Hunting Down Virus Writers with F-Secure's Mikko Hypponen
Elizabeth Millard April 08 2004

[...]

ECT: What would it take to catch more malware writers?

Hypponen: Global Internet police that would have the expertise and the
jurisdiction needed to go after the virus writers ..

[...]

Hypponen: .. Any type of reaction-based solution simply will not work,
and this includes traditional antivirus.

[...]

ECT: If they're ineffective, why is it such a booming market?

Hypponen: Antivirus scanning is an easy concept to understand ..

[...]

ECT: What is currently the safest computer configuration for a home user?

Hypponen: Probably a Mac. That's what I would recommend. Coupled with
Xbox for games, you can't really beat it, and no virus problems!

ECT: Why do you think Macs are so protected?

Hypponen: It's mostly about market share .. The Mac system has
vulnerabilities and security holes just like Windows . Or Linux ...

- http://www.technewsworld.com/perl/story/33339.html
- unquote -

So in order to protect a flakey OS and your market share we have to
bring in a global gestapo that George Orwell would have
easily recognised. All to protect your bottom line.

Why not design an Operating System that don't get viruses ?

Daeron wrote:

> [...]
> - http://www.technewsworld.com/perl/story/33339.html
> [...]

What a load of bulls***.  It looks like he's getting worried about his 
job now that more and more people are switching away from Windows, to 
more secure OSes.

Does anyone remember that article posted on here some time ago written 
by someone involved in anti-virus software, predicting that GNU/Linux 
would die withing two years, which was written four or more years ago?

On 2004-04-08, Tom B. <tom@invalid.address> blubbered:
> Daeron wrote:
>
>> [...]
>> - http://www.technewsworld.com/perl/story/33339.html
>> [...]
>
> What a load of bulls***.  It looks like he's getting worried about his 
> job now that more and more people are switching away from Windows, to 
> more secure OSes.
>
> Does anyone remember that article posted on here some time ago written 
> by someone involved in anti-virus software, predicting that GNU/Linux 
> would die withing two years, which was written four or more years ago?

I don't remember that specific one. But there have been so many making
predictions like that for several years that it's hard for me to
believe anybody still pays any attention to them.

But the ezines and other "news" organizations still print the stock
regurgitation these same people spew over and over.

-- 
Never let it be said that Redmond doesn't respond swiftly to
repeated, gross humiliations.

Daeron wrote:

> Hunting Down Virus Writers with F-Secure's Mikko Hypponen
> Elizabeth Millard April 08 2004
> 
> [...]
> 
> ECT: What would it take to catch more malware writers?
> 
> Hypponen: Global Internet police that would have the expertise and the
> jurisdiction needed to go after the virus writers ..
> 
> [...]
> 
> Hypponen: .. Any type of reaction-based solution simply will not work,
> and this includes traditional antivirus.
> 
> [...]
> 
> ECT: If they're ineffective, why is it such a booming market?
> 
> Hypponen: Antivirus scanning is an easy concept to understand ..
> 
> [...]
> 
> ECT: What is currently the safest computer configuration for a home user?
> 
> Hypponen: Probably a Mac. That's what I would recommend. Coupled with
> Xbox for games, you can't really beat it, and no virus problems!
> 
> ECT: Why do you think Macs are so protected?
> 
> Hypponen: It's mostly about market share .. The Mac system has
> vulnerabilities and security holes just like Windows . Or Linux ...
> 

More of the same BS that's been floating around since 1998. Here we are in
2004 and Linux is being used on more and more servers (and desktops) every
day, yet no headline-making virus outbreaks? Same goes with Apple. Please
don't say it's market share, because there are some places that would be
ripe for a Mac virus attacks (graphic arts depts., schools, etc.).

The fact is, this whole argument is a red herring designed to take the heat
off of poor engineering on the part of Microsoft.


> So in order to protect a flakey OS and your market share we have to
> bring in a global gestapo that George Orwell would have
> easily recognised. All to protect your bottom line.

No, what I think needs to happen is that ISPs must identify customers whose
machines have been turned into zombies and cut off their Internet access
until they clean up their computers. I have a friend right now who's
getting 30 virus-infected messages a day from one Road Runner user. He's
complained to his ISP and to Road Runner, begging them to get this zombie
off his back. Their reply: There's nothing we can do.

Bull****! There IS something they can do but won't because they're more
interested in money than security.

> 
> Why not design an Operating System that don't get viruses ?

On Thu, 08 Apr 2004 14:09:28 -0400, Daeron wrote:


> Why not design an Operating System that don't get viruses ?


Oh now you're just being silly!


--
Chris: "Dad, what's a blowhole for?" 
Peter: "I'll tell you what it's NOT for and then you'll know why I can
never go back to Sea World."

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Fred Garvin scribbled these words at Sunday 11 April 2004 08:06:

> On Thu, 08 Apr 2004 14:09:28 -0400, Daeron wrote:
> 
> 
>> Why not design an Operating System that don't get viruses ?
> 
> 
> Oh now you're just being silly!

