Microsoft Office blocks certain files as virus sources--why not addLinux next? Linux is virusware. - Linux

This is a discussion on Microsoft Office blocks certain files as virus sources--why not addLinux next? Linux is virusware. - Linux ; MSFT is blocking certain older file formats as unsecure it's been reported--why not add Linux to the list? After all, Linux is open source and open source means anybody, in particular a hacker, can gain access to the innards of ...

+ Reply to Thread
Page 1 of 7 1 2 3 ... LastLast
Results 1 to 20 of 132

Thread: Microsoft Office blocks certain files as virus sources--why not addLinux next? Linux is virusware.

  1. Microsoft Office blocks certain files as virus sources--why not addLinux next? Linux is virusware.

    MSFT is blocking certain older file formats as unsecure it's been
    reported--why not add Linux to the list? After all, Linux is open
    source and open source means anybody, in particular a hacker, can gain
    access to the innards of a file and hide a virus in it. Further,
    since Linux OS kernel is open-source, a hacker can disquise the virus
    to become an integral part of the OS--and no virus checker (not that
    Linux has any virus checkers, that's how primitive it is) can spot it.

    Linux reminds me of the early days of the Internet when a Columbia
    University math professor's son designed a worm that clogged the Net
    for a few days--this was about 15 years ago--and it was because the
    Net at that time was "open source' meaning everybody, including the
    bad guys, could easily shut the net down.

    Another reason to fear open source IMO.

    (Yes, yes, I know, I'm a troll, but that doesn't address the issues
    above. Rex Ballard, comments?)

    RL

  2. Re: Microsoft Office blocks certain files as virus sources--why notaddLinux next? Linux is virusware.

    On Fri, 04 Jan 2008 09:18:56 -0800, raylopez99 wrote:

    > MSFT is blocking certain older file formats as unsecure it's been
    > reported--why not add Linux to the list?


    .... becasue Linux is not a file format?

    > After all, Linux is open
    > source and open source means anybody, in particular a hacker, can gain
    > access to the innards of a file and hide a virus in it.


    They might, but it would be easily seen and fixed.
    > Further, since
    > Linux OS kernel is open-source, a hacker can disquise the virus to
    > become an integral part of the OS--and no virus checker (not that Linux
    > has any virus checkers, that's how primitive it is) can spot it.


    How would they propagate that virus laden kernel?

    >
    > Linux reminds me of the early days of the Internet when a Columbia
    > University math professor's son designed a worm that clogged the Net for
    > a few days--this was about 15 years ago--and it was because the Net at
    > that time was "open source' meaning everybody, including the bad guys,
    > could easily shut the net down.


    No, that wasn't the reason.

    >
    > Another reason to fear open source IMO.


    ... which shows your stupidity.

    >
    > (Yes, yes, I know, I'm a troll, but that doesn't address the issues
    > above. Rex Ballard, comments?)
    >

    Thanks for admitting your trollness. Now, what about your stupidity?


    --
    Rick

  3. Re: Microsoft Office blocks certain files as virus sources--why not add Linux next? Linux is virusware.

    On Fri, 04 Jan 2008 09:18:56 -0800, raylopez99 wrote:

    > MSFT is blocking certain older file formats as unsecure it's been
    > reported--why not add Linux to the list? After all, Linux is open
    > source and open source means anybody, in particular a hacker, can gain
    > access to the innards of a file and hide a virus in it. Further,
    > since Linux OS kernel is open-source, a hacker can disquise the virus
    > to become an integral part of the OS--and no virus checker (not that
    > Linux has any virus checkers, that's how primitive it is) can spot it.


    MS already DOES everything they can to block all that is non-MS. What
    would you like them to add?

    >
    > Linux reminds me of the early days of the Internet when a Columbia
    > University math professor's son designed a worm that clogged the Net
    > for a few days--this was about 15 years ago--and it was because the
    > Net at that time was "open source' meaning everybody, including the
    > bad guys, could easily shut the net down.


    It also means that when a security issue is spotted it is almost always
    fixed immediately - rather than waiting for six months to issue a security
    patch as MS does.

    >
    > Another reason to fear open source IMO.


    I'm much more afraid of the MS virtual monopoly.

    >
    > (Yes, yes, I know, I'm a troll, but that doesn't address the issues
    > above. Rex Ballard, comments?)
    >
    > RL



  4. Re: Microsoft Office blocks certain files as virus sources--why not add Linux next? Linux is virusware.

    ray wrote:


    > It also means that when a security issue is spotted it is almost always
    > fixed immediately - rather than waiting for six months to issue a security
    > patch as MS does.


