From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-77617-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1JezTW-0002ZR-E1
	for garchives@archives.gentoo.org; Thu, 27 Mar 2008 21:17:30 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 29888E0795;
	Thu, 27 Mar 2008 21:17:28 +0000 (UTC)
Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.173])
	by pigeon.gentoo.org (Postfix) with ESMTP id D85D4E0795
	for <gentoo-user@lists.gentoo.org>; Thu, 27 Mar 2008 21:17:27 +0000 (UTC)
Received: by ug-out-1314.google.com with SMTP id j3so473960ugf.49
        for <gentoo-user@lists.gentoo.org>; Thu, 27 Mar 2008 14:17:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=beta;
        h=domainkey-signature:received:received:from:to:subject:date:user-agent:references:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:message-id;
        bh=W13CzpPcIDF0ptncoQiZuoiav/iOf68Kx1cdrOqxhe8=;
        b=KNOZ8FcURshhezzBeemPw89Lqq+be/K1GYAuw5YuxJl5ghYuYU19er+JFp4VhJTGaAC8fxwb7ZzssZADIpdaOSTnMmxoe0A8REv7Uk4SuNomCHtp75OY1MpPyxwE1JyizAfQd1iNK5OHbowCPDdVzAhddx5tKgeS3ZI8ZBVBG4Q=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=beta;
        h=from:to:subject:date:user-agent:references:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:message-id;
        b=G633wen8MplyqX5PjN56Vy5oCX3YBvssvPPBsOB3qXCJvmqcvfGfEd3TnaXeIZ+3ex2K2RpZYG3zzSHr1/r6NR/+KcXJeJ2NA/Xw3et01MXiEGF5Eg2vTMa8dUIXNd06ktBoVhlX+xIB+MyXG9bYwICoBqamQB8AM3MZR71YFZM=
Received: by 10.78.139.14 with SMTP id m14mr6266463hud.40.1206652644034;
        Thu, 27 Mar 2008 14:17:24 -0700 (PDT)
Received: from ?10.0.0.3? ( [41.243.195.237])
        by mx.google.com with ESMTPS id t10sm1284196muh.13.2008.03.27.14.17.20
        (version=SSLv3 cipher=OTHER);
        Thu, 27 Mar 2008 14:17:21 -0700 (PDT)
From: Alan McKinnon <alan.mckinnon@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Re: Boot Gentoo to clean windows
Date: Thu, 27 Mar 2008 23:16:00 +0200
User-Agent: KMail/1.9.9
References: <8978E31831121041B2E97EBC0BF8503306AAD3B5@EXVS01.hostedexchange.com> <1206641274.30987.110.camel@NOTE_GENTOO64.PHHEIMNETZ> <47EBF432.9080500@bellsouth.net>
In-Reply-To: <47EBF432.9080500@bellsouth.net>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200803272316.01090.alan.mckinnon@gmail.com>
X-Archives-Salt: 89714a61-0db4-4a17-b775-40f8f3ba9ab2
X-Archives-Hash: 949b926d627957eac23cc76e6d612c36

On Thursday 27 March 2008, Dale wrote:
> Florian Philipp wrote:
> > This is getting OT but I still want to ask:
> > Is it really necessary to run an anti-virus on linux? I just want
> > to hear some opinions on that topic because I thought security
> > fixes for your software are the way to go for fighting virae on
> > linux.
>
> I have not ran a anti-virus here for years and no problems so far.  I
> don't think Linux has this problem except for the rootkit thing.  It
> seems Linux is just pretty much immune to this sort of thing.

Not really immune as such, just well protected. It's very hard to gain 
remote access as a user and then find an exploit to elevate to root 
priviledges. The devastation wrought on the internet by zombie windows 
machines is by and large not really possible on Linux to anything like 
the same degree - if an attacker dupes a user into running some malware 
it tends to run as the user which limits what the malware can do i.e. 
no ports open below 1024 etc etc. 

BUT some points to keep in mind:

1. Linux us still small fry in the desktop market, and not really a 
target for malware scumbags. Why should they? It's much harder to do 
especially when Redmond's finest code in the wild is such juicy low 
hanging fruit. This is bound to change, just a matter of time

2. There are some Linuxes out there that run everything as root. 
Xandros, I'm especially looking at you here. Apparently the Xandros 
devs like the way Redmond does things, right down to the brain dead 
design decisions <sigh> human stupidity is apparently boundless

3. If an attacker gains access to your machine, he can trash your 
personal stuff just for spite. This is catastrophic to the average user 
even though it leaves the rest of the internet just as it was 

-- 
Alan McKinnon
alan dot mckinnon at gmail dot com

-- 
gentoo-user@lists.gentoo.org mailing list