| Felix Stalder on Sat, 13 May 2000 00:28:59 +0200 (CEST) |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: <nettime> Viruses on the Internet: Monoculture breeds parasites |
I'm not a technician, but I doubt that the reasons why there has never been a virus for linux or only very few for apple is due to the technical superiority of these systems. I suspect that this has more to do with a cooperative user culture and a different rate of distribution. There are many other ways to create and spread viruses than as email attachments. A recent post in Phil Agre's RRE describes a virus that would run on any machine and does not need users to activate it. This virus has been designed to achieve the following characteristics: 1: Portability - worm must be architecture-independent, and should work on different operating systems (in fact, we focused on Unix/Unix-alikes, but developed even DOS/Win code). 2: Invisibility - worm must implement stealth/masquerading techniques to hide itself in live system and stay undetected as long as it's possible. 3: Independence - worm must be able to spread autonomically, with no user interaction, using built-in exploit database. 4: Learning - worm should be able to learn new exploits and techniques instantly; by launching one instance of updated worm, all other worms, using special communication channels (wormnet), should download updated version. 5: Integrity - single worms and wormnet structure should be really difficult to trace and modify/intrude/kill (encryption, signing). 6: Polymorphism - worm should be fully polymorphic, with no constant portion of (specific) code, to avoid detection. 7: Usability - worm should be able to realize choosen mission objectives - eg. infect choosen system, then download instructions, and, when mission is completed, simply disappear from all systems. <http://commons.somewhere.com/rre/2000/RRE.worm.design.html>. That fact that Outlook doesn't run on Linux will help you less than the fact that there are few geeks willing to destroy the Linux culture. Felix >On Wed, May 10, 2000 at 05:19:37PM -0400, Felix Stalder wrote: >> Scott Culp, from the Microsoft Security Response Center was, in a sense, >> right when he told the same newspaper: "This is a general issue, not a >> Microsoft issue. You can write a virus for any platform." > >This is simply false. If your mail program doesn't run executables >that it receives, there is no way that anyone can write a virus for >your platform. > >My home computer is running Linux; my mail-retrieval utility is >Fetchmail, and my mail agent is Mutt. These programs simply do not >run executables that they receive. There is no reason that they >should. If someone sends me a program, and I want to run it, I'm >perfectly capable of doing that myself. It's completely absurd for a >mail agent to make that decision for the user. > >There are no viruses for Linux because Microsoft Outlook doesn't run >on Linux. It's that simple. > >Benjamin Geer >Software Engineer ------------------------------------------ Les faits sont faits. http://www.fis.utoronto.ca/~stalder # distributed via <nettime>: no commercial use without permission # <nettime> is a moderated mailing list for net criticism, # collaborative text filtering and cultural politics of the nets # more info: majordomo@bbs.thing.net and "info nettime-l" in the msg body # archive: http://www.nettime.org contact: nettime@bbs.thing.net