Sophos Anti Virus
Tim
ignored_mailbox at yahoo.com.au
Sun May 16 04:25:36 UTC 2010
On Sat, 2010-05-15 at 14:52 -0700, Antonio Olivares wrote:
> this is not windows, we can be safer and we can rest assured that we
> will be careful not to shoot ourselves in the foot :)
The philosophy behind Linux, generally, makes things a lot better for
us. With Linux, when a fault is found, it's generally fixed up. So
that some vulnerability from two years ago is water off a duck's back to
us, by now. Linux isn't afraid to break other applications to fix up a
fault, since those other applications can always be fixed, too. The
mentality is that is what you'll have to do, so it happens. And this is
a much better approach that trying to hide the target behind a flimsy
shield. The concept of not running as root because you DO NOT NEED to
run as root, certainly helps, too.
I don't ever recall seeing Windows get patched to fix up a virus
vulnerability, and I doubt it's possible, considering the HUGE number of
exploits (how many thousands of viruses by now?). If it were
compromiseable last year, it still is now. And I've seen that sort of
thing with other people's Windows boxes which get stung by old viruses
(even while running anti-virus software!). They won't change things to
fix a fault if it'll break other things, and that leaves you in the
lurch.
Sure, you see some patches about closing some exploits in some software,
such as the web browser, but the underlying OS remains the same. And so
do many of the vulnerable applications. With all of them relying on
(far less effective than it really needs to be) protective software to
try and deflect the onslaught.
Though all the protective software in the world isn't going to work
against damn fool users. Who install completely unknown software on
someone else's computer, ignore warnings, who even turn off protective
software under the instructions of the malware author, and practice no
common sense against social engineering exploits.
The attitudes of the computer illiterate, even some of the computer
literate, about the malware seems to be divided between not really
caring, and simply relying on the anti-malware (despite witnessing it
fail, time and time again). The concept of actually fixing the problem
sounds like heresy to them. The main exploit was always the buffer
overflow, and you think more effort would be put into not letting that
happen, but I see no evidence of that. It's still the main exploit.
--
[tim at localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686
Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.
More information about the users
mailing list