[OT] iPod virus

http://www.kaspersky.com/news?id=207575511

No, it was not posted on Apr.1st.

<quote>...in order for the virus to function, Linux has to be
installed on the iPod...</quote>

So much for Linux being virus-proof

NNN

On Fri, 06 Apr 2007 13:15:19 GMT, "nobody@nowhere.net"
<mygarbage2000@hotmail.com> wrote:

>http://www.kaspersky.com/news?id=207575511
>
>No, it was not posted on Apr.1st.
>
><quote>...in order for the virus to function, Linux has to be
>installed on the iPod...</quote>
>
>So much for Linux being virus-proof

Well, if you setup even the most secured OS to allow programs which
has no business changing other files are allowed to do so, nothing can
be virus-proof. Notice that the article stresses that it requires user
intervention to work? You can make an OS virus-proof, but you can't
make it fool-proof. :P

--
A Lost Angel, fallen from heaven
Lost in dreams, Lost in aspirations,
Lost to the world, Lost to myself

On Sat, 07 Apr 2007 03:56:18 GMT,
a?n?g?e?l@lovergirl.lrigrevol.moc.com (The little lost angel) wrote:

>On Fri, 06 Apr 2007 13:15:19 GMT, "nobody@nowhere.net"
><mygarbage2000@hotmail.com> wrote:
>
>>http://www.kaspersky.com/news?id=207575511
>>
>>No, it was not posted on Apr.1st.
>>
>><quote>...in order for the virus to function, Linux has to be
>>installed on the iPod...</quote>
>>
>>So much for Linux being virus-proof
>
>Well, if you setup even the most secured OS to allow programs which
>has no business changing other files are allowed to do so, nothing can
>be virus-proof. Notice that the article stresses that it requires user
>intervention to work? You can make an OS virus-proof, but you can't
>make it fool-proof. :P

Most of Windows targeting malware also work only when the users open
an attachment they have no business of opening, or get enticed to
visit a page they have no business of visiting. Oh, and also doing it
using an account with full admin rights they have no business of using
for mundane tasks like Web browsing and email reading. Yet somehow
Windows is branded vulnerable, and Linux/MacOS/whatnot is not.

NNN

nobody@nowhere.net <mygarbage2000@hotmail.com> wrote:
> On Sat, 07 Apr 2007 03:56:18 GMT,
> a?n?g?e?l@lovergirl.lrigrevol.moc.com (The little lost angel) wrote:
>
>>On Fri, 06 Apr 2007 13:15:19 GMT, "nobody@nowhere.net"
>><mygarbage2000@hotmail.com> wrote:
>>
>>>http://www.kaspersky.com/news?id=207575511
>>>
>>>No, it was not posted on Apr.1st.
>>>
>>><quote>...in order for the virus to function, Linux has to be
>>>installed on the iPod...</quote>
>>>
>>>So much for Linux being virus-proof
>>
>>Well, if you setup even the most secured OS to allow programs which
>>has no business changing other files are allowed to do so, nothing can
>>be virus-proof. Notice that the article stresses that it requires user
>>intervention to work? You can make an OS virus-proof, but you can't
>>make it fool-proof. :P
>
> Most of Windows targeting malware also work only when the users open
> an attachment they have no business of opening, or get enticed to
> visit a page they have no business of visiting. Oh, and also doing it
> using an account with full admin rights they have no business of using
> for mundane tasks like Web browsing and email reading. Yet somehow
> Windows is branded vulnerable, and Linux/MacOS/whatnot is not.
>
> NNN
>
Because knowledgable Linux users don't browse arbitrary web sites
as root perhaps?

Take a look at some of the current Windows exploits, many don't
require _any_ user intervention except visiting a compromised web
site (the animated cursor exploit, for example).

Jerry

"nobody@nowhere.net" <mygarbage2000@hotmail.com> wrote in message
news:amhc13hllh17lppdt6rm0thvith1fdbla2@4ax.com...
> http://www.kaspersky.com/news?id=207575511
>
> No, it was not posted on Apr.1st.
>
> <quote>...in order for the virus to function, Linux has to be
> installed on the iPod...</quote>
>
> So much for Linux being virus-proof
>
> NNN
>

Only a fool would have ever said that Linux was virus proof.

"Del Cecchi" <delcecchiofthenorth@gmail.com> wrote in message
news:57r6h5F2eb9o6U1@mid.individual.net...
>
>
> Only a fool would have ever said that Linux was virus proof.

Too bad too many such fools preach the great hype around. Viva Linux, abat
(down with) MS....

nobody@nowhere.net <mygarbage2000@hotmail.com> wrote in part:
> So much for Linux being virus-proof

No-one ever claimed that Linux is. To even use the term
"virus" is usually imprecise.