<sarcasm>But Microsoft is the only truly qualified operating systems
designer in the world - heck maybe the universe - and to-date even they
cannot produce a virus-resistent operating system.</sarcasm>

- -- 
Free Software Foundation (FSF) Associate Member
Association of Computing Machinery (Professional Member)
Registered Linux User 277671
SUSE Linux (Linux kernel 2.4.23) Elite-4 Zero-Footprint PC
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQFAeXNAnV55yPPu6X0RAsE4AJ4lsRx5YvP8N0V2coHc4PrdSnv5TQCcCzNW
m9DT+WeScgEpWdm5j55x8GY=
=1EtV
-----END PGP SIGNATURE-----

In comp.os.linux.advocacy, wolf
<wolf@member.fsf.org>
 wrote
on Sun, 11 Apr 2004 12:32:59 -0400
<npeec.246$1p3.107905072@news.nnrp.ca>:
>
> Fred Garvin scribbled these words at Sunday 11 April 2004 08:06:
>
>> On Thu, 08 Apr 2004 14:09:28 -0400, Daeron wrote:
>> 
>> 
>>> Why not design an Operating System that don't get viruses ?
>> 
>> 
>> Oh now you're just being silly!
>
> <sarcasm>But Microsoft is the only truly qualified operating systems
> designer in the world - heck maybe the universe - and to-date even they
> cannot produce a virus-resistent operating system.</sarcasm>

Well, there is the issue that if Linux dumps Microsoft from its
"majority" position, a fair number of people may be thrown out
of work; these would include

- Antivirus software writers.
- Defragmenter developers.
- Visual Basic trainees (although one might feel sorry for them and
  teach them PHP)
- DirectX game developers (one might learn SDL or OpenGL here)
- Excel macro developers (the legit ones, that is, not the script kiddies)
- FrontPage developers & FrontPage users (although one might learn
  other IDE-based systems -- Bluefish is the only one that comes to mind,
  and that doesn't handle JavaScript)
- Access users/developers.  (Anyone for a rehash of MySQL vs. Postgres? :-) )
- Win32 developers.  (These are a dying breed, regardless; MS will
  completely replace Win32 with something in about 2005.  I forget its name.)

Oh, the horror.

>
> - -- 
> Free Software Foundation (FSF) Associate Member
> Association of Computing Machinery (Professional Member)
> Registered Linux User 277671
> SUSE Linux (Linux kernel 2.4.23) Elite-4 Zero-Footprint PC


-- 
#191, ewill3@earthlink.net
It's still legal to go .sigless.

The Ghost In The Machine wrote:

> - Antivirus software writers.
> - Defragmenter developers.

Atleat ext3 still gets horribly fragmented in some situations. I would
welcome a defragmentable fs on linux for the newsserver, other than the old
backup-wipe-restore procedure :-)

> - Visual Basic trainees (although one might feel sorry for them and
>   teach them PHP)

They'll suffer with kylix or kdevelop...

In comp.os.linux.advocacy, Jan Knutar
<shadowjksp@yahoo.se>
 wrote
on Tue, 13 Apr 2004 22:14:26 +0300
<ipqtk1-i3t.ln1@breadbin.mine.nu>:
> The Ghost In The Machine wrote:
>
>> - Antivirus software writers.
>> - Defragmenter developers.
>
> Atleat ext3 still gets horribly fragmented in some situations. I would
> welcome a defragmentable fs on linux for the newsserver, other than the old
> backup-wipe-restore procedure :-)

Hm...an interesting problem, that.  Admittedly a lot depends on the expiry
schedules.

One obvious question, of course, is how the access patterns develop.
I have an old newsspool (well, old to me, anyway) that I manage using
leafnode; the dates indicate I've had this since June of last year.

>
>> - Visual Basic trainees (although one might feel sorry for them and
>>   teach them PHP)
>
> They'll suffer with kylix or kdevelop...
>

Oooh, such suffering.  Mind you, I don't have kylix so can't comment
thereon (though Gentoo does offer x11-libs/kylixlibs3-borqt, whatever
that is; looks like a development library instead of an IDE).
I'm not that much of a fan of KDE so don't use kdevelop that much,
but I have used it, and it's got quite a bit of capability.

-- 
#191, ewill3@earthlink.net
It's still legal to go .sigless.

The Ghost In The Machine wrote:

>> Atleat ext3 still gets horribly fragmented in some situations. I would
>> welcome a defragmentable fs on linux for the newsserver, other than the
>> old backup-wipe-restore procedure :-)
> 
> Hm...an interesting problem, that.  Admittedly a lot depends on the expiry
> schedules.
> 
> One obvious question, of course, is how the access patterns develop.
> I have an old newsspool (well, old to me, anyway) that I manage using
> leafnode; the dates indicate I've had this since June of last year.

With leafnode, the problem is storing hundred thousand posts as single files
:)
For example, du -sh on my /var/spool/news takes about 10 minutes. Spool on
ReiserFS. Wasn't noticeable faster or slower on ext3, ext2. XFS and JFS
were overall marginally faster, but for certain operations they both
crawled to almost stand still slow.

I tried Theodore Ts'o's spd_readdir.c (seen on LKML, google is your friend), 
which sped up du -sh to a minute and a half. Similarily, backing up with
tar went from 40 minutes to a mere 10 minutes, making it almost cpu bound
but not quite (50% cpu util) However, texpire crashes when I use
spd_readdir.c :)

For the truly horrificly slow case, spool on iso9660+RR+Joliet fs, image on
hd, du -sh ran for a day (with 99% SYS load) before I killed it :)


Another impossible scenario:

BitTorrent.

Say you have a few downloads going. ISO size. Bittorrent creates full 700
meg file, sparsely, and begines to populate it in random order.
With several BT's each filling in some sparse files randomly, fragmentation
gets so bad, that the otherwise >30meg per second harddrive can't provide
data fast enough even for a 4X burn. :-)

BT would of course be fixed by not using sparse files, since they'll be
filled in eventually anyway, removing the capability of starting huge
download before available diskspace is there, though.