Do we have a Boinc virus?


log in

Advanced search

Message boards : Number crunching : Do we have a Boinc virus?

Previous · 1 . . . 22 · 23 · 24 · 25 · 26 · 27 · Next
Author Message
Profile Michael Buckingham
Volunteer tester
Avatar
Send message
Joined: 21 Aug 99
Posts: 4508
Credit: 2,676,597
RAC: 0
United States
Message 249427 - Posted: 17 Feb 2006, 18:20:55 UTC - in response to Message 249407.


Isn't the root account built in to Linux?

(and in any recent version of Windows, you can disable IE)

Again, the point isn't that Windows is perfect -- or that Linux is better or worse. The point is that ultimately, the person who administers the machine has choices. They can choose to use the root account all the time if they wish.



My point was that for you to surf safely, you had to go outside and get a 3rd party application. Even if your using an unpriviledged account on your windows machine. IE is unsafe. Maybe I don't really have a problem with Windows...my problem is with Microsoft and their half a$$ development.


... and with Linux, I have the option of using a Linux-developed browser and not some third party application like Firefox?

But, we're back talking about the technology, and the problem is a people problem.

For every system, there exists some person who can do something stupid and the system will be vulnerable as a result.

It's a social problem. There are more windows desktops, so the odds of finding a windows desktop foolishly run insecurely are higher.


Linux doesn't have a browser. Everything under Linux has been developed open source. + I have the source code to anything that is on my system. I know exactly what it's doing.

The difference is, I am not a slave to Windows. I am glad to see that you don't use IE as a browser. I don't have to fear running MS developed software for fear of some security flaw.

Besides, I can run most windows applications anyway under Linux. Not the other way around.
____________


http://www.mikesbawx.org/photo/

1mp0£173
Volunteer tester
Send message
Joined: 3 Apr 99
Posts: 8423
Credit: 356,897
RAC: 0
United States
Message 249437 - Posted: 17 Feb 2006, 19:36:59 UTC - in response to Message 249427.


... and with Linux, I have the option of using a Linux-developed browser and not some third party application like Firefox?

But, we're back talking about the technology, and the problem is a people problem.

For every system, there exists some person who can do something stupid and the system will be vulnerable as a result.

It's a social problem. There are more windows desktops, so the odds of finding a windows desktop foolishly run insecurely are higher.


Linux doesn't have a browser. Everything under Linux has been developed open source. + I have the source code to anything that is on my system. I know exactly what it's doing.

The difference is, I am not a slave to Windows. I am glad to see that you don't use IE as a browser. I don't have to fear running MS developed software for fear of some security flaw.

Besides, I can run most windows applications anyway under Linux. Not the other way around.

I understand. If I choose to use an open-source browser on Windows, that's a problem with Windows. If you choose to use the same open-source browser on Linux, that's an advantage of Linux.

Do you really know, without a doubt, what every line of code on your system does? I understand that you can, but have you done it?

Yet again, we're back to a social problem.

At no time on this thread have I questioned your choice of Linux. I've simply pointed out that at some point, in every system, there exists a person who ultimately controls security -- someone you must trust. In the case of open source, you have to trust everyone who contributed to the project. You have to trust their motivations, and you have to trust that the project has reviewed these contributed changes and didn't let malicious code slip by.

... and before you get all angry with me for questioning open-source, let me remind you that I use Firefox and Thunderbird and Open Office.

Microsoft has made some horrible blunders, but the first worm that I'm aware of "in the wild" infected Berkeley Unix and there certainly are vulnerabilities in Open Source.

Is this a reason to abandon Linux? No, of course not. The same problem exists with FreeBSD, OpenBSD and NetBSD -- and Windows.

At some point, there is a person, and you have to trust them.
____________

Profile ML1
Volunteer tester
Send message
Joined: 25 Nov 01
Posts: 7939
Credit: 4,007,235
RAC: 775
United Kingdom
Message 249457 - Posted: 17 Feb 2006, 20:22:50 UTC - in response to Message 249407.
Last modified: 17 Feb 2006, 20:28:33 UTC

...But, we're back talking about the technology, and the problem is a people problem.

