another reason to use adblock and noscript... or just use Linux

Benjamin Scott dragonhawk at gmail.com
Wed Mar 24 15:18:48 EDT 2010 

On Wed, Mar 24, 2010 at 3:02 PM, G Rundlett <greg.rundlett at gmail.com> wrote:
> So, it seems that you're saying: "Don't switch to Linux because even though
> it will prevent you from getting 99% of the malware out there today, someday
> it could be targeted and vulnerable".

  No.  What I'm saying is: A false sense of security is a bad thing.
Don't misrepresent what's really happening.  When it comes to
security, it is critical to understand what's actually happening.

  I'm also looking ahead.  Let's say everybody on Earth says, "Wow,
Greg Rundlett says to switch to Linux because it's more secure.  Let's
do that!"  So next week, everyone is running Linux.  Now all these
problems that happen on MS Windows will happen on Linux instead.

>>  Sure it does: "The same goes for Linux as well: A scam run past
>> someone using Firefox in Ubuntu is still a scam by any other name."
>
> In theory yes, but in practice no.  Clicking on a gif-ad-malware that
> downloads an .exe that works on windows almost assuredly won't do one bit of
> harm on my Ubuntu system.

  I'm not saying there isn't a practical security advantage in using a
minority platform.  Keeping a low profile is a valid technique.

  However, if/when Linux gains significant market share, the Linux
binary/shell script/.deb/autopackage/whatever that gets downloaded
will run just fine.  In other words, this is only an effective
countermeasure *as long as Linux remains a second-class citizen*.  I
don't regard that as a winning strategy.

  Taking your argument to an extreme, one should run something like
BeOS, because *nobody* targets BeOS these days.  Even Linux sees the
occasional network vulnerability scanner attack.  So you'll be
switching to BeOS, right?

  Incidentally, I've read one report of someone demonstrating how
Linux is "imunue to viruses" by double-clicking on an .EXE, only to
watch in surprise as the distro fired up Wine to run it.  Fortunately
it was Minesweeper or something like that.

> Again, I have to disagree from a practical point of view.  I recommended
> that my wife switch to a Mac, and I'm feeling much better that her computer
> won't be affected by malware.

  At my last job, we once had a client who had only Macs, and didn't
run any anti-malware software because "Macs don't get viruses".  Then
they needed to add some MS Win PCs and a server for them.  We
installed that stuff.  We migrated their files to the server.  The
server's anti-malware software promptly quarantined *every single last
Microsoft Word document in the company*, because they were all
infected with macro viruses.  The client fired us, because "Macs don't
get viruses", so it must have been our fault.

-- Ben

More information about the gnhlug-discuss mailing list