    Most of the time. There are certain vulnerabilities that MS has NEVER
    patched!

    --
    Posted via a free Usenet account from http://www.teranews.com


  5. Re: Microsoft Office blocks certain files as virus sources--why not add Linux next? Linux is virusware.

    raylopez99 did eloquently scribble:
    > (Yes, yes, I know, I'm a troll, but that doesn't address the issues
    > above. Rex Ballard, comments?)


    There ARE no "issues above".
    You're just picking flawed arguments out of the air now, aren't you.
    You think there's no security in the kernel development process?
    You think they accept anything from anyone?
    The most hilarious thing is you think linux has no virus checkers.
    Linux has far more than "just virus checkers", it has far more security
    built into it than anyhing microsoft could ever dream of in the base OS.

    That includes firewalls (sophisticated ones, not the crap microsoft tries to
    dump on you necessitating the install of third party firewalls), file
    integrity scanners, virus (yes, there are some) checkers, rootkit checkers,
    filesystem permissions and an ethos of NOT LOGGING IN AS ADMINISTRATOR!
    The ethos is one of the important ones. It means programs written for
    unix/linux don't EXPECT admin privs. Which appears to be how many windows
    programs play.
    --
    __________________________________________________ ____________________________
    | spike1@freenet.co.uk | "I'm alive!!! I can touch! I can taste! |
    |Andrew Halliwell BSc(hons)| I can SMELL!!! KRYTEN!!! Unpack Rachel and |
    | in | get out the puncture repair kit!" |
    | Computer Science | Arnold Judas Rimmer- Red Dwarf |
    ------------------------------------------------------------------------------

  6. Re: Microsoft Office blocks certain files as virus sources--why not add Linux next? Linux is virusware.


    "gordon" wrote in message
    news:477e6b29$0$26019$88260bb3@free.teranews.com.. .
    > ray wrote:
    >
    >
    >> It also means that when a security issue is spotted it is almost always
    >> fixed immediately - rather than waiting for six months to issue a
    >> security
    >> patch as MS does.

    >
    > Most of the time. There are certain vulnerabilities that MS has NEVER
    > patched!
    >

    Nothing of any consequence, though. The real problem is that users do not
    apply available fixes and that isn't limited to Windows users. The Linux
    patch system is pretty clumsy and ineffective in reaching affected users.


  7. Re: Microsoft Office blocks certain files as virus sources--why not add ?Linux next? Linux is virusware.

    Rick wrote:
    > They might, but it would be easily seen and fixed.
    >> Further, since
    >> Linux OS kernel is open-source, a hacker can disquise the virus to
    >> become an integral part of the OS--and no virus checker (not that Linux
    >> has any virus checkers, that's how primitive it is) can spot it.

    >
    > How would they propagate that virus laden kernel?


    Exactly. Just because you know how to hide an exploit in the
    Linux kernel does not mean it will be accepted into the official
    kernel tree. There is actually a rather rigorous peer review
    and vetting of patches before they are accepted.

    In all my time on the Linux Kernel Mailing List, I've only seen
    one example of what might have been an attempted maliceous patch.
    It had a test condition using '=' instead of '==' to always
    assign a value instead of just examining it, possible privilege
    escalation being the result. It was rejected rather quickly.
    I could easily imagine something like it slipping through in
    a closed source environment where fewer people are reviewing the
    code.

    Thad
    --
    Yeah, I drank the Open Source cool-aid... Unlike the other brand, it had
    all the ingredients on the label.

  8. Re: Microsoft Office blocks certain files as virus sources--why not add Linux next? Linux is virusware.

    amicus_curious wrote:

    >
    > "Rick" wrote in message
    > news:13nsriingnqjk3e@news.supernews.com...
    >>


    < snip billwg idiocy >

    >>> Further, since
    >>> Linux OS kernel is open-source, a hacker can disquise the virus to
    >>> become an integral part of the OS--and no virus checker (not that Linux
    >>> has any virus checkers, that's how primitive it is) can spot it.

    >>
    >> How would they propagate that virus laden kernel?
    >>

    > New versions are coming out lickety-split and patches are frequent. Hide
    > it in there and after a short while everyone will have it.


    So knowledge how linux kernels are distributed / maintained is another thing
    you know absolutely nothing about

    What a surprise...
    --
    Microsoft's Guide To System Design:
    If it starts working, we'll fix it. Pronto.


