was the more popular os the
> chances are it would be the target of choice

Websites that install Malware via a browser or exploit are not AdWare
nor Spyware.

Adware is software that uses advertising popups ect to provide revenue
to the software developer or company that owns the software.  Adware
can easily exist in Linux... but it is very uncommon.  You will find
it primarily in binaries such as Yahoo Messenger (although I have no
idea if the official Linux version of Yahoo Messenger has ads or not
since I use Pidgin)

Adware is very unlikely to ever appear in the official software
repositories of ANY Linux distribution - at least not as they are now.
 It would take a major shift in the Linux world for that to change.
If something that was classed as Adware were to show up in any
distribution's official repository it would be cleaned out quickly.
On 3rd party non-official repos.. anything is possible.

Spyware is software that is usually installed without your knowledge,
and can do many things including taking control of some aspects of
your computer, monitoring you usage and online behavior and so on.
Try installing an app in Linux.. you cannot do it without a password
and root access... this an app cannot sneak in without your knowledge
(social engineering and convincing you to install an unknown binary is
another issue).  The only way Spyware could slip is is via a
compromised app in the repositories.  Again, if ANY application in an
official repository was discovered to have Spyware, it would be
sanitized, and removed.

So lesson is... don't use unofficial repositories unless they are a
reputable source.

The whole principal and concept of open source is an inherent
protection for the user base.  The inquisitive types will and do look
into the source to see what it is doing.  These same people would be
the first to raise holy hell if they discovered anything out of the
ordinary.

The argument that virus writers have not targeted Linux purely because
it is a small target is a weak argument... a VERY weak argument.
There is a tiny element of truth to it, but the more realistic
argument is... it's hard... VERY hard to break into.a standard Linux
install.  The security model used in Linux is so different than that
in Windows, that it has no basis of comparison.  Everyone who quotes
the whole Linux doesn't have viruses etc because it's not popular
passes over the fact that a huge portion of the internet runs on
Linux.  If there ever was a bigger target... well I don't think there
is one currently.

Consider... assume you are a spammer and want to set up some kind of
"bot net".  If Linux was easily compromised, wouldn't it be better to
aim for the webservers instead`of the end users?  Compromise a couple
Linux mail servers and the world is your spammy oyster.... yet it
doesn't happen.  The weakest link is the OS with the horrible security
model.  The strongest link is the OS with the better (but obviously
not perfect) security model.

In the end, if you chose to run Linux (or OSX, FreeBSD etc), you are a
long ways ahead of the rest of the planet who are running Windows.  If
you do not arbitrarily forward emails with binary attachments to
Windows users, then you don't need any AntiVirus software.  If you are
concerned about people cracking into your computer and compromising
your system, you can use something like SELinux or AppArmor etc. to
lock things down even more than they already are.

C.