For every system, there exists some person who can do something stupid and the system will be vulnerable as a result.

It's a social problem. There are more windows desktops, so the odds of finding a windows desktop foolishly run insecurely are higher.

It goes a little further than that.

In *nix (and Linux), the foolishness has to be greater and more elaborate than whatever 'trivial silliness' in the Windows world for malware to gain control. There just aren't all the sneaky "hidden to the user" automatic ways to start malware as you have in the Windows registry and elsewhere. Further, there is multi-user security on the *nix box to limit the damage. Compromising "root" would circumvent this but recent distros keep people away from "root", and some distros replace "root" usage completely with the more secure (and restricted) "sudo". And even then, you still don't have the open vulnerabilities on other *nix machines that would allow malware to spread. The best you could get is chained human deceptions as you already have with chain letters, pyramid schemes, and virus warnings hoaxes.

Sorry, even with ultimate people foolishness, on *nix (and Linux) you get nothing more than only the one machine (or machines) that that one deceived user has control of. On *nix, all known malware cannot spread further. (And there's very restricted opportunity for the unknown stuff to do anything.)

And that is not because Windows has greater numbers and greater market share. The non-proliferation of malware amongst non-Microsoft systems is due to good conscientious OS design that allows for good security and safely accommodates high level of user stupidity.

The first (very small number) of internet worms were indeed unix based. That was a very long time ago and those exploits no longer exist. For what I have seen, all the present day malware scares and problems that hit the headlines are Microsoft related.

(For the sake of Microsoft, I must remind Microsoft that these are my own personal opinions and that full terms and details can be read in my 99 page EULA (available upon request) that must be accepted before reading any of this thread or any of my other writings.)

Regards,
Martin
____________
See new freedom: Mageia4
Linux Voice See & try out your OS Freedom!
The Future is what We make IT (GPLv3)

Profile ML1
Volunteer tester
Send message
Joined: 25 Nov 01
Posts: 7939
Credit: 4,007,235
RAC: 775
United Kingdom
Message 249464 - Posted: 17 Feb 2006, 20:42:28 UTC - in response to Message 249399.
Last modified: 17 Feb 2006, 20:49:14 UTC

Oh I was going to try UBUNTU, but I saw this http://www.ubuntu.com/usn

Very good.

Now look up the equivalent list for the latest Microsoft OS releases and at the same level of detail. You will be GOB SMACKED!

(I think you'll find that Microsoft has by far the greater number of known (and unpublished or unknown) vulnerabilities. If you can get behind the proprietary secrecy...)


Note also that the Ubuntu list there is for what has been actively sought out and fixed. There are no known active viruses for Ubuntu (or other Linux distros). No anti-virus software needed.

Good luck,
Martin
____________
See new freedom: Mageia4
Linux Voice See & try out your OS Freedom!
The Future is what We make IT (GPLv3)

J D K
Volunteer tester
Avatar
Send message
Joined: 26 May 04
Posts: 1295
Credit: 311,371
RAC: 0
United States
Message 249573 - Posted: 17 Feb 2006, 23:58:56 UTC

Now you and I both know that it is no fun to pick on the free program, when you can pick on the worlds richest man, well He was at one time lol... Capitalism is not about giving it away, so you all need to pick your ism. I will stick with mine......
____________
And the beat goes on
Sonny and Cher

BOINC Wiki

Grant (SSSF)
Send message
Joined: 19 Aug 99
Posts: 5560
Credit: 51,209,678
RAC: 37,837
Australia
Message 249606 - Posted: 18 Feb 2006, 1:06:16 UTC - in response to Message 249457.

The non-proliferation of malware amongst non-Microsoft systems is due to good conscientious OS design that allows for good security and safely accommodates high level of user stupidity.

No, the non proliferation on non-M$ systems is the low returns due to the small user base.
____________
Grant
Darwin NT.