There are two fundamentally different ways undesireable code
gets executed on a machine:

1) The user brings it in, believing it is something
useful. This is called a "trojan" for obvious reasons.

2) The OS or commonly run daemons [services] have some
form of vulnerability that can be exploited by an automated
attack without user intervention. This is called a "worm".

Linux aims to be "worm-proof". It does not aim to be "trojan-proof"
since this would excessively limit the user. Unix and other
Linux-like systems are built with the implied basis that usercode
may be hostile, and damage should be isolated to user data.

Most of the malicious pgms are actually trojans.
The occasional worm [Slammer] pops up.


-- Robert

On Sat, 07 Apr 2007 21:15:37 GMT, Jerry Peters <jerry@example.invalid>
wrote:

>nobody@nowhere.net <mygarbage2000@hotmail.com> wrote:
>> On Sat, 07 Apr 2007 03:56:18 GMT,
>> a?n?g?e?l@lovergirl.lrigrevol.moc.com (The little lost angel) wrote:
>>
>>>On Fri, 06 Apr 2007 13:15:19 GMT, "nobody@nowhere.net"
>>><mygarbage2000@hotmail.com> wrote:
>>>
>>>>http://www.kaspersky.com/news?id=207575511
>>>>
>>>>No, it was not posted on Apr.1st.
>>>>
>>>><quote>...in order for the virus to function, Linux has to be
>>>>installed on the iPod...</quote>
>>>>
>>>>So much for Linux being virus-proof
>>>
>>>Well, if you setup even the most secured OS to allow programs which
>>>has no business changing other files are allowed to do so, nothing can
>>>be virus-proof. Notice that the article stresses that it requires user
>>>intervention to work? You can make an OS virus-proof, but you can't
>>>make it fool-proof. :P
>>
>> Most of Windows targeting malware also work only when the users open
>> an attachment they have no business of opening, or get enticed to
>> visit a page they have no business of visiting. Oh, and also doing it
>> using an account with full admin rights they have no business of using
>> for mundane tasks like Web browsing and email reading. Yet somehow
>> Windows is branded vulnerable, and Linux/MacOS/whatnot is not.
>>
>> NNN
>>
>Because knowledgable Linux users don't browse arbitrary web sites
>as root perhaps?
>
>Take a look at some of the current Windows exploits, many don't
>require _any_ user intervention except visiting a compromised web
>site (the animated cursor exploit, for example).
>
> Jerry

Sure in order to just think Linux the users need to have at least some
knowledge. Unlike those, Windows users just get the system from the
store/school/work and start using it without much thinking. While
school/work PC is most of the time set up more or less right - that is
with limited user account, antivirus, firewall, etc., the one that
comes from the store boots up straight to Administrator account, not
even ctrl-alt-del required, and the password is blank. The users that
know change it. However most of the users don't know and/or don't
care. And that kind of user is also the one to most likely install
animated cursors and other crap that oftentimes comes with trojans
attached.
Guess who is more likely to be caught for drunk driving - the ones
coming back from child play date, or the ones coming back from a
football game with usual tailgate beer bash? Maybe not a direct
comparison, but you've got the point.

NNN

NNN wrote:

> [...] Windows users just get the system from the
> store/school/work and start using it without much thinking. While
> school/work PC is most of the time set up more or less right - that is
> with limited user account, antivirus, firewall, etc., the one that
> comes from the store boots up straight to Administrator account, not
> even ctrl-alt-del required, and the password is blank. The users that
> know change it. However most of the users don't know and/or don't
> care. And that kind of user is also the one to most likely install
> animated cursors and other crap that oftentimes comes with trojans
> attached.

It is Microsoft's responsibility to make these users care.

Spoon <devnull@localhost.com> wrote in part:
> NNN wrote:
>> [...] Windows users just get the system from the store/school/work
>> and start using it without much thinking. While school/work PC is
>> most of the time set up more or less right - that is with limited user
>> account, antivirus, firewall, etc., the one that comes from the store
>> boots up straight to Administrator account, not even ctrl-alt-del
>> required, and the password is blank. The users that know change it.
>> However most of the users don't know and/or don't care. And that
>> kind of user is also the one to most likely install animated cursors
>> and other crap that oftentimes comes with trojans attached.
>
> It is Microsoft's responsibility to make these users care.

.... and with all the bugs, MS isn't doing just that?

IMO, MS has some chosen some _extremely_ bad default options
for many of its' pgms. They could have just incorporated the
NIST settings. They didn't, and not by accident.

AFAICS, MS _chose_ insecurity because it minimizes early tech
support calls (at the expense of later ones due to infections).


-- Robert