[GRLUG] Apple did it already (was: Proof of concept)

Roberto Villarreal rvillarreal at mktec.com
Fri Apr 6 13:34:24 EDT 2007 

On Friday 06 April 2007 12:37, Greg Folkert wrote:
> On Fri, 2007-04-06 at 01:22 -0400, Marc Zuverink wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > http://www.symantec.com/security_response/writeup.jsp?docid=2007-040516-4
> >947-99
>
> Heck, Apple did the same thing a few years ago. Except now its been
> tailored. AND its not really a real compromise.
>
> It is the same thing that all "linux" supposed viruseseses are, a
> userland tool. It screws up their (a user's) stuff, and doesn't affect
> the system, no wash and rinse of the machine needed, just the user.
>
> Herein lies the fundamental difference (even now with Vista), where
> userland screws up the whole machine, needing a removal and re-install.
>
> This is crap and you all know it. They are preying on the "unwashed
> masses" derelict knowledge, by "unwashed masses" I mean Windows users
> that "click or auto-run all the bad stuff, repeatedly".

I think you need to make a distinction here, however.  For a true server, your 
I 100% agree with your argument... the system keeps running untouched.  
However, for the "unwashed masses" (and even for the educated masses), 
the "system" is just a means to an end.  On an end-user's machine (which 
would, almost by definition, be more vulnerable to viruses), it is the 
*data*, exactly the stuff that is in "userland", that matters most.

My father thought he only had about 40 files on his computer (pictures).  He 
had no idea that there is some 80k files elsewhere on his system and could 
care less if they were corrupted/deleted/whatever.  But if he lost his 40 
pictures, he would be crushed.

Now... he *is* running linux.  His pictures are in his home directory.  He 
doesn't know the root password to his box.  But if he was to get some kind of 
userland virus (open source programs do still have bugs, remember!), it 
would, as far as he's concerned, destroy his system.  It doesn't matter that 
the system is still running... it is the *user data* that determines the 
worth of a user's computer.

My two cents.

Roberto

More information about the grlug mailing list