  9. Re: Microsoft Office blocks certain files as virus sources--why notaddLinux next? Linux is virusware.

    On Fri, 04 Jan 2008 14:33:30 -0500, amicus_curious wrote:

    > "gordon" wrote in message
    > news:477e6b29$0$26019$88260bb3@free.teranews.com.. .
    >> ray wrote:
    >>
    >>
    >>> It also means that when a security issue is spotted it is almost
    >>> always fixed immediately - rather than waiting for six months to issue
    >>> a security
    >>> patch as MS does.

    >>
    >> Most of the time. There are certain vulnerabilities that MS has NEVER
    >> patched!
    >>

    > Nothing of any consequence, though. The real problem is that users do
    > not apply available fixes and that isn't limited to Windows users. The
    > Linux patch system is pretty clumsy and ineffective in reaching affected
    > users.


    What system are you speaking of? The ones that notify users of updates
    for any app in the distos's repositories?

    --
    Rick

  10. Re: Microsoft Office blocks certain files as virus sources--why not add Linux next? Linux is virusware.

    In comp.os.linux.advocacy, amicus_curious

    wrote
    on Fri, 4 Jan 2008 14:33:30 -0500
    <477e8a0a$0$25524$ec3e2dad@news.usenetmonster.com>:
    >
    > "gordon" wrote in message
    > news:477e6b29$0$26019$88260bb3@free.teranews.com.. .
    >> ray wrote:
    >>
    >>
    >>> It also means that when a security issue is spotted it is almost always
    >>> fixed immediately - rather than waiting for six months to issue a
    >>> security patch as MS does.

    >>
    >> Most of the time. There are certain vulnerabilities that MS has NEVER
    >> patched!
    >>

    > Nothing of any consequence, though. The real problem is that users do not
    > apply available fixes and that isn't limited to Windows users. The Linux
    > patch system is pretty clumsy and ineffective in reaching affected users.
    >


    Is it? The kernel isn't usually the vulnerability entry
    point. Most of the Linux/distro issues are related to
    various daemons and the Firefox web browser. Some of these
    are fairly serious but in most cases the users affected are
    those who know how to run the daemons.

    Module patches are rare; true kernel patches even rarer.
    The only kernel patch I know of was the infamous tear.c
    DoS issue, which might have been exploitable, but the
    bug was very quickly patched.

    Most users go through their distro for such patches anyway.

    --
    #191, ewill3@earthlink.net
    Useless C++ Programming Idea #992398129:
    void f(unsigned u) { if(u < 0) ... }

    --
    Posted via a free Usenet account from http://www.teranews.com


  11. Re: Microsoft Office blocks certain files as virus sources--why not add ?Linux next? Linux is virusware.

    amicus_curious wrote:
    >
    > Nothing of any consequence, though. The real problem is that users do not
    > apply available fixes and that isn't limited to Windows users. The Linux
    > patch system is pretty clumsy and ineffective in reaching affected users.


    Eh? Apt and RPM based distros automatically get updates from their
    repository systems and have for years. Unlike Windows Update, the
    Linux system handles ALL the software, including third party software
    accepted into the repository and vendor repositories added to the
    source list. This is all handled automatically, seamlessly, with
    all dependencies sorted out and never a reboot needed accept when
    a kernel version changes.

    Furthermore, you can even do complete version upgrades this way. I
    recently upgraded an Ubuntu 7.04 system to 7.10 remotely, over the
    Internet, from more than 1000 miles away actually. It was as simple
    as pointing the system at the new apt repository and issuing the
    upgrade command (or just a mouse click if I had been at the console).

    What exactly is 'clumsy' or 'ineffective' about that?

    Thad
    --
    Yeah, I drank the Open Source cool-aid... Unlike the other brand, it had
    all the ingredients on the label.

  12. Re: Microsoft Office blocks certain files as virus sources--why not add Linux next? Linux is virusware.

    On Fri, 4 Jan 2008 09:18:56 -0800 (PST), raylopez99 wrote:
    >MSFT is blocking certain older file formats as unsecure it's been
    >reported--why not add Linux to the list? After all, Linux is open
    >source and open source means anybody, in particular a hacker, can gain
    >access to the innards of a file and hide a virus in it. Further,


    It means the exact opposite. Nobody can hide
    anything anywhere as everything is open for all to examine.

    Hint: count the number of windows viruses, worms, trojans, etc. running
    around in the wild. You can't; there are too many.
    count the number of linux viruses, worms, trojans, etc. running around
    in the wild. Easy. It's zero. Even you can count that high.

