Why Free?

"JT" <spam RemoveThis @dcplus.dyndns.info> wrote in message news:f0293e0a83398a853714b6ffdc3ae3db@news.teranews.com...

> A proper security model doesn't let a program access outside of a limited
> set of areas. A proper security model may no keep the virus from being part
> of another program, but can make difficult, if not eliminate the
> replication part of the process.

....which is far from adequate considering that the virus' payload
might activate. The operation was a complete success. D

....but the patient died. (

> Most people are so accustomed the wide
> open model of windows, that concepts like executables needing to be in
> certain places to run, files execution being determined by security
> permissions instead of just names, etc. are overlooked.

A virus can find itself in the proper place and with the proper
permissions set as easily as any legitimate program precisely
*because* it is an otherwise legitimate program that the user
wants to execute. It will execute with the permissions set of the
user executing it - or worse if it uses some flaw to escalate. A
sufficiently crippled machine won't be able to provide a virus
with a chance to replicate - but how many sufficiently crippled
machines are there.

> Access control
> lists, etc. are just becoming available for the masses.
>
> >[snip]
> >
> >
> >> >Your last sentences contradicts, not supports your initial point. Just
> >> >what is your point?
> >>
> >> The post I replied to said
> >>
> >> >Viruses don't depend on software flaws. Even if MS's code
> >> >were flawless - viruses could still exist and create a desire
> >> >for anti-virus measures.
> >> >
> >>
> >> My point is that the vast majority of virus DO in fact depend on software
> >> flaws.
> >
> >Could you explain? Are you using the term "virus" to include all
> >self-replicating malware? If so, this is yet another reason to draw
> >a distinction between the two terms "worm" and "virus". A "virus"
> >is not something that depends on a flaw in software - it depends
> >on the same things that the user depends on to get work done.
> >If you remove access to the methods it uses, you no longer have
> >a useful machine for the user either.
> >
> Not true. Useful machines with proper security models have been available
> for years. They are still doing useful work. A word processor doesn't need
> to create executable files. Games don't need to write to files not part of
> the game or in the game directory tree.

Oh, I thought we were talking about general purpose computers.
Nevermind then - I agree that special purpose computers can be
utterly secure.

> >> The complexity of the problem when the software is not so easily
> >> exploitable is beyond the capability of crackers and script kiddies. If the
> >> software was flawless (not going to happen in any OS) then you have killed
> >> the market for AV products.
> >
> >Not true, because if you remove the so-called 'flaws' that a virus
> >uses - you have removed the machines usefulness as well. Yes,
> >there may come a time when users will say, "gee - remember back
> >when there were computer viruses?" - but I don't think they will be
> >using general purpose computers like we are.
> >
> A general purpose computer means a machine that can be programed for
> virtualy unlimited purposes. That doesn't mean that every program on the
> machine should have unlimited access to that capability.

True, but it only takes one with enough access to do the deed, and
then the rest of the world desires to be able to detect it before it runs
- and AV is not driven to extinction.

I agree that stronger security models exist, and that they make
it much more difficult for viruses, but viruses can exist without
using software flaws.

> Most programs
> should be limited in what they can access and the functions they perform.
> Having system files read only or execute only doesn't reduce their
> usability. Memory protection, which limits the memory a program can use, is
> necessary for multiprogramming systems. Making parts of the file system off
> limits to average programs does not reduce the ability of a machine to be
> useful. Limiting the capability of generating an executable to a very
> limited set of programs and circumstances doesn't limit the ability of user
> to run programs.

Yes, that all makes sense. However, not all viruses need to infect
or create executables either I think.

Anyway, I think you are mostly right about the better security models
making things nearly impossible (in a perfect world), but "nearly" isn't
enough to say that AV would no longer be desired. A "perfect" model
would probably require that the virus use a flaw in software - and there
goes the "perfect" security model out the window. I'm sure that users
will supply all the flaws in security that the software doesn't.
 >> Stay informed about: Why Free? 

JT wrote:
> On Sat, 20 Mar 2004 11:11:13 -0500, "FromTheRafters" <!0000@nomad.fake>
[snip]
>>Not true, because if you remove the so-called 'flaws' that a virus
>>uses - you have removed the machines usefulness as well. Yes,
>>there may come a time when users will say, "gee - remember back
>>when there were computer viruses?" - but I don't think they will be
>>using general purpose computers like we are.
>>
>
> A general purpose computer means a machine that can be programed for
> virtualy unlimited purposes. That doesn't mean that every program on the
> machine should have unlimited access to that capability.

no, but it does mean that if the virus is acting in the context of a
user who has that capability it should...

