Felix Stalder on Fri, 12 May 2000 19:17:44 +0200 (CEST)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Nettime-bold] Re: <nettime> Viruses on the Internet: Monoculture breedsparasites

I'm not a technician, but I doubt that the reasons why there has never been
a virus for  linux or only very few for apple is due to the technical
superiority of these systems. I suspect that this has more to do with a
cooperative user culture and a different rate of distribution.

There are many other ways to create and spread viruses than as email
attachments. A recent post in Phil Agre's RRE describes a virus that would
run on any machine and does not need users to activate it. This virus has
been designed to achieve the following characteristics:

1: Portability - worm must be architecture-independent, and should work on
   different operating systems (in fact, we focused on Unix/Unix-alikes, but
   developed even DOS/Win code).

2: Invisibility - worm must implement stealth/masquerading techniques to hide
   itself in live system and stay undetected as long as it's possible.

3: Independence - worm must be able to spread autonomically, with no user
   interaction, using built-in exploit database.

4: Learning - worm should be able to learn new exploits and techniques
   instantly; by launching one instance of updated worm, all other worms,
   using special communication channels (wormnet), should download updated

5: Integrity - single worms and wormnet structure should be really difficult
   to trace and modify/intrude/kill (encryption, signing).

6: Polymorphism - worm should be fully polymorphic, with no constant
   portion of (specific) code, to avoid detection.

7: Usability - worm should be able to realize choosen mission objectives -
   eg. infect choosen system, then download instructions, and, when
   mission is completed, simply disappear from all systems.


That fact that Outlook doesn't run on Linux will help you less than the
fact that there are few geeks willing to destroy the Linux culture.


>On Wed, May 10, 2000 at 05:19:37PM -0400, Felix Stalder wrote:
>> Scott Culp, from the Microsoft Security Response Center was, in a sense,
>> right when he told the same newspaper: "This is a general issue, not a
>> Microsoft issue. You can write a virus for any platform."
>This is simply false.  If your mail program doesn't run executables
>that it receives, there is no way that anyone can write a virus for
>your platform.
>My home computer is running Linux; my mail-retrieval utility is
>Fetchmail, and my mail agent is Mutt.  These programs simply do not
>run executables that they receive.  There is no reason that they
>should.  If someone sends me a program, and I want to run it, I'm
>perfectly capable of doing that myself.  It's completely absurd for a
>mail agent to make that decision for the user.
>There are no viruses for Linux because Microsoft Outlook doesn't run
>on Linux.  It's that simple.
>Benjamin Geer
>Software Engineer

Les faits sont faits.

Nettime-bold mailing list