Profile Michael Buckingham
Volunteer tester
Avatar
Send message
Joined: 21 Aug 99
Posts: 4508
Credit: 2,676,597
RAC: 0
United States
Message 249608 - Posted: 18 Feb 2006, 1:07:26 UTC - in response to Message 249437.


I understand. If I choose to use an open-source browser on Windows, that's a problem with Windows. If you choose to use the same open-source browser on Linux, that's an advantage of Linux.


I don't have a choice. Linux doesn't have a browser.

____________


http://www.mikesbawx.org/photo/

Profile JigPu
Avatar
Send message
Joined: 16 Feb 00
Posts: 98
Credit: 506,133
RAC: 0
Message 249717 - Posted: 18 Feb 2006, 4:17:23 UTC - in response to Message 249427.
Last modified: 18 Feb 2006, 4:18:47 UTC

Good debate going on here :) I with Ned, since I personally know of one user who could hose their linux install. Me.

I install enough crap on Linux without giving anything much of a second thought ("Hmmm... I need XXXX." *finds* *downloads* *switches to root as the README says to* *./configure && make && make install*) that it would be downright trivial for malware to hose my system. If somebody in the Linux world were evil enough to package some into a program I downloaded, I probably wouldn't notice until too late.

Yes Linux comes out of the box more secure, and I wouldn't doubt can be made more secure than Windows. However, stupidity/ignorance is an amazingly powerful force =D


Besides, I can run most windows applications anyway under Linux. Not the other way around.

I don't know how much you use Windows (and thus how much it'd be of any use to you), but you may want to check out Cygwin. Most anything you can compile from source should be installable under it (slight modifications may be required on some apps to get the config script to recognize Cygwin as a legit environment though). I've managed to get XFCE installed under it, and can now plop myself down into a linux desktop without ever havign to reboot.

JigPu
____________

Profile Michael Buckingham
Volunteer tester
Avatar
Send message
Joined: 21 Aug 99
Posts: 4508
Credit: 2,676,597
RAC: 0
United States
Message 249831 - Posted: 18 Feb 2006, 14:31:58 UTC - in response to Message 249717.

Good debate going on here :) I with Ned, since I personally know of one user who could hose their linux install. Me.

I install enough crap on Linux without giving anything much of a second thought ("Hmmm... I need XXXX." *finds* *downloads* *switches to root as the README says to* *./configure && make && make install*) that it would be downright trivial for malware to hose my system. If somebody in the Linux world were evil enough to package some into a program I downloaded, I probably wouldn't notice until too late.

Yes Linux comes out of the box more secure, and I wouldn't doubt can be made more secure than Windows. However, stupidity/ignorance is an amazingly powerful force =D


Besides, I can run most windows applications anyway under Linux. Not the other way around.

I don't know how much you use Windows (and thus how much it'd be of any use to you), but you may want to check out Cygwin. Most anything you can compile from source should be installable under it (slight modifications may be required on some apps to get the config script to recognize Cygwin as a legit environment though). I've managed to get XFCE installed under it, and can now plop myself down into a linux desktop without ever havign to reboot.

JigPu


I do like Cygwin...

Although, if I really want dual fucntionality, I fire up VMware under Linux and boot Windows.

____________


http://www.mikesbawx.org/photo/

1mp0£173
Volunteer tester
Send message
Joined: 3 Apr 99
Posts: 8423
Credit: 356,897
RAC: 0
United States
Message 250210 - Posted: 19 Feb 2006, 4:33:51 UTC - in response to Message 249831.


Although, if I really want dual fucntionality, I fire up VMware under Linux and boot Windows.

Me too, just the other way 'round.

____________

Profile Michael Buckingham
Volunteer tester
Avatar
Send message
Joined: 21 Aug 99
Posts: 4508
Credit: 2,676,597
RAC: 0
United States
Message 250213 - Posted: 19 Feb 2006, 4:37:32 UTC - in response to Message 250210.


