Archive for the ‘Linux’ Category

A recently discovered piece of malware that infects both Windows and Linux systems has been analyzed by Kaspersky. The media is all fired up about this, giving it international coverage and even inspiring commentary from SANS.

Given the attention, it begs the question, “how likely is it that a cross-platform worm or virus will actually survive and prosper?” Despite what some other folks are saying, I think it’s pretty unlikely. Why is that, you ask? Because a tremendous number of folks outside of the virus-writing world are working on maximizing portability and to-date we don’t have native code that runs on multiple platforms. That’s why we have Java, .NET, and virtualization. Trying to do anything other than very simple tasks increases the overhead requried for portability tremendously. This particular piece of malware, for example, is extremely rudimentary – it manipulates files to replicate and it relies only on the most basic of operating system services. Trying to do anything more complex: opening a socket, embedding itself in the OS, stealth techniques, etc. are all orders of magnitude more complex than basic file manipulation.

So, my advice is not to panic about this. Not that cross-platform malware can’t be created (it can – take the iis/sadmind worm), but it’s unlikely that this proof-of-concept heralds a new breed of malware as some sources are saying.

This article from BetaDot came across my inbox this morning. When I saw the title, “Linux Vs. Windows Security: How About The Truth?”, I was very interested. I think there’s an opportunity here for someone to “crack the nut open.” There are two camps out there: the “Linux is more secure” and the “Windows is more secure.” Both are vocal, both have “independent analysis” to back their position (both paid and unpaid,) and both have reasoned and considered arguments. I, for one, would like to see a definitive analysis on this topic. This article is not it.

This article claims to be about “the truth”, but the content doesn’t live up. In short, we don’t have any “truth” – just opinion. There’s no case built describing why one security model is better than the other, no facts, no tests, no analysis. Take this paragraph for example:

The general design of Linux gives it an inherited security boost. Where Windows looks like it was a little hacked together, a bunch of different ideas stacked on top of each other in attempt to make something that