[Wine] Re: Crazy (and just maybe awesome) idea: Winux

oiaohm wineforum-user at winehq.org
Sun Mar 7 18:17:54 CST 2010


James McKenzie worms do appear on Linux in low numbers.  And some are clones of windows ones by the way.   Reason why ubuntu running a non peer reviewed Mandorary Secuirty system by default is a worry ie apparmor.

Sorry to have to correct you James McKenzie

> Linux was not built in
> the period of trust and has all of the security features from the
> current period. 

Linux was built in the period of trust.  Early Linux's don't have well working secuirty systems.  Only by 1993 ie 2 years into Linux did DAC start working.   Even up to 2000 Most Linux's were depending on DAC that is not really a good secuirty system.   Windows design is about as good as Linux but due to poor implementation and support of bad programs it secuirty has been rendered worthless.  Basically MS correct the implementation tones of applications will fail.  I normally don't have to correct you on things like this James you are normally correcting my oversites.  Lack of operation real-time scanning in Linux is a left over from the time of trust.

Proper setup secuirty systems most BIND CVE listing alone don't work to get into systems.   Also lot of the plushing ones recently have been caused by DNS servers not running authenticated communication that BIND for updating has supported since 2001.   Funny thing here lot of CVE listing about Linux when you did deeper only functional to attack system if user is not running items like selinux.   Basically Linux lot of distributions over the years hardened.   But we do still have some stupidly soft ones.

Really my words on installing from everywhere is true.   Most people who are infected you can trace back to going into untrustworthy locations.  Like a lot of activation hacks for windows are virues about 80 percent of them even worse deep digging kernel level root kits.

Same applies across lots of breach of copyright stuff ie lot of stuff in self extracting achives the archive extract program is infected.   Lot of fake anti-viruses have been even taking out banner ads.    These are still the install from everywhere point of view.

Next is running items like IE that is too tied to the OS under and has been very bad swiss cheese party due to design.

Finally after all that is site plushing and emails.  

Linux repos arcives are also signed.   Good package managers will inform you of key chanage some even go as far as refusing to aquire packages.  So just plushing the site is not enough.

Gullible jones enough malware and viruses run in wine that it can be used in mil simulations of how a virus or malware will spreed.

Some of wine worst disasters have come from file infector viruses running as root and the infector failing to tell the difference between a Linux native elf and a windows PE and infecting everything including the Linux kernel image so the OS does not even boot.   So don't presume file infectors will be less damaging under wine.   They can be many times worse.  Reason why every time someone runs wine as root you will here people saying don't.

Some fake anti-viruses do work.  But the ones that hook in like real anti-viruses don't.   So far the record for numbers of operational viruses inside wine at the same time is about 150.   And I do mean operational basically platinum rated all their features worked.







More information about the wine-users mailing list