> Most programs
> should be limited in what they can access and the functions they perform.

most security treats programs as agents of a user or principle and so
those limits are based on the limits of what that user can do...

if we decide to additionally treat the programs themselves as
principles then there will still be some programs that have the
authority required by a virus to do it's dirty deed... and we'll have
increased the complexity of maintaining the security of the system
tremendously since each and every program will need to be assigned the
kinds of permissions we would normally only have to worry about for
users...

> Having system files read only or execute only doesn't reduce their
> usability. Memory protection, which limits the memory a program can use, is
> necessary for multiprogramming systems. Making parts of the file system off
> limits to average programs does not reduce the ability of a machine to be
> useful. Limiting the capability of generating an executable to a very
> limited set of programs and circumstances doesn't limit the ability of user
> to run programs.

so are you saying that there should be a crack-down "ren xzy.dat xyz.exe"?

and what about file types that are outside the system's preconceived
notions of what an executable is but are no less executable in some
manner (say interpreted scripts, for example)?...

--
"we're the first ones to starve, we're the first ones to die
the first ones in line for that pie in the sky
and we're always the last when the cream is shared out
for the worker is working when the fat cat's about"
 >> Stay informed about: Why Free? 

On Sat, 20 Mar 2004 16:14:00 GMT, optikl <optikl.RemoveThis@invalid.net> wrote:

>JT wrote:
><snip>
>
>Vast Majority? On OS flaws? I don't really see that. I'd say, recently
>less than 20, not including the variants, of course (.a, .b, .c, etc).
>What number do you have in mind?

Name one recent virus that didn't exploit an OS flaw? If you see less than
20 that do, then naming a few that don't use an flaw as part of the
propagation or replication phase should be a piece of cake.

> The complexity of the problem when the software is not so easily
>> exploitable is beyond the capability of crackers and script kiddies. If the
>> software was flawless (not going to happen in any OS) then you have killed
>> the market for AV products.
>>
>
>Well, you and I will have to disagree, I guess. I think if we were
>talking about *firewalls*, I would be more inclined to say you and I are
>on the same page.

If an OS didn't leave ports open at random, and applied permissions to
network ports like it does to files and memory protection, then firewalls
would be unnecessary. Ever wonder why all current firewalls are software
based? Even the highend Ciscos are custom software on top of a special
purpose hardened OS. The current need for Firewalls in Windows exists
largely because the security model and network layer of Windows is too
weak to perform that function without outside assistance.
>
>While I disagree with your estimate of the percentage of malware that
>would disappear with a more secure OS, thus eliminating the need for AV,
>I do agree you could kill the market for AV if you eliminated 99% of
>those who have access to computers <bg>. Malware is really a people
>problem; people write it, people let it have access to their systems and
>people have have to deal with it. The most secure OS you can come up
>with is going to have someone administering it and someone using it.
>That's sort of where things tend to break-down.

Malware is indeed a people problem, both on the producer side, and the
victim side. Some virus hoaxes have been as bad as virus' in the results.
No OS can prevent a user from making errors or doing the wrong, stupid
things. A properly designed OS with good security and few flaws, like
antilock brakes, seat belts, airbags and a good frame/passenger compartment
design on cars, can make a wreck much less likely to cause major harm to
the user.
 >> Stay informed about: Why Free? 

[snips]

In article <ww57c.27105$Eb6.914518@news20.bellglobal.com>,
kurtw.RemoveThis@sympatico.ca says...

> > Really. So why is it that when I run Linux, I don't worry about
> > viruses?
>
> there are a number of possibilities - maybe you understand that using a
> niche market OS makes you a less palatable target to virus writers - or
> maybe you're just one of those morons who thinks *nix is immune...

Or maybe I understand *why* viruses propagate. Hint: it requires a
brain-dead security model. Such as that in Windows.

> > So, right there, we've got one boneheaded design.
>
> can you read? just because there are flaws doesn't mean that disprove
> the assertion that their absence would translate into an absence of
> viruses... your microsoft bashing, accurate though it may be, is a red
> herring here...

No, it's not.

If a piece of code cannot be executed _at all_ unless manual steps are
taken by the user of the machine, then a virus *dies* almost instantly;
by definition, a virus has to execute in order to do its thing.

In Windows-land, this is often accomplished by trickery: pretending to
be an image, for example. That sort of thing simply _does not work_ in
other OSen. If the file _is_ an image, it will display. If not, it
will simply be treated harmlessly, such as loading it in a text editor.
Neither of these actions results in anything useful from the virus's
point of view. It requires the "everything is executable" or some
equivalent which renders the process of getting executed equally simple
in order to act.

> well, apparently you haven't been paying attention to the virus news...

