More Rebuttals to Latest GNU/Linux Security FUD
- Dr. Roy Schestowitz
- 2010-06-16 09:08:38 UTC
- Modified: 2010-06-16 09:08:38 UTC
Summary: Linux backdoor? Not so fast, say people who are familiar with the issue
THIS subject has come up quite frequently in the IRC channel. We
addressed this in a previous post, but in the interest of FUD-fighting, here's more:
i.
Gnu/Linux Infection Is Unreal
Windows world is still the same, nothing has changed from security point of view other than more bloated systems. The entire security industry thrive on Windows platform -- if there is no Windows there is no security industry. Security firms hate Gnu/Linux, they love Windows, they want Windows – to survive.
There is no lesson to be learned from Windows peers, if you know the nature of this flaw, it is quite different from the flaws of poros Windows Machines.
So what happened here? Some cracker wrote a virus and send it to you through an email and you installed it by clicking on it? No, nothing as dramatic as it happens in Windows world. It was actually so boring you may not even want to read it.
ii.
Trojaned App Demonstrates Need for Better Practices, Not More FUD
The Unreal team handled it pretty well, in my opinion. They embraced the suck and made a clear announcement free of blame or denial--an announcement that also pointed out how to confirm the trojaned version and how to replace the trojaned version with the clean version. This is not, I should emphasize, the worst exploit ever: "This backdoor allows a person to execute any command with the privileges of the user running the ircd. The backdoor can be executed regardless of any user restrictions (so even if you have passworded server or hub that doesn't allow any users in)."
iii.
Rootkits: Hiding in Windows shadows
While rootkit problems still exist in Unix and Linux, they're far more common in Windows. That's in part because the Unix operating family has many built in system monitoring and logging tools. In other words, while Unix and Linux can be attacked this way, it's a lot harder to pull off without leaving tracks.
This hopefully provides 'ammunition' for those who come across the latest bit of FUD that Microsoft boosters use against GNU/Linux in their blogs. They hope to suppress migrations to GNU/Linux (like Google's) which are motivated by security.
⬆