Although, if I really want dual fucntionality, I fire up VMware under Linux and boot Windows.

Me too, just the other way 'round.


For some reason I have alot of problems going the other direction. Dunno why...

____________


http://www.mikesbawx.org/photo/

1mp0£173
Volunteer tester
Send message
Joined: 3 Apr 99
Posts: 8423
Credit: 356,897
RAC: 0
United States
Message 250217 - Posted: 19 Feb 2006, 4:42:02 UTC - in response to Message 250213.


Although, if I really want dual fucntionality, I fire up VMware under Linux and boot Windows.

Me too, just the other way 'round.


For some reason I have alot of problems going the other direction. Dunno why...

Couldn't say, I've not run VMware on a Linux host.

The really amazing thing is taking a set of VMware files and copying them from one machine to another and having it just work.
____________

Profile Michael Buckingham
Volunteer tester
Avatar
Send message
Joined: 21 Aug 99
Posts: 4508
Credit: 2,676,597
RAC: 0
United States
Message 250225 - Posted: 19 Feb 2006, 4:54:28 UTC - in response to Message 250217.


Although, if I really want dual fucntionality, I fire up VMware under Linux and boot Windows.

Me too, just the other way 'round.


For some reason I have alot of problems going the other direction. Dunno why...

Couldn't say, I've not run VMware on a Linux host.

The really amazing thing is taking a set of VMware files and copying them from one machine to another and having it just work.


I have tried it many times...running VMware unders windows fails for me. I can only get it working with my Linux machine to boot into windows...oh well...VMware is sweet. (expensive tho)

____________


http://www.mikesbawx.org/photo/

Profile roguebfl
Volunteer tester
Avatar
Send message
Joined: 21 May 99
Posts: 129
Credit: 223,953
RAC: 0
New Zealand
Message 250283 - Posted: 19 Feb 2006, 7:05:12 UTC - in response to Message 249608.
Last modified: 19 Feb 2006, 7:06:54 UTC

I don't have a choice. Linux doesn't have a browser.


thats not quite True. Linux has meny broused that have buildes desined to Run on it.

there's the Archic Lynx.
there's KDE's Kconcour

evern Firfox/Mozilla can be found with their own Linux builds.

And before you say they they don't count because they are "form multi os"

it should be point out on ther critiers, IE doesn't count as a Windows Brouser, becase it has a Mac vertion.
____________
uninstall dyslexica.o : Permission denied


AMD Athlon 64 3000+ w/Windows
AMD Athlon 1800+ w/Linux

Profile Michael Buckingham
Volunteer tester
Avatar
Send message
Joined: 21 Aug 99
Posts: 4508
Credit: 2,676,597
RAC: 0
United States
Message 250365 - Posted: 19 Feb 2006, 15:33:39 UTC - in response to Message 250283.

I don't have a choice. Linux doesn't have a browser.


thats not quite True. Linux has meny broused that have buildes desined to Run on it.

there's the Archic Lynx.
there's KDE's Kconcour

evern Firfox/Mozilla can be found with their own Linux builds.

And before you say they they don't count because they are "form multi os"

it should be point out on ther critiers, IE doesn't count as a Windows Brouser, becase it has a Mac vertion.


Well, my point was that the browsers shipped with the various distros are 3rd party.

IE is integrated into Windows, you can't remove it. When you install Linux as an OS, it comes with nothing. You add whatever 3rd party application you choose.

But I do understand what your saying also.

____________


http://www.mikesbawx.org/photo/

Profile MikeSW17
Volunteer tester
Send message
Joined: 3 Apr 99
Posts: 1603
Credit: 2,700,523
RAC: 0
United Kingdom
Message 250662 - Posted: 20 Feb 2006, 0:24:57 UTC

Slightly Off-Topic, but possibly useful.

The latest incarnation of Ant-Spyware from Microsoft, now called Windows Defender Recognizes BOINC as an 'Allowed' Application.
Seems this 'Allow' has been set by MS.