Actually, I have. Virus after virus, worm after worm... and virtually
all for Windows machines. Not BSD boxes or Linux boxes or Macs. Hell,
IIS has been attacked repeatedly and done extensive damage despite being
*less* popular than Apache for internet web serving. Not that Apache
hasn't had its share of attacks; it has... they just die out quickly.

> you think you're safe in linux because of linux but you're wrong -
> you're safe because of *you*

That's partly true. However, the fact is I simply do not *need* to
worry that simply reading an email might be enough to infect my machine.
I don't *need* to worry that browsing a web page may infect my machine.
Such things are virtually impossible to do in *nix, BSD, etc... yet are
comparatively trivial to do in Windows. It's not the user base, either.
The smartest Windows user, replete with AV tools and the like, is still
at moderately high risk - all that needs happen is a new strain come out
before his AV software is updated to protect the machine and voila;
instant infection. On the other hand, as noted, *nix users as a rule
don't even *use* AV software... because there's absolutely no need to.
The security model used by *nix makes viruses so helllishly difficult to
design that it simply is not a real threat.

> > So no, if Microsoft wrote "flawless code", these problems simply would
> > not exist, or at least, not in the form they do now. Linux, for
> > example, has had a few viruses. Despite the relative ease of finding
> > Linux machines to attack, though, they never get very far. Why?
>
> because linux machines are not nearly as numerous in comparison to
> windows boxes... because the *nix user base hasn't reached the critical
> mass necessary to sustain naturally occurring infections...

This kind of twaddle is exactly what's wrong with the whole Windows user
mindset. Apache is *more* popular than IIS... yet it's IIS, not Apache,
that has caused endless damage. Based on the popularity argument, the
opposite should be true. Yet it's not. Poof goes that little bit of
tripe.
 >> Stay informed about: Why Free? 

[snips]

In article <ww57c.27105$Eb6.914518@news20.bellglobal.com>,
kurtw RemoveThis @sympatico.ca says...

> > Really. So why is it that when I run Linux, I don't worry about
> > viruses?
>
> there are a number of possibilities - maybe you understand that using a
> niche market OS makes you a less palatable target to virus writers - or
> maybe you're just one of those morons who thinks *nix is immune...

Or maybe I understand *why* viruses propagate. Hint: it requires a
brain-dead security model. Such as that in Windows.

> > So, right there, we've got one boneheaded design.
>
> can you read? just because there are flaws doesn't mean that disprove
> the assertion that their absence would translate into an absence of
> viruses... your microsoft bashing, accurate though it may be, is a red
> herring here...

No, it's not.

If a piece of code cannot be executed _at all_ unless manual steps are
taken by the user of the machine, then a virus *dies* almost instantly;
by definition, a virus has to execute in order to do its thing.

In Windows-land, this is often accomplished by trickery: pretending to
be an image, for example. That sort of thing simply _does not work_ in
other OSen. If the file _is_ an image, it will display. If not, it
will simply be treated harmlessly, such as loading it in a text editor.
Neither of these actions results in anything useful from the virus's
point of view. It requires the "everything is executable" or some
equivalent which renders the process of getting executed equally simple
in order to act.

> well, apparently you haven't been paying attention to the virus news...

Actually, I have. Virus after virus, worm after worm... and virtually
all for Windows machines. Not BSD boxes or Linux boxes or Macs. Hell,
IIS has been attacked repeatedly and done extensive damage despite being
*less* popular than Apache for internet web serving. Not that Apache
hasn't had its share of attacks; it has... they just die out quickly.

> you think you're safe in linux because of linux but you're wrong -
> you're safe because of *you*

That's partly true. However, the fact is I simply do not *need* to
worry that simply reading an email might be enough to infect my machine.
I don't *need* to worry that browsing a web page may infect my machine.
Such things are virtually impossible to do in *nix, BSD, etc... yet are
comparatively trivial to do in Windows. It's not the user base, either.
The smartest Windows user, replete with AV tools and the like, is still
at moderately high risk - all that needs happen is a new strain come out
before his AV software is updated to protect the machine and voila;
instant infection. On the other hand, as noted, *nix users as a rule
don't even *use* AV software... because there's absolutely no need to.
The security model used by *nix makes viruses so helllishly difficult to
design that it simply is not a real threat.

> > So no, if Microsoft wrote "flawless code", these problems simply would
> > not exist, or at least, not in the form they do now. Linux, for
> > example, has had a few viruses. Despite the relative ease of finding
> > Linux machines to attack, though, they never get very far. Why?
>
> because linux machines are not nearly as numerous in comparison to
> windows boxes... because the *nix user base hasn't reached the critical
> mass necessary to sustain naturally occurring infections...

