More Rebuttals to Latest GNU/Linux Security FUD

Dr. Roy Schestowitz

2010-06-16 09:08:38 UTC
Modified: 2010-06-16 09:08:38 UTC

Summary: Linux backdoor? Not so fast, say people who are familiar with the issue

THIS subject has come up quite frequently in the IRC channel. We addressed this in a previous post, but in the interest of FUD-fighting, here's more:

i. Gnu/Linux Infection Is Unreal

Windows world is still the same, nothing has changed from security point of view other than more bloated systems. The entire security industry thrive on Windows platform -- if there is no Windows there is no security industry. Security firms hate Gnu/Linux, they love Windows, they want Windows – to survive.

There is no lesson to be learned from Windows peers, if you know the nature of this flaw, it is quite different from the flaws of poros Windows Machines.

So what happened here? Some cracker wrote a virus and send it to you through an email and you installed it by clicking on it? No, nothing as dramatic as it happens in Windows world. It was actually so boring you may not even want to read it.

ii. Trojaned App Demonstrates Need for Better Practices, Not More FUD

The Unreal team handled it pretty well, in my opinion. They embraced the suck and made a clear announcement free of blame or denial--an announcement that also pointed out how to confirm the trojaned version and how to replace the trojaned version with the clean version. This is not, I should emphasize, the worst exploit ever: "This backdoor allows a person to execute any command with the privileges of the user running the ircd. The backdoor can be executed regardless of any user restrictions (so even if you have passworded server or hub that doesn't allow any users in)."

iii. Rootkits: Hiding in Windows shadows

While rootkit problems still exist in Unix and Linux, they're far more common in Windows. That's in part because the Unix operating family has many built in system monitoring and logging tools. In other words, while Unix and Linux can be attacked this way, it's a lot harder to pull off without leaving tracks.

This hopefully provides 'ammunition' for those who come across the latest bit of FUD that Microsoft boosters use against GNU/Linux in their blogs. They hope to suppress migrations to GNU/Linux (like Google's) which are motivated by security. ⬆

Recent Techrights' Posts

'Confidential Computing'? More Like a Giant Back Door.: CacheWarp AMD CPU Attack Grants Root Access in Linux VMs
Cybercrimes and Online Abuse From Extremists and Militants on a VPN/Tor: A straitjacket or lobotomy won't solve this issue
Links 02/12/2023: Pfizer Sued for Lies About Efficacy, Censorship of Scientific Dissent, More Pfizer Layoffs: Links for the day
Selling Free Software: by Richard Stallman
IRC Proceedings: Saturday, December 02, 2023: IRC logs for Saturday, December 02, 2023
Links 03/12/2023: CRISPR as Patented Minefield, Lots of Greenwashing Abound: Links for the day
Over at Tux Machines...: GNU/Linux news
Professor Eben Moglen: In 1991 Richard Stallman Thought GNU/Linux Was Doomed Due to Software Patents: Back when Linus Torvalds was about to release Linux Prof. Moglen and Dr. Stallman had already spent years developing GNU and refining its licence, the GPL, which Linux would later adopt
Montana’s TikTok Ban Was to Protect Free Speech and the United States' First Amendment: TikTok does not embrace Free speech
GNU/Linux Surges to Almost 4% Worldwide on Desktops/Laptops, 2% in Latest Steam Survey (Ubuntu Not the Top Distro): We've fortunately bet on a winning platform
Links 02/12/2023: ChatGPT Drowns in Bad Press, Censorship Worldwide Increases Some More: Links for the day
[Meme] Screenshots of Web Pages (Relevant to One's Article) Are Not Copyright Infringing Anywhere in the World: bullying and hate crimes
IRC Proceedings: Friday, December 01, 2023: IRC logs for Friday, December 01, 2023
A Year of Doing Techrights 'Full Time': been a year!
Microsoft and Its Boosters Worsen Linux Security: The circus goes on and on
Links 01/12/2023: Facebook Infested With Malicious Campaigns by Imposters, ACLU Gives Advice on Doxxing and Online Harassment: Links for the day
Just Like Its Budget Allocation, the Linux Foundation Devotes About 3% Of Its Latest Newsletter to Linux, Devotes More to Linux's Rivals: It's just exploiting the brand
Links 01/12/2023: Google Invokes Antitrust Against Microsoft: Links for the day
Over at Tux Machines...: GNU/Linux news
UK Government Allowing Microsoft to Take Over Activision Blizzard Will Destroy Jobs: Over 30,000 fired this year? More?
It's Cheaper to Pay Bribes (and Produce Press Releases) Than to Pay Fines (After Lots of Negative Publicity): Does the UK still have real sovereignty or do corporations from overseas purchase decisions and outcomes?
November 2023 Over With GNU/Linux at All-Time Highs According to statCounter: ChromeOS+GNU/Linux combined are about 7% of the "market"
New Report Provides Numerical Evidence That Google Hired Too Many People From Microsoft (and Became Malicious, Evil, Sociopathic): "Some 12,018 former Microsoft employees currently work for the search and data giant"
Google: Keep Out, Don't Save Your Files, and Also Let Us Spy on Everything You Do: Do you still trust "clown" storage?
IRC Proceedings: Thursday, November 30, 2023: IRC logs for Thursday, November 30, 2023
Links 01/12/2023: Many Suppressions in Hong Kong and Attempts to Legitimise Illegal and Unconstitutional Fake Patent 'Court' in EU (UPC): Links for the day