sjgadsby | # 31 | 2008-04-17, 18:31 | Report

You're not Tycho Brahe.

GeneralAntilles | # 32 | 2008-04-17, 18:34 | Report

Fine, in Benson's case it'll read: flamethrower-wielding-robot-orgy-sdl.4.1-1_armel.deb

sjgadsby | # 33 | 2008-04-17, 18:37 | Report

Hey, just so long as it's in Maemo Extras with a good description and a version number of reasonable length.

geneven | # 34 | 2008-04-17, 18:42 | Report

But aren't there attachments you could look at in Linux without effect, yet get a virus from in Windows?

Butt of course your grandmother's antivirus software should detect it.

iskarion | # 35 | 2008-04-17, 19:00 | Report

At least not yet in the wild. But this will certainly change once the Linux desktop marketshare significantly increases.

Nowadays creation and distribution of viruses/trojans is mostly driven by commercial interests. Why shoud virus authors bother to write viruses for Linux when the >95% Windows users are an easier, more profitable and much bigger target?

GeneralAntilles | # 36 | 2008-04-17, 19:03 | Report

Possibly, but the "security through obscurity" argument doesn't really pan out. *NIX is simply straight-up more secure than Windows.

sherifnix | # 37 | 2008-04-17, 19:26 | Report

Abstinence or Wear Protection?

adaviel | # 38 | 2008-04-21, 18:05 | Report

It might be possible to port clamav; it's open-source AFAIK and runs on Linux. I use it to clean my mail stream mostly to reduce the volume not that I think I'll get infected.

In case anyone gets too cocky about Linux and viruses, there is nothing whatever to prevent a virus being written that exploits .profile, $HOME/bin, cron, etc in userspace, or various application vulnerabilities.
A while ago now you could write an email virus in PostScript - P/S is actually
a scripting language and unless run in safe mode is able to write to the filesystem, e.g. ~/.signature

Right now there is this huge pool of idiots surfing the Web as root in various Microsoft O/S, but that may change.

bootdoc | # 39 | 2008-04-27, 02:56 | Report

executables cannot be run without root permissions, and then only after that executable has been saved to a folder. yes there are instances where people run all day long as root, for instance the eeepc has no sudoers file. the user can install apps with out password on the highly modified xandros stock os. as far as linux getting more popular, I think with all the different distros being run, it would be hard to write something that would infect more than one or two distros. I may be wrong on that, but it just seems logical.

paulkoan | # 40 | 2008-04-27, 04:27 | Report

Hello bootdoc - have a think about this. In order to run anything it must be executable. If root was required to run executables, then users could not run email programs, browsers or anything else without being root.

This is obviously not the case. The point is that root has access to *everything* and so any executable being run by root has the same level of access.

An executable run by a user account generally has significantly less access, and so cannot do some of the basic things that malware likes to do - hide itself, and run independently of an account - and of course run as root itself.

This is not quite true. The eee pc does have a sudoers file, but is set that all users can run as sudo without a password. This is an important difference, as it means a few changes to the sudoers file can increase security. Having a free for all sudoers is not a good idea imo, and I would say that it is unlikely that the majority of eee pc users will do this.

Remember that a distribution is just a collection of applications that run on the GNU/Linux kernel. Yes, distribution will have its own setup and foibles but fundamentally they are the same, and in many cases a binary executable will run on many distributions without modification - particularly if it has no library dependencies by being self contained or using static linked binaries.