This kind of twaddle is exactly what's wrong with the whole Windows user
mindset. Apache is *more* popular than IIS... yet it's IIS, not Apache,
that has caused endless damage. Based on the popularity argument, the
opposite should be true. Yet it's not. Poof goes that little bit of
tripe.
 >> Stay informed about: Why Free? 

On Sat, 20 Mar 2004 17:20:04 -0500, kurt wismer <kurtw.DeleteThis@sympatico.ca> wrote:

>JT wrote:
>[snip]
>> Virus have always depended on the vulnerabilities of the software and the
>> security of the systems they are attacking with very few exceptions.
>
>an assertion for which you have no support...
>
>> Go to
>> any virus database or security advisory.
>
>i've been to many, what i've seen does not support your contention...
>
>> They are exploiting a weakness.
>
>some do, but few depend on it for their ability to spread...
>
>> If not activex, then unchecked buffers or insecure automation features.
>
>grasping at straws...
>
>> Started that way in the early MSDOS and AppleII days when virus were young.
>> The exploits that have happened recently against other OS such as Linux and
>> Apples OS/X have been exploits of software or security configuration
>> errors.
>
>the only thing viruses depend on is the ability it write executable or
>interpretable code to disk...

That is a weakness of the security model. It should not be easy for just
any program to write an executable. It doesn't need to be that way. It is a
design flaw.
>
>> As an exercise, find a Virus or worm (not a phishing/human
>> engineering exploit that tricks a user into running a program that erases
>> his hard disk thinking it was a free game) that does not exploit such a
>> weakness in all the online virus information. Just get me a couple out of
>> the thousands that are out there. Something recent would be nice, but I am
>> not picky
>
>stoned.empire.monkey (or rather, most boot infectors)... cascade (or
>rather, most file infectors)...

Weakness in that the OS lets code directly talk to hardware. Shouldn't do
that except is special cases. OS should not let executable files be
written to that easily either. It is a flaw in the design concept there.

In Linux (and most Unix like OS's such as Apples OS/X) executable files
are not kept in the users home directory with a few exceptions. All system
executables, and most regular application executables are in directorys
where the average user can't write. The disk is also protected from direct
disk writes by all but a few privileged programs. The virus's you mentioned
exploit flaws in the DESIGN of most MS operating systems. Ones that are
not there in other OS's.
 >> Stay informed about: Why Free? 

On Sat, 20 Mar 2004 17:20:04 -0500, kurt wismer <kurtw.RemoveThis@sympatico.ca> wrote:

>JT wrote:
>[snip]
>> Virus have always depended on the vulnerabilities of the software and the
>> security of the systems they are attacking with very few exceptions.
>
>an assertion for which you have no support...
>
>> Go to
>> any virus database or security advisory.
>
>i've been to many, what i've seen does not support your contention...
>
>> They are exploiting a weakness.
>
>some do, but few depend on it for their ability to spread...
>
>> If not activex, then unchecked buffers or insecure automation features.
>
>grasping at straws...
>
>> Started that way in the early MSDOS and AppleII days when virus were young.
>> The exploits that have happened recently against other OS such as Linux and
>> Apples OS/X have been exploits of software or security configuration
>> errors.
>
>the only thing viruses depend on is the ability it write executable or
>interpretable code to disk...

That is a weakness of the security model. It should not be easy for just
any program to write an executable. It doesn't need to be that way. It is a
design flaw.
>
>> As an exercise, find a Virus or worm (not a phishing/human
>> engineering exploit that tricks a user into running a program that erases
>> his hard disk thinking it was a free game) that does not exploit such a
>> weakness in all the online virus information. Just get me a couple out of
>> the thousands that are out there. Something recent would be nice, but I am
>> not picky
>
>stoned.empire.monkey (or rather, most boot infectors)... cascade (or
>rather, most file infectors)...

Weakness in that the OS lets code directly talk to hardware. Shouldn't do
that except is special cases. OS should not let executable files be
written to that easily either. It is a flaw in the design concept there.

In Linux (and most Unix like OS's such as Apples OS/X) executable files
are not kept in the users home directory with a few exceptions. All system
executables, and most regular application executables are in directorys
where the average user can't write. The disk is also protected from direct
disk writes by all but a few privileged programs. The virus's you mentioned
exploit flaws in the DESIGN of most MS operating systems. Ones that are
not there in other OS's.
 >> Stay informed about: Why Free? 

