Thursday, July 26, 2012

Should Linux acknowledge windows viruses?

I believe that a good internet citizen must understand the threat caused by malware, regardless of whether the malware affects you. We all must attempt to try and stop the infection for others. Windows viruses often do not infect linux architecture but that doesn't stop linux contributing to the spread.

This blog post will explore viruses for Linux and to try and decide whether virus protection is really required for Linux distros.

In life there is no right or wrong only choices. If you choose to run Linux on your home computer then you have chosen a largely malware free architecture. Why? Because:
  1. Malicious individuals are more likely to focus on a architecture with a large user base like windows. Although it is a blessing it is not in the interests of distros to keep the numbers of users low.
  2. System architecture is designed to ensure only authorised process have access to root. This starves the malware of root and so restricts or stops the damage it could inflict.
  3. Due to the open source nature of Linux updates are coded much faster.
  4. The viruses that are written are confined to labs.

But Linux is not a choice suitable for everyone. So for the mid to long term windows will remain a popular operating system. So does it make sense to use your system resources to ensure due diligence before you send on files to windows users? Or alternatively a user who chooses to use windows must ensure they protect themselves?
In my experience of the corporate environment both Linux and Windows are used to achieve company goals. We do not utilise anti-virus on our Linux servers because all our windows machines are protected. Wonderful when you can rely on policy and standard windows images to ensure this.

I suggest using clamav before sending files to users you like but as good internet citizens we should all influence the windows users we know to install a virus protection system. Do it now!

But beware viruses for Linux do exist. Cross platform applications like Firefox, Chrome and wine give viruses a chance to use these apps as a common interface. Javascript can be executed in the browser of any platform and could using the browser to infect your OS. 

In closing SecurityFocus columnist Scott Granneman writes

"To mess up a Linux box, you need to work at it; to mess up your Windows box, you just need to work on it"


No comments: