Bonum Certa Men Certa

Symantec Lies About GNU/Linux

Kent Hovind mug shot
Symantec: the Kent Hovind of security?
(mug shot of Kent Hovind courtesy of Escambia
County Sheriff's Office after his arrest)



Summary: In order to sell some products, Symantec spreads GNU/Linux fear based on misinformation

EVERY once in a while Symantec aims its FUD pistol at some innocent element of computing which Symantec claims has a problem (and Symantec of course offers a solution to this problem). We have already explained this business strategy (using examples that misuse Free software [1, 2]), which characterises many quacks and pseudo-science. That's why we put Kent Hovind at the top, for those who still wonder.



An issue which we discussed earlier today in IRC is the latest stunt from Symantec, which is probably best deconstructed and explained by Slashdot user "superapecommando" who submits:

The latest MessageLabs Intelligence Report from Symantec Hosted Services is filled with interesting and useful information regarding the current state of malware and e-mail borne threats as well as the trends over time. Of particular interest to me is the assertion in the report that "any given Linux machine is five times more likely to be sending spam than any given Windows machine."

A pretty clear case of sensationalist metrics from a company which wants to sell their hosted security solutions to Linux box admins. But one interesting thing that comes out of the story is that many of the security researchers believe that misconfigured POSTFIX and SENDMAIL installations are cloaking the actual amount of spam coming from infected Windows hosts.


Desktops that unleash vast amounts of SPAM actually run Windows and one in two Windows PCs is believed/estimated to be a zombie (either active or not). GNU/Linux drives many mail servers, so if it obeys a request from a Windows zombie, then it will deliver SPAM. Should GNU/Linux therefore be blamed? Of course not. It's just very good at delivering mail.

“GNU/Linux drives many mail servers, so if it obeys a request from a Windows zombie, then it will deliver SPAM.”Quoting Symantec a little further from its 'report' (which assumes bogus numbers about the market share of GNU/Linux), "by calculating a ratio of spam from a given operating system compared to the market share, we can get a “spam index” which shows relative to its market share, the likelihood that a particular computer is sending spam, based on its operating system. In the current spam climate, this index shows that relative to its market share, any given Linux machine is five times more likely to be sending spam than any given Windows machine..."

Another translation was sent to us by a reader who says: "Despite a total lack of evidence and being unable to detect the source OS of spam, we conclude that Linux machines are sending more SPAM because there are less of them."

As our IRC logs will show later today (fragment posted below), there are even better explanations for that.




Techrights logo

IRC: #boycottnovell @ FreeNode: May 9th, 2010

Join us now at the IRC channel.