JT wrote:
> On Sat, 20 Mar 2004 17:20:04 -0500, kurt wismer <kurtw.RemoveThis@sympatico.ca> wrote:
>>JT wrote:
[snip]
>>>Started that way in the early MSDOS and AppleII days when virus were young.
>>>The exploits that have happened recently against other OS such as Linux and
>>>Apples OS/X have been exploits of software or security configuration
>>>errors.
>>
>>the only thing viruses depend on is the ability it write executable or
>>interpretable code to disk...
>
>
> That is a weakness of the security model. It should not be easy for just
> any program to write an executable. It doesn't need to be that way. It is a
> design flaw.

that is inherent in general purpose computing...

>>>As an exercise, find a Virus or worm (not a phishing/human
>>>engineering exploit that tricks a user into running a program that erases
>>>his hard disk thinking it was a free game) that does not exploit such a
>>>weakness in all the online virus information. Just get me a couple out of
>>>the thousands that are out there. Something recent would be nice, but I am
>>>not picky
>>
>>stoned.empire.monkey (or rather, most boot infectors)... cascade (or
>>rather, most file infectors)...
>
>
> Weakness in that the OS lets code directly talk to hardware.

i'm guessing you don't really understand viruses here... boot infectors
execute before the operating system has even has a chance to load...
the operating system can't do bugger all about viruses like
stoned.empire.monkey...

> Shouldn't do
> that except is special cases. OS should not let executable files be
> written to that easily either. It is a flaw in the design concept there.

that easily? the same thing is possible in any OS...

> In Linux (and most Unix like OS's such as Apples OS/X) executable files
> are not kept in the users home directory with a few exceptions.

the standard system executables aren't, but there are plenty of
executables that aren't standard system executables...

> All system
> executables, and most regular application executables are in directorys
> where the average user can't write.

that depends entirely on who installed the application...

and it totally ignores the possibility of script viruses...

> The disk is also protected from direct
> disk writes by all but a few privileged programs.

only while the OS is running...

> The virus's you mentioned
> exploit flaws in the DESIGN of most MS operating systems. Ones that are
> not there in other OS's.

then why can stoned.empire.monkey (and most other boot infectors)
infect linux boxes?

--
"we're the first ones to starve, we're the first ones to die
the first ones in line for that pie in the sky
and we're always the last when the cream is shared out
for the worker is working when the fat cat's about"
 >> Stay informed about: Why Free? 

JT wrote:
> On Sat, 20 Mar 2004 17:20:04 -0500, kurt wismer <kurtw RemoveThis @sympatico.ca> wrote:
>>JT wrote:
[snip]
>>>Started that way in the early MSDOS and AppleII days when virus were young.
>>>The exploits that have happened recently against other OS such as Linux and
>>>Apples OS/X have been exploits of software or security configuration
>>>errors.
>>
>>the only thing viruses depend on is the ability it write executable or
>>interpretable code to disk...
>
>
> That is a weakness of the security model. It should not be easy for just
> any program to write an executable. It doesn't need to be that way. It is a
> design flaw.

that is inherent in general purpose computing...

>>>As an exercise, find a Virus or worm (not a phishing/human
>>>engineering exploit that tricks a user into running a program that erases
>>>his hard disk thinking it was a free game) that does not exploit such a
>>>weakness in all the online virus information. Just get me a couple out of
>>>the thousands that are out there. Something recent would be nice, but I am
>>>not picky
>>
>>stoned.empire.monkey (or rather, most boot infectors)... cascade (or
>>rather, most file infectors)...
>
>
> Weakness in that the OS lets code directly talk to hardware.

i'm guessing you don't really understand viruses here... boot infectors
execute before the operating system has even has a chance to load...
the operating system can't do bugger all about viruses like
stoned.empire.monkey...

> Shouldn't do
> that except is special cases. OS should not let executable files be
> written to that easily either. It is a flaw in the design concept there.

that easily? the same thing is possible in any OS...

> In Linux (and most Unix like OS's such as Apples OS/X) executable files
> are not kept in the users home directory with a few exceptions.

the standard system executables aren't, but there are plenty of
executables that aren't standard system executables...

> All system
> executables, and most regular application executables are in directorys
> where the average user can't write.

that depends entirely on who installed the application...

and it totally ignores the possibility of script viruses...

> The disk is also protected from direct
> disk writes by all but a few privileged programs.

only while the OS is running...

> The virus's you mentioned
> exploit flaws in the DESIGN of most MS operating systems. Ones that are
> not there in other OS's.

then why can stoned.empire.monkey (and most other boot infectors)
infect linux boxes?

--
"we're the first ones to starve, we're the first ones to die
the first ones in line for that pie in the sky
and we're always the last when the cream is shared out
for the worker is working when the fat cat's about"
 >> Stay informed about: Why Free? 

