Here is part of a thread on a Windows mailing list. Is it
true?

------------------------------------
On 29 Nov 2003 at 16:28, Russ wrote:

> No system is totally secure, however Linux takes more
> than the usual script kiddies to get a virus going.

This is just plain wrong.

> ... The UNIX system (Linux/Mac/BSD) has it's security
> built into the OS. Whereas Windows does not.

This is also wrong.  It appears that you don't know much
about either the strength of the security machinery in
XP/2k or how easy it would be to do a 'windows style' virus
on Unix.


> Therefore I must disagree with you here, UNIX systems are
> no where near as susceptible to the sorts of viruses that
> plague Windows systems (unless the knucklehead is running
> as root, then he deserves what he gets).

Again wrong.  It is trivial to put together a script
that'll do a 'find', poke through the files it finds to
look for email addresses.  It can use 'at' to make the
unwary user less likely to know it is there.  The available
machinery on the average Unix system [awk, sed, grep, find,
perl, access to 'at' [which is restricted on XP], the
ability to fire up servers and make outgoing connections
and generally misbehave on the network [I suspect almost no
Unix users know how to properly configure IPchains to
prevent a random process from accessing the network
improperly].

You can hack the user's 'PATH' and plant a bunch of trojans
and hope you can sucker the user into typing 'su' [not to
mention that once you're running, you can examine which
system you're on and then 'phone home' and download a
package that would try some of the scores of
privilege-escalating vulnerabilities all over Unix].  Lots
of assorted tricks to 'hide' on the system and keep
running, even after a reboot [consider a program that just
does a quick 'ed' edit to your .profile].  It can course
through the system configuration [invariably readable to
nonprivileged users] to see if you're running any servers
and check their configs to see if you messed anything up... 

Altogether, Unix is a minefield for the unwary, even when
not running as root (nothing I mentioned above requires
root privileges).

IMO, you're *MUCH* safer [but you can still shoot yourself
[and probably others!] in the foot!!] running in a
limited/unprivileged account on a properly configured XP/2K
than you are running non-root on a properly configured Unix
variant.

The only real difference [especially considering that Unix
has *less* *good* security machinery than 2K/XP does!] is
that Windows has some astoundingly poorly conceived
applications together with some incredibly clueless and/or
naive users.  When Unix gets millions of the sort of
gullibile/unthinking users that Windows has and they start
demanding clients as security-poorly designed as OE is,
Unix'll have the same problems, and in spades, that Windows
does.

-- 
Pete Holsberg -- Columbus, NJ 08022
NOTE: To get email address, remove "nospam."

On Sun, 30 Nov 2003 02:02:47 GMT, Pete Holsberg <pjh@nospam.mccc.edu> wrote:
> 
> 
> Here is part of a thread on a Windows mailing list. Is it
> true?
> 

It's garbage. What would you expect on a MicroSoft newsgroup?

If you are another Windoze Weenie troll, you won't get any satisfaction

here. 

AC

Alan Connor wrote:
> On Sun, 30 Nov 2003 02:02:47 GMT, Pete Holsberg <pjh@nospam.mccc.edu> wrote:
> 
>>
>>Here is part of a thread on a Windows mailing list. Is it
>>true?
>>
> 
> 
> It's garbage. What would you expect on a MicroSoft newsgroup?
> 
> If you are another Windoze Weenie troll, you won't get any satisfaction
> 
> here. 
> 
> AC
> 

YOU just started the troll

Pete Holsberg <pjh@nospam.mccc.edu> said:
>Here is part of a thread on a Windows mailing list. Is it
>true?

The author seems to state that a Unix system is easily programmed to
perform various tasks - and this is correct.

>The only real difference is that Windows has some astoundingly poorly
>conceived applications together with some incredibly clueless and/or
>naive users.

And this is correct as well - large part of the security problems
have arosen from poor application design (in some cases, overdoing
user-friendliness).

What I didn't see the author to consider were the recent remotely
exploitable vulnerabilities found in Windows OS components (RPC).
Lately these have made a big difference. It's good to remember,
though, that there has been similar problems on Unix systems as
well (ok, depending what all you consider OS components, but f.ex.
sendmail has had vulnerabilities to allow remote root compromise).

So, there are two (2 1/2, perhaps) cases to consider:
- what can you trick an authorised user to do on the machine
  - what all do pieces of "helpful" programs do on behalf
    of the user/behind the user's back
- what can you accomplish remotely without any authentication

For the first, I'd consider the possible consequences more or less
the same (supposing that the user is not logged in with administrative
privileges).

For the sub-point, there Windows environment is much worse than Unix;
programs often are over-automated -- causing security problems when
carelessly handling data coming from untrusted sources.