____________

Profile ML1
Volunteer tester
Send message
Joined: 25 Nov 01
Posts: 7939
Credit: 4,007,235
RAC: 775
United Kingdom
Message 250665 - Posted: 20 Feb 2006, 0:30:23 UTC - in response to Message 249717.
Last modified: 20 Feb 2006, 0:31:58 UTC

Good debate going on here :) I with Ned, since I personally know of one user who could hose their linux install. Me.

I install enough crap on Linux without giving anything much of a second thought ("Hmmm... I need XXXX." *finds* *downloads* *switches to root as the README says to* *./configure && make && make install*) that it would be downright trivial for malware to hose my system. If somebody in the Linux world were evil enough to package some into a program I downloaded, I probably wouldn't notice until too late.

Yes Linux comes out of the box more secure, and I wouldn't doubt can be made more secure than Windows. However, stupidity/ignorance is an amazingly powerful force =D ...

You've nicely described the difference between hosing your Linux system with malware as against the Microsoft "single click" solution to hose Windows with malware. Also, you only get to hose your own system. Other Linux systems won't subsequently play with your malware box.

And I agree that nothing is (or can be) ultimately fool-proof.

Regards,
Martin
____________
See new freedom: Mageia4
Linux Voice See & try out your OS Freedom!
The Future is what We make IT (GPLv3)

Profile Michael Buckingham
Volunteer tester
Avatar
Send message
Joined: 21 Aug 99
Posts: 4508
Credit: 2,676,597
RAC: 0
United States
Message 250915 - Posted: 20 Feb 2006, 14:36:21 UTC - in response to Message 250665.


And I agree that nothing is (or can be) ultimately fool-proof.

Regards,
Martin



I agree. With that in mind I occasaionlly run a root kit scan and watch my packets for a while.
____________


http://www.mikesbawx.org/photo/

Profile ML1
Volunteer tester
Send message
Joined: 25 Nov 01
Posts: 7939
Credit: 4,007,235
RAC: 775
United Kingdom
Message 251654 - Posted: 21 Feb 2006, 23:54:19 UTC - in response to Message 250365.

... IE is integrated into Windows, you can't remove it. When you install Linux as an OS, it comes with nothing. You add whatever 3rd party application you choose.

The "can't remove IE" bit was all part of the 'trickery' to conclusively obliterate the original Netscape out of existance. That point was exposed wide open in one of the many court battles against Microsoft practices.

And with Linux, you get a wide choice of what browser or browsers of your liking you can add.

That little Windows tick box hidden away in obscurity that by default sets IE to be The Default Browser regardless of what you want has always enfuriated me.


I much prefer honest choice over Merketing coercion!

Regards,
Martin
____________
See new freedom: Mageia4
Linux Voice See & try out your OS Freedom!
The Future is what We make IT (GPLv3)

1mp0£173
Volunteer tester
Send message
Joined: 3 Apr 99
Posts: 8423
Credit: 356,897
RAC: 0
United States
Message 251668 - Posted: 22 Feb 2006, 0:27:33 UTC - in response to Message 251654.
Last modified: 22 Feb 2006, 0:27:53 UTC

... IE is integrated into Windows, you can't remove it. When you install Linux as an OS, it comes with nothing. You add whatever 3rd party application you choose.

The "can't remove IE" bit was all part of the 'trickery' to conclusively obliterate the original Netscape out of existance. That point was exposed wide open in one of the many court battles against Microsoft practices.

In Windows 2000, on the START menu, there is a selection to "Set program access and defaults" and you can quite effectively use this to make Internet Explorer disappear.

If you want to do a little more work, you can remove Internet Explorer completely.

In XP service pack 2, you can deny network access to anything.

... and on a corporate network, you can lock things down to the point that end users are limited only to what has been loaded by IT.

____________

Previous · 1 . . . 22 · 23 · 24 · 25 · 26 · 27 · Next

Message boards : Number crunching : Do we have a Boinc virus?

Copyright © 2014 University of California