  13. Re: Microsoft Office blocks certain files as virus sources--why not add Linux next? Linux is virusware.

    On Fri, 4 Jan 2008 14:33:30 -0500, amicus_curious wrote:

    >"gordon" wrote in message
    >news:477e6b29$0$26019$88260bb3@free.teranews.com.. .
    >> ray wrote:
    >>
    >>
    >>> It also means that when a security issue is spotted it is almost always
    >>> fixed immediately - rather than waiting for six months to issue a
    >>> security
    >>> patch as MS does.

    >>
    >> Most of the time. There are certain vulnerabilities that MS has NEVER
    >> patched!
    >>

    >Nothing of any consequence, though. The real problem is that users do not
    >apply available fixes and that isn't limited to Windows users. The Linux
    >patch system is pretty clumsy and ineffective in reaching affected users.


    The real problem is that the default windows users run with all protection
    disabled.

  14. Re: Microsoft Office blocks certain files as virus sources--why not add ?Linux next? Linux is virusware.

    In article <4ce255-bef.ln1@tux.glaci.com>,
    thad05@tux.glaci.delete-this.com wrote:
    > In all my time on the Linux Kernel Mailing List, I've only seen
    > one example of what might have been an attempted maliceous patch.
    > It had a test condition using '=' instead of '==' to always
    > assign a value instead of just examining it, possible privilege
    > escalation being the result. It was rejected rather quickly.
    > I could easily imagine something like it slipping through in
    > a closed source environment where fewer people are reviewing the
    > code.


    That's similar to the hole that was found in X about a year and a half
    ago that let non-root users run code as root. The bug there was that
    parenthesis were missing on a call to a function with no args, so
    instead of calling the function and using the return value in a
    condition, it was using the address of the function in the condition.


    --
    --Tim Smith

  15. Re: Microsoft Office blocks certain files as virus sources--why not add Linux next? Linux is virusware.

    amicus_curious wrote:
    >
    > Maybe, maybe not. For example lets design some kind of low profile Trojan
    > such as is often alleged to be infecting Windows machines. Since it is so
    > low profile, the user is unaware of its existence. Now put that code in the
    > binary distribution but do not show the source in any source distribution.
    > If someone recompiles the distribution from the source, then the Trojan is
    > lost, but what percentage of Linux users actually do any of that? If
    > someone were to compare the size and signature of each and every file in the
    > distribution before and after a recompile, then the problem might be
    > noticed, but I think that is a rare thing and so a worm or the like could
    > hide in Linux indefinitely.


    OK, so how exactly do we 'put that code in the binary distribution'?
    Last I checked, the Ubuntu and Fedora projects are not handing out
    root access to their servers to just anyone, and the build process
    includes generation of checksums for the ISO image. Unless you are
    suggesting the distro providers themselves are infecting their code.

    In that case even recompiling the code is not a perfect fix, because
    the binary of the compiler might be infected to silently insert
    backdoors into your apps as you compile them, including the compiler
    itself when you recompile it from source. I think it was Kernighan
    or perhaps Ritchie of C fame that first suggested this approach, and
    I curse him for putting the evil thought in my head. >

    Seriously though, the risk of that sort of thing is vanishingly
    small, and your risks are still much higher with closed source
    code if only because non malicious bugs are more likely to
    slip through. That whole many eyes thing you know...

    Thad
    --
    Yeah, I drank the Open Source cool-aid... Unlike the other brand, it had
    all the ingredients on the label.

  16. Re: Microsoft Office blocks certain files as virus sources--why not add Linux next? Linux is virusware.

    rat wrote:

    > (snip ignorant bull****)


    You're an ignorant, lying fsckwit, rat.


  17. Re: Microsoft Office blocks certain files as virus sources--why not add Linux next? Linux is virusware.

    In article ,
    thad05@tux.glaci.delete-this.com wrote:
    > In that case even recompiling the code is not a perfect fix, because
    > the binary of the compiler might be infected to silently insert
    > backdoors into your apps as you compile them, including the compiler
    > itself when you recompile it from source. I think it was Kernighan
    > or perhaps Ritchie of C fame that first suggested this approach, and
    > I curse him for putting the evil thought in my head. >


    Close. It was Ken Thompson. And he not only suggested it. He
    implemented it, to prove it would work. Also, subverting login and the
    compiler, his implementation subverted the disassembler, so it would not
    show you the bad code if you became suspicious that the compiler or
    login were hacked and disassembled them.


