Submission + - Linux antivirus? 3
garyebickford writes: "Does an actually useful antivirus software package for Linux exist — either FOSS or commercial?
Today's article cited in Slashdot's Apple section discusses Apple's recommendation for its users to install antivirus software. I think that Linux users who think viruses won't attack their machines are increasingly whistling in the dark. Depending on its lack of market penetration will eventually be a failing strategy, as Linux becomes more popular in servers, appliances and especially desktops and laptops.
Considering the widely distributed development process and vast number of applications developed by (largely altruistic) independent teams all over the world, preventing viruses permanently is an intractable problem. I have personally come up with at least a few motives and methods for evil baddies to incorporate evil software into essential Linux applications in such a way that the exploit might not become known until triggered some time in the future. If you think about it, it is not a substantially different problem than a 'mole' infiltrating a high tech company or government body.
I confess that I sometimes do not exercise sufficient care when installing software. I suspect I am not alone, and even if I do take care, it would be highly difficult for me or anyone, no matter how sophisticated, to catch all possible exploits by reading the code. What if a user is offered a downloaded software package? What if it's my hypothetical grandmother who I have converted to Linux? They might accept the installation, and even provide the root password. No, they shouldn't — but some absolutely will. Or what if the software exploits a hidden flaw in some other software to achieve root access?
Once an exploit is executed and discovered, the community will no doubt be very quick in response, but that is closing the barn door after the horse has been stolen."
Today's article cited in Slashdot's Apple section discusses Apple's recommendation for its users to install antivirus software. I think that Linux users who think viruses won't attack their machines are increasingly whistling in the dark. Depending on its lack of market penetration will eventually be a failing strategy, as Linux becomes more popular in servers, appliances and especially desktops and laptops.
Considering the widely distributed development process and vast number of applications developed by (largely altruistic) independent teams all over the world, preventing viruses permanently is an intractable problem. I have personally come up with at least a few motives and methods for evil baddies to incorporate evil software into essential Linux applications in such a way that the exploit might not become known until triggered some time in the future. If you think about it, it is not a substantially different problem than a 'mole' infiltrating a high tech company or government body.
I confess that I sometimes do not exercise sufficient care when installing software. I suspect I am not alone, and even if I do take care, it would be highly difficult for me or anyone, no matter how sophisticated, to catch all possible exploits by reading the code. What if a user is offered a downloaded software package? What if it's my hypothetical grandmother who I have converted to Linux? They might accept the installation, and even provide the root password. No, they shouldn't — but some absolutely will. Or what if the software exploits a hidden flaw in some other software to achieve root access?
Once an exploit is executed and discovered, the community will no doubt be very quick in response, but that is closing the barn door after the horse has been stolen."