[SATLUG] Scarry stuff...How to write a linux virus in 5 easy steps

Alan Lesmerises alesmerises at satx.rr.com
Tue Feb 24 22:30:17 CST 2009

ed wrote:
> Geoff wrote:
>> Tweeks wrote:
>>>> As Linux grabs more market share on the home desktop, its only 
>>>> natural,
>>>> a matter of time, before the bad guys start (if they haven't already)
>>>> writing exploits for it
>>> I disagree to some degree.  The reason that windows has been so 
>>> problematic is not JUST because it's the biggest tartget.. but 
>>> because it's SOOOOOO homogeneous.  It's cookie cutter.. A computer 
>>> monoculture, if you will. 
>>> Take this virus/target-culture model into nature.  It's just like a 
>>> giant domesticated animal farm.  What happens in nature when you 
>>> have a giant monoculture (cows, banans, etc)?  One ravenous disease 
>>> comes along and wipes them all out.  So what even if you keep 
>>> standing new animals back up (reinstalling.. new models, etc).. The 
>>> same monoculture problem exists and viruses feed on monocultures. 
>>> This is why nature has differing species, breeds, and strains. In 
>>> two words.. biological diversity.  This is also why I believe that 
>>> Windows will always be the weaker OS "health wise" and why I believe 
>>> Linux will never be as hard hit with viri as Windows.  Linux is a 
>>> chaotic, heterogeneous mix of distros,  desktops and packages.. 
>>> always changing.  No virus can assume that all Linux desktop is 
>>> running Thunderbird.. or Kmail,  Mutt or Evolution.  I guess a virus 
>>> writer /could/ include vector-checks for the most common  Linux mail 
>>> clients out there.. but you still have all the distro differences, 
>>> seLinux, iptables, filesystem differences, etc.. And that's a huge 
>>> waste of energy when the virus-yummy monoculture of Windows+Outlook 
>>> is such a more attractive target.  Such an easier herd to own.  :)
>>> Some say that there's safety in numbers... With regards to virus 
>>> defense, this is not the case... But even more importantly, I say 
>>> the real safety is in diversity.
>> Tom, I grabbed your reply and sent it to a friend who is in the computer
>> -service- business.
>> I thought you'd be interested in his reply.  (after I cleaned up some
>> spelling errors... leaving the grammar as is - fair warning)
>>> He is absolutly correct on all counts.  The stupid american people are
>>> to blame.  How many home made cars or specialty equipment such as a
>>> steering stick instead of a wheel do you see?  That may be a bad
>>> example, but the main thing here is that americans want all things to
>>> operate the same and they don't want to learn.  They will only buy big
>>> brand names because they feel that anything else is inferior or has
>>> very little support because they don't know what makes it tick nor
>>> will they learn it, therefore they can't fix it.  PC's only became
>>> prominent when a manufactureres such as IBM, Compaq, or Apple started
>>> bundling the OS with the equipment because americans in general are
>>> too stupid to separate the two things in thier mind.  Most can't even
>>> program the clock on the VCR let alone figure out how to hook it up. 
>>> Now days people or totally confused about who to call for service.
>>> In the buisness world, the telephones and wiring in your office are
>>> installed by vender1 and the internet service is vender2 and the
>>> telephone service to the building is vender3.  ATT only wants to
>>> provide a connection to the DMARK and their work is done.  This is
>>> really confussing the general public because they are accustom to the
>>> telephone company providing the service lines all the way to the
>>> telephone and the telephone once belonged to the telephone company. 
>>> */Of course we "the venders" want to keep the people spoiled in this
>>> maner because providing service to the consumer is where we make our
>>> money./*
>> That's from the other end of the spectrum... this, too, is why they are
>> closing the store-front to the public, and staying with servicing their
>> corporate clientel.  Dealing with the general public the last 20 years
>> has taken it's toll.  (That, and they'll save 2/3'rds of their current
>> rent!)
>> -Geoff
> Possible political rant.  Fair warning...
> So, what do we do with a nation full of slobs who have been 
> intentionally and systematically "dumbed-down" over the last 40 years 
> (2-1/2 generations)?  My daughters didn't get half the education that 
> I received, and the one with the masters degree is in love with 
> Vista.  Go figure.  For my student-run computer clinics, I push open 
> source incessantly, and with much success, but, I have yet to have a 
> client accept a Linux OS load when Winderz XP re-load can be had. 
> Again, go figure...
> Cheers;
> Ed

Actually, the points made by Geoff's friend actually supports the 
argument for a common consistent software structure.  It's called 
_Standardization_.  When you have multiple suppliers of something, be it 
software, electrical appliances, telephone equipment, or just plain nuts 
and bolts, if everyone is building things to work under a common set of 
design guidelines (electrical plugs with 2 flat blades of a certain 
size, with one round ground prong separated from the other by so much 
distance, getting 110V of alternating current at 60 Hz, etc.) then 
anyone who wants to build a device that can use that standard design can 
do so and sell that product or service, and know that the customer will 
actually be able to use said product or service.  Having a common 
structure for an OS does simplify the job for a software developer since 
they don't have to write code to work under every possible variant of 
the OS (including directory structure, configuration file locations, 
system settings, etc.), and the customer doesn't have to recompile the 
kernel just to get a particular piece of software to run.  That might be 
something that many people on this list may be comfortable doing, but 
the vast majority of people in the rest of the world will NEVER be 
capable of doing themselves.

Like it or not, most people view a PC as an appliance that they just 
simply want to work whenever they need it.  It's like the difference 
between a 50 year old MG and a brand-new Toyota -- in order to drive the 
former, you might need to fiddle with the carburetor, choke, or ignition 
timing every time you want to drive the car, the latter you just get 
behind wheel, turn the key, and you're off to the races.  Most of the 
time, I have to include myself in this group -- if I have work to do, I 
surely don't want to spend several hours troubleshooting some 
configuration problem, or access permissions, etc., just so I can get a 
particular program to run -- I usually have better things to do.

Al Lesmerises

More information about the SATLUG mailing list