[snips]

In article <hO57c.27118$Eb6.917623@news20.bellglobal.com>,
kurtw.RemoveThis@sympatico.ca says...

> > No, they're more than that. They are programs that rely on security
> > holes in the OS that allow them to propagate and do damage.
>
> false

I'll stop you right there. I'll point out to you a couple of simple
facts.

1) Checking C.O.L.A. and other such groups, you'll discover quickly that
there's a very real, if not necessarily very large, anti-linx and indeed
anti-OSS grouping of users, mostly Windows users.

2) Virus writing "howtos" exist, publicly, for Linux; the information on
how to infect, say, an ELF file is readily available.

3) Given the two items above, one would think it inevitable that a Linux
virus would be created.

4) No viable Linux virus has yet been identified.

Now, we can conclude a couple things from this. We could assume that
the entire group of anti-linux types are completely incompetent boobs.
Or we could conclude that despite their very active and very vocal
attempts to deride Linux, they really don't care. Or perhaps we can
conclude they're unable to perform simple web searches.

None of those seem particularly likely. Yet no such virus has ever been
identified.

On the other hand, the people who _have_ tried to write such viruses,
even where the code and methods were publicly accessible such that they
could be improved upon, enhanced, refined and so forth, have failed,
miserably, to produce viable Linux viruses.

And why is this? One needs but read their own reports. In simple
English, Linux is very resistant to such attacks. But hey, if something
else happens to let in viruses the way rotten meat lets in maggots, it
couldn't possibly be because the software is in any way faulty, could
it.

Let's take a look at Cohen's concepts a bit, though. His definition of
a virus, "a program that can 'infect' other programs by modifying them
to include a possibly evolved version of itself", is telling. How does
it infect other programs? Oh, right - it *absolutely requires* that the
underlying OS either allows non-admin users to overwrite executables, or
allow "root exploits". Both are failures in the OS. Note that the
*default* Windows installation has the user running as "root" with full
privileges to do exactly this, and not so much as a hint that this is a
bad idea. While this may be an install-time design oversight, it
remains a flaw in the OS, one which has critical impact on system
security.

We might also note that according to Cohen it is apparently trivial to
write a virus for *nix based systems. Odd, then, that despite the
popularity of such systems, such viruses simply _do not appear to
exist_. No, it's not a question of popularity; *nix systems have been
running for decades in everything from desktops to supercomputers and
everything in between and more. There have, quite possibly, been more
*nix users in the history of *nix than there have been Windows users.
Yet in all that time, with all those systems and all those users... a
lot of whom were, let's be honest, college and university students who
have, historically, been well known for performing exactly this kind of
mischief if given half a chance... not *one* *nix virus has been
detected in the wild as a successful virus - "successful" here implying
infection of a non-trivial number of machines by whatever means.

All those users... all those machines... all those decades... and not
*one* known successful virus. One worm of note - Morris - might be used
as a possible counterexample, to which I'll simply note that this means
in all that time, with all those machines, all those users, there has
been one, count 'em one, successful "virus" for such systems.

That's *one* as compared to some 70,000 viruses and variants for
Windows. And you expect me to buy that this is somehow *not* related to
the fact that Windows is a sieve? That it's mere coincidence that the
systems which effectively have no security or are riddled with
vulnerabilities are the ones that get infected?

Take the shatter exploit as an example. It relies on an OS flaw.
Specifically, it relies on the fact there's bugger all validation of
messages passed between processes, so a low-privilege caller can merrily
send messages to a system-level process and not a thing is done to check
wheter this is legit or not. It also relies on, IIRC, a buffer overflow
- in an OS-provided component. Another OS flaw. Net result? If I can
get my virus running even in a low-privilege process, I can use shatter
to wind up with system-level privileges, all due to OS flaws. Or I can
use IE's stunning ability to download and execute any code I choose
thanks to some stupendously bad design decisions... and note that IE is
now generally regarded as part of the OS. You may be able to remove the
interface component, but the rest remains.

The list goes on and on and on, but the fact remains: if the OS has a
decent security model, getting the virus to run *at all* is difficult,
getting it to propagate is even more so. It's only systems which are
badly design and badly implemented that suffer virus issues worthy of
note... and that wouldn't be the case if viruses were trivial to write
and not dependent upon OS flaws.

Feel free to prove me wrong, though. Say by providing a Linux-based
virus that a) will somehow automagically execute on the victim's machine
without the user needing to make it, explicitly, executable and b) will
merrily propagate to other executables and other systems *without*
relying on flaws in the OS's security mechanisms - no using root
exploits, for example, that would be relying on an OS flaw and would
invalidate the premise you're trying to establish.

