[SWLUG] thoughts on mydoom
bascule
asura at theexcession.co.uk
Wed Jan 28 18:21:54 UTC 2004
reports today describe the latest windows virus/trojan as the fastest/biggest
ever; maybe it is but it got me thinking, this trojan relies on no exploit on
the machine, rather it exploits people, and i'm not aware that human v1.1 is
due any day soon!
now imagine that linux is a mainstream desktop in use by as many people who
use windows, it follows that an awful lot of those users will be the same
folk who deliberately chose to run attachments arriving in their recent
email,
even allowing for education to filter into peoples brains in the time it would
take for linux to become a mainstream desktop this means that linux <as it is
now> would be very vulnerable to a mydoom type trojan,
1. if linux is a mainstream desktop then odds are the 'average' user is using
a mail program and addressbook that can easily be guessed,
2. the goal of most trojans is not to trash the system, who needs root to set
up a user cronjob or send mail to a users list of contacts?
so how secure is linux really?
bascule
--
"`Credit?' he said. `Aaaargggh...'
These two words are usually coupled together in the Old
Pink Dog Bar."
-- Ford in a spot of bother.
More information about the Swlug
mailing list