    --
    --Tim Smith

  18. Re: Microsoft Office blocks certain files as virus sources--why not add Linux next? Linux is virusware.


    "The Ghost In The Machine" wrote in message
    news:7lg255-fno.ln1@sirius.tg00suus7038.net...
    ..>>>
    >> Nothing of any consequence, though. The real problem is that users do
    >> not
    >> apply available fixes and that isn't limited to Windows users. The Linux
    >> patch system is pretty clumsy and ineffective in reaching affected users.
    >>

    >
    > Is it? The kernel isn't usually the vulnerability entry
    > point. Most of the Linux/distro issues are related to
    > various daemons and the Firefox web browser. Some of these
    > are fairly serious but in most cases the users affected are
    > those who know how to run the daemons.
    >
    > Module patches are rare; true kernel patches even rarer.
    > The only kernel patch I know of was the infamous tear.c
    > DoS issue, which might have been exploitable, but the
    > bug was very quickly patched.
    >
    > Most users go through their distro for such patches anyway.
    >

    Kind of going around Robin Hood's barn to get at the gist of the matter in
    my opinion. I downloaded and registered my free copy of Novell's Linux some
    months ago and I get an email about every 2 days out of three with
    information on how to separately download and install anywhere from 1 to 10
    updates. This would keep me going for some time if I were to bother with
    it. For those who want to play along, Microsoft at least offers a single
    signup that will look for updates periodically and install them
    automatically without having to read the mail, do the individual downloads,
    and then run the yast installer. The casual user is much more likely to
    survive with the Windows feature than with the Novell method.


  19. Re: Microsoft Office blocks certain files as virus sources--why not add ?Linux next? Linux is virusware.


    wrote in message
    news:9nh255-5dg.ln1@tux.glaci.com...
    > amicus_curious wrote:
    >>
    >> Nothing of any consequence, though. The real problem is that users do
    >> not
    >> apply available fixes and that isn't limited to Windows users. The Linux
    >> patch system is pretty clumsy and ineffective in reaching affected users.

    >
    > Eh? Apt and RPM based distros automatically get updates from their
    > repository systems and have for years. Unlike Windows Update, the
    > Linux system handles ALL the software, including third party software
    > accepted into the repository and vendor repositories added to the
    > source list. This is all handled automatically, seamlessly, with
    > all dependencies sorted out and never a reboot needed accept when
    > a kernel version changes.
    >

    So what is Novell? It doesn't do that at all.

    > Furthermore, you can even do complete version upgrades this way. I
    > recently upgraded an Ubuntu 7.04 system to 7.10 remotely, over the
    > Internet, from more than 1000 miles away actually. It was as simple
    > as pointing the system at the new apt repository and issuing the
    > upgrade command (or just a mouse click if I had been at the console).
    >
    > What exactly is 'clumsy' or 'ineffective' about that?
    >

    Start with the fact that I have never heard tell of it. You all will sneer,
    but I am, in spite of your sneers, reasonably astute in regards to this sort
    of thing and much more likely to know about it than most people. So if I
    don't know, it is a failure of the community to reach out and educate me and
    by inference a failure to educate anyone.

    >.



  20. Re: Microsoft Office blocks certain files as virus sources--why not add Linux next? Linux is virusware.


    "AZ Nomad" wrote in message
    news:slrnfnt6sq.rqq.aznomad.2@ip70-176-155-130.ph.ph.cox.net...
    > On Fri, 4 Jan 2008 14:33:30 -0500, amicus_curious wrote:
    >
    >>"gordon" wrote in message
    >>news:477e6b29$0$26019$88260bb3@free.teranews.com.. .
    >>> ray wrote:
    >>>
    >>>
    >>>> It also means that when a security issue is spotted it is almost always
    >>>> fixed immediately - rather than waiting for six months to issue a
    >>>> security
    >>>> patch as MS does.
    >>>
    >>> Most of the time. There are certain vulnerabilities that MS has NEVER
    >>> patched!
    >>>

    >>Nothing of any consequence, though. The real problem is that users do not
    >>apply available fixes and that isn't limited to Windows users. The Linux
    >>patch system is pretty clumsy and ineffective in reaching affected users.

    >
    > The real problem is that the default windows users run with all protection
    > disabled.


    Quite the opposite now. That's why some people have voiced some
    frustratioin with Vista since some things won't work without being enabled.


+ Reply to Thread
Page 1 of 7 1 2 3 ... LastLast