ZDNet UK

Plug-in guide


News | Reviews | Downloads | Shopping | Auctions

Linux viruses from China predicts Russian expert
ZDNN Home
NextPrevious
Mon, 24 Jan 2000 14:51:58 GMT
Will Knight

Kaspersky Lab Anti-Virus reckons Linux users will be under attack from Chinese viruses... soon. Will Knight reports

A Russian anti-virus expert has warned that an influx of viruses targeted at the Linux operating system (OS) is on its way courtesy of hackers in China.

Eugene Kaspersky, founder of Kaspersky Lab Anti-Virus in Moscow, says the increasing popularity of the open source operating system in the West, combined with the dramatic uptake of Linux in China, will result in a plague of Linux viruses spreading their way across the globe.

Although there exist a few 'proto-viruses' (incomplete viruses) designed to attack Linux, no functional versions have yet been discovered. Kaspersky says that experts at his company's laboratories have successfully completed one such prototype: the result is a fully functional and potentially virile Linux virus. Kaspersky assures ZDNet that the virus is under lock and key and will stay that way.

According to Kaspersky, Linux poses a new challenge for virus-fighters because its open source-code will put viruses-writers at a distinct advantage. He also says, "It's easier to develop a virus [for Linux] because the binary format of Linux executables is very easy to understand, making it easier to modify files."

But while Kaspersky warns of imminent doom for the open source phenomenon, Jason Clifford, Linux developer and consultant, thinks the threat is overblown. He points out that the file system in Linux is structured to make it more difficult for malicious code to spread. "Because Linux is based on Unix, it is much more strict about file permissions. In order for a virus to have a real effect it would require someone to be stupid enough to run (log in) as root. On a system with 1000 users, if one user were to compile a virus he would damage his own files but no anyone else's."

Clifford reckons the suggestion harks back to the old myth of "security by obscurity" and argues that access to source code actually makes Linux more secure than its commercial rivals. Freely available source code means thousands of experts within the open source community are able to perform security audits, he says.

Clifford adds that although it is possible for a Linux machine to be infected with a virus, vulnerability has more to do with a users vigilance than the operating system itself. "It's not so much about the product but about how you manage your system. We advise people never to do anything in root unless they absolutely have to."

Linux viruses are, as yet, unheard of. Will this change as it becomes more popular? Tell the Mailroom

Take me to the Virus Workshop

Take me to the Linux Lounge

Email storyMail this story to a friend
Print storyPrint this story

 Related news stories:
 ·  Network Associates divides itself
 ·  CA warns 'Plage2000' is in the wild
 ·  A Year Ago: 'Cowboys' using Action 2000 database to con firms
 ·  First Windows 2000 virus discovered
 ·  Greek cash registers back to 1900

  Other stories from: Mon, 24 Jan 2000

ZDNN Home NextPrevious


Copyright ©2000 ZDNet UK. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of ZDNet Inc. is prohibited. ZDNet and the ZDNet logo are trademarks of Ziff-Davis Publishing Company.
 
 Search News Archive
  
  
· Search similar
· Search help
 Today's top stories
· IT Week: EC proposes faster unbundling
· World Online expands European empire with Bun.com
· IT Week: Dual processor PC to ease Windows 2000 burden
· IT Week: When is a bug not a bug?

Click here
 News Specials
 ·  Specials home
 ·  Windows 2000
 ·  techTrader
 ·  MP3 Newsroom
 ·  Linux Lounge
 ·  Nuggets - gadgets galore
 ·  Hackers
 ·  XML - future of the Web
  Free Newsletter

The best in tech news - emailed daily!
 

 Sitewide
· New! Teleworking -- PC Magazine Guide
· Find the best Web music sites with RadioSpy
· techTrader -- news for investors in Web firms