Hell, if you think you've got such a critter, send it over; I've got a
box here I can use as a "throwaway" for testing purposes. 'Course,
being my box, it follows *my* security choices and the like, but none of
that matters, right?
 >> Stay informed about: Why Free? 

[snips]

In article <hO57c.27118$Eb6.917623@news20.bellglobal.com>,
kurtw.RemoveThis@sympatico.ca says...

> > No, they're more than that. They are programs that rely on security
> > holes in the OS that allow them to propagate and do damage.
>
> false

I'll stop you right there. I'll point out to you a couple of simple
facts.

1) Checking C.O.L.A. and other such groups, you'll discover quickly that
there's a very real, if not necessarily very large, anti-linx and indeed
anti-OSS grouping of users, mostly Windows users.

2) Virus writing "howtos" exist, publicly, for Linux; the information on
how to infect, say, an ELF file is readily available.

3) Given the two items above, one would think it inevitable that a Linux
virus would be created.

4) No viable Linux virus has yet been identified.

Now, we can conclude a couple things from this. We could assume that
the entire group of anti-linux types are completely incompetent boobs.
Or we could conclude that despite their very active and very vocal
attempts to deride Linux, they really don't care. Or perhaps we can
conclude they're unable to perform simple web searches.

None of those seem particularly likely. Yet no such virus has ever been
identified.

On the other hand, the people who _have_ tried to write such viruses,
even where the code and methods were publicly accessible such that they
could be improved upon, enhanced, refined and so forth, have failed,
miserably, to produce viable Linux viruses.

And why is this? One needs but read their own reports. In simple
English, Linux is very resistant to such attacks. But hey, if something
else happens to let in viruses the way rotten meat lets in maggots, it
couldn't possibly be because the software is in any way faulty, could
it.

Let's take a look at Cohen's concepts a bit, though. His definition of
a virus, "a program that can 'infect' other programs by modifying them
to include a possibly evolved version of itself", is telling. How does
it infect other programs? Oh, right - it *absolutely requires* that the
underlying OS either allows non-admin users to overwrite executables, or
allow "root exploits". Both are failures in the OS. Note that the
*default* Windows installation has the user running as "root" with full
privileges to do exactly this, and not so much as a hint that this is a
bad idea. While this may be an install-time design oversight, it
remains a flaw in the OS, one which has critical impact on system
security.

We might also note that according to Cohen it is apparently trivial to
write a virus for *nix based systems. Odd, then, that despite the
popularity of such systems, such viruses simply _do not appear to
exist_. No, it's not a question of popularity; *nix systems have been
running for decades in everything from desktops to supercomputers and
everything in between and more. There have, quite possibly, been more
*nix users in the history of *nix than there have been Windows users.
Yet in all that time, with all those systems and all those users... a
lot of whom were, let's be honest, college and university students who
have, historically, been well known for performing exactly this kind of
mischief if given half a chance... not *one* *nix virus has been
detected in the wild as a successful virus - "successful" here implying
infection of a non-trivial number of machines by whatever means.

All those users... all those machines... all those decades... and not
*one* known successful virus. One worm of note - Morris - might be used
as a possible counterexample, to which I'll simply note that this means
in all that time, with all those machines, all those users, there has
been one, count 'em one, successful "virus" for such systems.

That's *one* as compared to some 70,000 viruses and variants for
Windows. And you expect me to buy that this is somehow *not* related to
the fact that Windows is a sieve? That it's mere coincidence that the
systems which effectively have no security or are riddled with
vulnerabilities are the ones that get infected?

Take the shatter exploit as an example. It relies on an OS flaw.
Specifically, it relies on the fact there's bugger all validation of
messages passed between processes, so a low-privilege caller can merrily
send messages to a system-level process and not a thing is done to check
wheter this is legit or not. It also relies on, IIRC, a buffer overflow
- in an OS-provided component. Another OS flaw. Net result? If I can
get my virus running even in a low-privilege process, I can use shatter
to wind up with system-level privileges, all due to OS flaws. Or I can
use IE's stunning ability to download and execute any code I choose
thanks to some stupendously bad design decisions... and note that IE is
now generally regarded as part of the OS. You may be able to remove the
interface component, but the rest remains.

The list goes on and on and on, but the fact remains: if the OS has a
decent security model, getting the virus to run *at all* is difficult,
getting it to propagate is even more so. It's only systems which are
badly design and badly implemented that suffer virus issues worthy of
note... and that wouldn't be the case if viruses were trivial to write
and not dependent upon OS flaws.