tessier__http://www.v3.co.uk/v3/news/2262681/botnets-exploit-linux-ownersMay 10 09:29
tessier__Someone is smoking crack.May 10 09:29
tessier__crapMay 10 09:31
schestowitzWindows is not used much for E-mailMay 10 09:31
tessier__There is something fishy about that websiteMay 10 09:31
schestowitzWhich one?May 10 09:31
schestowitzV3?May 10 09:31
tessier__Not intentionally, no. But that's what the botnets are doing with Windows: sending mailMay 10 09:31
tessier__YeahMay 10 09:31
schestowitzVNUNEt?May 10 09:31
tessier__Have you heard of v3 before?May 10 09:31
tessier__I never have.May 10 09:31
schestowitzYesMay 10 09:31
schestowitzLinux relays spamMay 10 09:32
schestowitzIt runs mail serversMay 10 09:32
schestowitzIt does what it's supposed to doMay 10 09:32
schestowitzWhich is to relay requestsMay 10 09:32
tessier__I cannot post a comment on that site. The captcha does not work. No matter what you put in there it does not accept it.May 10 09:32
tessier__Linux by default is not an open relay.May 10 09:32
schestowitzI wonder what sends those requests thoughMay 10 09:32
tessier__No distro ships their mail servers that way.May 10 09:32
schestowitzIt's spammersMay 10 09:32
tessier__it will deliver the spam to you that someone injected via a Windows box though.May 10 09:33
schestowitzThey use open relaysMay 10 09:33
schestowitzRunning Linux because it's betterMay 10 09:33
tessier__Open relays are hard to find these days.May 10 09:33
schestowitzThey get blacklistedMay 10 09:33
tessier__And spammers don't run open relays either. They don't want other spammers stealing their resources.May 10 09:33
schestowitzWhat was that list that gather IPs of spam relays?May 10 09:33
schestowitzmany services used to look it up and in 2008 it had sustainability issuesMay 10 09:33
tessier__Whenever I have investigated IP addresses that were sending me spam it was Windows boxes.May 10 09:33
tessier__There are lots of DNSBLsMay 10 09:34
tessier__And they operate quite successfullyMay 10 09:34
tessier__SORBS is one of the big ones these daysMay 10 09:34
schestowitzI can't recall the one I think about. Articles about it were widespread 2 years ago.May 10 09:34
*schestowitz creates http://techrights.org/wiki/index.php/FacebookMay 10 09:35
TechrightsTitle: Facebook - Techrights .::. Size~: 12.91 KBMay 10 09:35
tessier__There have been quite a fewMay 10 09:35
-BNtwitter/#boycottnovell-[popey] Mark proposes that 10.10 is released on Sunday 10th October 2010. Where 101010 = 42 = Meaning of Life / Universe / Everything!May 10 09:37
-BNtwitter/#boycottnovell-[nsisodiya] need a student volunteer for modifying C++ book #schoolosMay 10 09:40
*benJIman has quit (Ping timeout: 252 seconds)May 10 09:42
-BNtwitter/#boycottnovell-[popey] There will be no public ISO of #Ubuntu Light with Unity, but will be tailored specifically for OEMs.May 10 09:49
-BNtwitter/#boycottnovell-[davidgerard] From @cracked - 5 Insane File Sharing Panics from Before the Internet - http://tinyurl.com/2ubthnwMay 10 09:53
TechrightsTitle: 5 Insane File Sharing Panics from Before the Internet | Cracked.com .::. Size~: 81.74 KBMay 10 09:53
-BNtwitter/#boycottnovell-[satipera] Liberal Democrat negotiations with Labour look likely if Brown goes quickly.May 10 09:55
*narendra (~79f5e1b0@gateway/web/freenode/x-xaqdkqksysommyyc) has joined #boycottnovellMay 10 10:08
narendrawhere I can upload secrect document anonymousy ? May 10 10:08
narendrawikileaks is not working i think !!May 10 10:08
tessier__http://موقع.وزارة-الاتصالات.مصر/Default.aspxMay 10 10:16
tessier__Awesome.May 10 10:16
*benJIman (~benji@benjiweber.co.uk) has joined #boycottnovellMay 10 10:17
MinceRi'm not so enthusiastic about it.May 10 10:17
*benJIman has quit (Client Quit)May 10 10:17
tessier__Why not?May 10 10:17
*benJIman (~benji@benjiweber.co.uk) has joined #boycottnovellMay 10 10:17
MinceRbecause it allows even more domains that are difficult to type, read and compareMay 10 10:18
MinceRIDN already lets you create identical-looking but distinct domains that can confuse users trying to check whether a certificate really applies to a supposedly secure connection.May 10 10:18
MinceRdomain names used to be easy to handle (as such names should be)May 10 10:19
MinceR7bit US-ASCII should have been enough.May 10 10:19
tessier__SSL CA was broken from the beginning anyway. This doesn't make things any worse.May 10 10:21
tessier__Everyone just clicks ok regardless.May 10 10:21
tessier__Although I am curious to know how you would work that sort of thing into a bind zone file.May 10 10:21
MinceRno, not everyone.May 10 10:26

Comments

Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
 
Sainsbury's: It Takes Us Up to Two Days to Respond to Customers Upon Escalation (and Sometimes Even More Than Two Days)
It not only does groceries but also many other things, even banking
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day