Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

[News] [Rival] New Security FUD Against GNU/Linux and Mac OS X from Microsoft-friendly Sites

  • Subject: [News] [Rival] New Security FUD Against GNU/Linux and Mac OS X from Microsoft-friendly Sites
  • From: Roy Schestowitz <newsgroups@xxxxxxxxxxxxxxx>
  • Date: Fri, 31 Jul 2009 18:11:16 +0000
  • Newsgroups: comp.os.linux.advocacy
  • User-agent: KNode/0.10.9
Hash: SHA1

Linux Doomed to Virus Plague. (Again.)

,----[ Quote ]
| Not only that, but Linux permeates every possible segment of tech-- routers 
| and networking devices, home and business automation, security and 
| surveillance systems, phones, netbooks and other consumer mobile devices, 
| desktops, vehicles, media servers and settop boxes; it's already a major 
| player in the datacenter, server room, mainframes, clusters, and 
| supercomputing. Linux runs on multiple CPU architectures. So a Windows-type 
| Trojan horse or worm on Linux should have a much more catastrophic effect 
| because of Linux' much greater reach.        


Why Cloud Computing Needs More Chaos

,----[ Quote ]
| Virtual machines, which perform like physical machines but are simulated with 
| software, have fewer sources of entropy: Linux-based virtual machines, for  
| instance, gather random numbers only from the exact millisecond time on their 
| internal clocks. And that source isn't enough to generate strong keys for 
| encryption, Stamos argues. "Normally there's enough variation that after a 
| while your operating system can gather up the entropy it needs to provide you 
| with secure random numbers," he says. "The fundamental issue is that with 
| virtualized hardware, many of those random variations don't exist."      
| [...]
| If a malicious hacker were to set up his or her own Linux virtual machine in 
| Amazon's EC2 cloud service, for example, he or she could use that machine's 
| entropy pool to better guess at the entropy pools of other recently created 
| Linux-based virtual servers in Amazon's cloud, Stamos posits.   


Why does Forbes pretend that only "Linux" can do 'malicious' things like

Fox News reports new Mac virus that is neither Mac nor viral nor new

,----[ Quote ]
| A report published by Fox News says that “online criminals are apparently so 
| impressed with its scorching sales they are sending Macintosh computers an 
| attack typically aimed at” Windows PCs. The story then falls apart in series 
| of inept contradictions.   



Does antivirus have a future?

,----[ Quote
| Peter Gutmann, a researcher at the University of Auckland who presented the 
| results of a study of the commercial market for malware at August's Defcon, 
| estimates that a good virus programmer can make as much as $200,000 a year 
| (here, a 660KB PDF). Alan Cox, an open-source security researcher, points out 
| some additional possibilities. One is malware designed to sit under today's 
| virtual machines. A proof-of-concept paper proposing such an attack, called 
| Subvirt (PDF), appeared last year, written by three researchers from 
| Microsoft and two from the University of Michigan. A presentation at last 
| year's Black Hat security conference from Joanna Rutkowska, a researcher at 
| Coseinc, a Singapore-based security company, covered a much leaner attack she 
| called Blue Pill, which targets the virtualisation built into Windows Vista 
| and into current processors from both AMD and Intel.           


Is an antivirus gap looming?

,----[ Quote ]
| The failure of antivirus companies to adapt to the dramatic malware 
| appearance rates in 2007 tells us there's time for a change and there's room  
| for a new class of tools. "AV is dead" is the battle cry of a new industry 
| analyst report. Antivirus companies may not be going the way of the dodo, but 
| to many customers, the concept of antivirus as the last line of defense has 
| been thrown out the window. It's time for a better approach, one that can 
| keep up and really defend networks.     


Predicting the demise of antivirus apps

,----[ Quote ]
| "It's the beginning of the end for antivirus," says Robin Bloor, partner
| at consulting firm Hurwitz & Associates, who adds he began his
| "antivirus is dead" campaign a year ago and feels even more strongly
| about it today. "I'm going to keep beating this drum. The approach
| antivirus vendors take is completely wrong. The criminals working to
| release these viruses against computer users are testing against
| antivirus software. They know what works and how to create variants."

Version: GnuPG v1.4.9 (GNU/Linux)


[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index