Feel free to prove me wrong, though. Say by providing a Linux-based
virus that a) will somehow automagically execute on the victim's machine
without the user needing to make it, explicitly, executable and b) will
merrily propagate to other executables and other systems *without*
relying on flaws in the OS's security mechanisms - no using root
exploits, for example, that would be relying on an OS flaw and would
invalidate the premise you're trying to establish.

Hell, if you think you've got such a critter, send it over; I've got a
box here I can use as a "throwaway" for testing purposes. 'Course,
being my box, it follows *my* security choices and the like, but none of
that matters, right?
 >> Stay informed about: Why Free? 

On Sat, 20 Mar 2004 18:48:34 -0500, kurt wismer <kurtw DeleteThis @sympatico.ca> wrote:

>JT wrote:
>> On Sat, 20 Mar 2004 11:11:13 -0500, "FromTheRafters" <!0000@nomad.fake>
>[snip]
>>>Not true, because if you remove the so-called 'flaws' that a virus
>>>uses - you have removed the machines usefulness as well. Yes,
>>>there may come a time when users will say, "gee - remember back
>>>when there were computer viruses?" - but I don't think they will be
>>>using general purpose computers like we are.
>>>
>>
>> A general purpose computer means a machine that can be programed for
>> virtualy unlimited purposes. That doesn't mean that every program on the
>> machine should have unlimited access to that capability.
>
>no, but it does mean that if the virus is acting in the context of a
>user who has that capability it should...

Even there it can be restricted by program as much as by user.
>
>> Most programs
>> should be limited in what they can access and the functions they perform.
>
>most security treats programs as agents of a user or principle and so
>those limits are based on the limits of what that user can do...
>
>if we decide to additionally treat the programs themselves as
>principles then there will still be some programs that have the
>authority required by a virus to do it's dirty deed... and we'll have
>increased the complexity of maintaining the security of the system
>tremendously since each and every program will need to be assigned the
>kinds of permissions we would normally only have to worry about for
>users...

the "user" in many security models is not assumed to be a human. Take the
user running a webserver or mail server on a Unix like machine.

>> Having system files read only or execute only doesn't reduce their
>> usability. Memory protection, which limits the memory a program can use, is
>> necessary for multiprogramming systems. Making parts of the file system off
>> limits to average programs does not reduce the ability of a machine to be
>> useful. Limiting the capability of generating an executable to a very
>> limited set of programs and circumstances doesn't limit the ability of user
>> to run programs.
>
>so are you saying that there should be a crack-down "ren xzy.dat xyz.exe"?

I am saying that the extension alone should not be enough to make a program
executable. One way to do that is by having a separate execute permission,
as well as read, write, etc. as you have in Linux. Copy it all you want.
rename it to anything you want. If it wasn't executable before, it won't be
because of the act of renaming it. As an added precaution, you can set
permissions on a directory such that no file in the directory can be
executed. You can extend the concepts by adding different attribute types.
>
>and what about file types that are outside the system's preconceived
>notions of what an executable is but are no less executable in some
>manner (say interpreted scripts, for example)?...

Look at different OS's that have been developed. Forget extensions for a
second. For a step in the right direction, but not a full solution, look at
how Linux treats interpreted scripting languages like perl. A script
language that part of an office package should be limited in what it can
access and change in the system, just like the rest of the office package
software. Using a part of the file name (like the extension) to determine
if a file is executable was replaced on many OS's years ago. Look at Unix,
VMS, Apples OS's, etc.. In most of them, the extension is there to help
the human recognize the file, and to aid exchange of files with other OS's.
Critical attributes, such as whether the program is executable is protected
from simple program or human error or malace. Gross human error, or major
malace is probably not possible to protect against.

JT
 >> Stay informed about: Why Free? 

On Sat, 20 Mar 2004 18:48:34 -0500, kurt wismer <kurtw.RemoveThis@sympatico.ca> wrote:

>JT wrote:
>> On Sat, 20 Mar 2004 11:11:13 -0500, "FromTheRafters" <!0000@nomad.fake>
>[snip]
>>>Not true, because if you remove the so-called 'flaws' that a virus
>>>uses - you have removed the machines usefulness as well. Yes,
>>>there may come a time when users will say, "gee - remember back
>>>when there were computer viruses?" - but I don't think they will be
>>>using general purpose computers like we are.
>>>
>>
>> A general purpose computer means a machine that can be programed for
>> virtualy unlimited purposes. That doesn't mean that every program on the
>> machine should have unlimited access to that capability.
>
>no, but it does mean that if the virus is acting in the context of a
>user who has that capability it should...

Even there it can be restricted by program as much as by user.
>
>> Most programs
>> should be limited in what they can access and the funct