For the last item, I consider Unix variants to have mostly matured over
these problems. Some "new" ones are still found, but apparently nothing
to create an epidemy. This is partly because the smaller installed
base, but also because of greater variety of Unix systems: several
slightly different Unix variations running on several different CPUs -
which makes writing the exploit code harder.

Also default set-ups of at least some Unix (and -like) systems are
less of a christmas tree when connected to the network when compared
to a Windows machine. Of course, there still are some that have
everything possible enabled after default installation, but I think
even these are slightly getting better.
-- 
Wolf  a.k.a.  Juha Laiho     Espoo, Finland
(GC 3.0) GIT d- s+: a C++ ULSH++++$ P++@ L+++ E- W+$@ N++ !K w !O !M V
         PS(+) PE Y+ PGP(+) t- 5 !X R !tv b+ !DI D G e+ h---- r+++ y++++
"...cancel my subscription to the resurrection!" (Jim Morrison)

In article <10701577671416709301-1@lawrenceville.mccc.edu>,
Pete Holsberg  <pjh@nospam.mccc.edu> wrote:
>Here is part of a thread on a Windows mailing list. Is it
>true?
>
>------------------------------------
>On 29 Nov 2003 at 16:28, Russ wrote:
>
>> No system is totally secure, however Linux takes more
>> than the usual script kiddies to get a virus going.
>
>This is just plain wrong.
....
>do a 'find', poke through the files...
....
>ability to fire up servers and make outgoing connections
....
>You can hack the user's 'PATH' and plant a bunch of trojans

etc.

This is factually true.  But at least when I'm reading e-mail in Pine it 
would require me to save an attached script, chmod u+x it, and then run 
it.  Once I've given a script run permission and then run it, it can do 
everything I could do.

It wouldn't run automatically as a preview.  Maybe there are Unix mail 
readers that will run an attachment when you click on it, but I don't know 
of any.

On the other hand, I get hundreds of Windows viruses *per day* in e-mail, 
and I don't recall ever getting a single Unix hack.

-- 
"'No user-serviceable parts inside.'  I'll be the judge of that!"

Alan Connor <zzzzzz@xxx.yyy> wrote:
> On Sun, 30 Nov 2003 02:02:47 GMT, Pete Holsberg <pjh@nospam.mccc.edu> wrote:
>> 
>> 
>> Here is part of a thread on a Windows mailing list. Is
>> it true?
>> 
> 
> It's garbage. What would you expect on a MicroSoft
> newsgroup?

In what ways is it garbage?

> If you are another Windoze Weenie troll, you won't get
> any satisfaction here.

Far from it, AC. I'm a former Unix sysadm who has been away
from Unix too long to refute the guy myself.

-- 
Pete Holsberg -- Columbus, NJ 08022
NOTE: To get email address, remove "nospam."

Pete Holsberg wrote:

> In what ways is it garbage?

For one thing, the original writer doesn't seem to know what a virus is.
His comments have nothing to do with the normal mechanisms by which
computer viruses infect a machine:  He seems to be mixing up dedicated
system crackers with viruses.

-- 
   Erik Max Francis && max@alcyone.com && http://www.alcyone.com/max/
 __ San Jose, CA, USA && 37 20 N 121 53 W && &tSftDotIotE
/  \ 
\__/ You've got me wondering / If you know that I am wondering about
    you -- India Arie

glhansen@steel.ucs.indiana.edu (Gregory L. Hansen) wrote in message news:<bqcssg$hi3$2@hood.uits.indiana.edu>...
> In article <10701577671416709301-1@lawrenceville.mccc.edu>,
> Pete Holsberg  <pjh@nospam.mccc.edu> wrote:
> >Here is part of a thread on a Windows mailing list. Is it
> >true?
> >
> >------------------------------------
> >On 29 Nov 2003 at 16:28, Russ wrote:
> >
> >> No system is totally secure, however Linux takes more
> >> than the usual script kiddies to get a virus going.
> >
> >This is just plain wrong.
>  ...
> >do a 'find', poke through the files...
>  ...
> >ability to fire up servers and make outgoing connections
>  ...
> >You can hack the user's 'PATH' and plant a bunch of trojans
> 
> etc.
> 
> This is factually true.  But at least when I'm reading e-mail in Pine it 
> would require me to save an attached script, chmod u+x it, and then run 
> it.  Once I've given a script run permission and then run it, it can do 
> everything I could do.
> 
> It wouldn't run automatically as a preview.  Maybe there are Unix mail 
> readers that will run an attachment when you click on it, but I don't know 
> of any.
> 
> On the other hand, I get hundreds of Windows viruses *per day* in e-mail, 
> and I don't recall ever getting a single Unix hack.
**
I have been using MSCrap since 1982, and have yet to see anything
worth paying for.  I get better value for my money paying for a liinux
distribution than receiving MSCrap for free.

Walt R.