On Sun, Mar 28, 2010 at 1:58 PM, Nathan Haines <nhai...@ubuntu.com> wrote: > On 03/28/2010 01:20 PM, Aaditya Bhatia wrote: >> We don't execute every file on sight, so we're virus-proof by design, >> at least in this sense. Might sound a little complicated for a newbie, >> but doesn't this point deserve a mention? >> >> > It deserves a mention but only in an accurate way. Most "viruses" are > either worms or trojans that exploit software vulnerabilities to gain > priviledge escalation or execute a payload and this is never caused by > "executing a file", it's caused by exploiting buffer overruns and other > developer oversights. > > Windows and Mac OS also don't "execute every file on sight" anymore, so > "in this sense" doesn't provide any contrast to the other systems > (besides being beside the point, since that's not how viruses spread > anymore). >
Clarifying what I said earlier, OSes obviously don't execute the files on sight, but sometimes they do access portions of them in easily exploitable ways, resulting in execution of an embedded exploit. For example, downloading an infected executable file and navigating to it in Windows Explorer used to be enough for the viruses to propagate on XP. Vista addressed that by prompting the user before executing something with admin privileges etc. I'm not aware of the details of how viruses work, but there should be something on these lines that we can publish without falsely implicating others. Anything like "You don't need an virus-scanner in Linux because..." should work. I agree that whatever we publish must be accurate. -- Aaditya http://www.dragonsblaze.com/ -- Ubuntu-us-ca mailing list Ubuntu-us-ca@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-ca
