From: Mark Ingles (mingles@uclink.berkeley.edu)
Date: Fri Sep 19 2003 - 11:43:22 PDT
How Susceptible Is Your Operating System to Viruses?
New York Times
September 18, 2003
DAVID POGUE
I've just discovered the best way to learn about computers:
Write down what you know in an e-mail column and send it to
237,000 people. Believe me: Whatever holes they discover in
your knowledge, they'll set you straight.
Last week, for example, I mentioned that an anti-virus program
is a necessity these days if you use Windows. I grumbled that
that meant forking over money (plus an annual subscription)
to companies like McAfee and Symantec, two companies that are
not known for, ahem, customer-support excellence.
But dozens of you called to my attention a number of free
anti-virus programs from other companies. "I have been using
the version of AVG (http://www.grisoft.com/us/us_dwnl_free.php)
that's free for personal use," wrote one reader. "It has stopped
all viruses without fault. And Grisoft has never sent me a
single junk mail or distributed my information—a refreshing
thought indeed."
I tried AVG, and it's great. (Other readers recommended free
and cheap anti-virus programs like Avast, http://www.avast.com;
F-prot, http://www.f-prot.com; Sophos, http://www.sophos.com;
and NOD32 Anti-Virus, http://www.nod32.ie.)
I also wrote that Mac OS X and Linux are virus-free because
they offer virus writers a much smaller "audience" than
Windows -- a notion that's been much repeated in the press,
most recently last week's BusinessWeek cover story. That,
as it turns out, is a myth, no matter who repeats it. There's
a much bigger reason virus writers don't like Mac OS X and Linux.
"Unix [which underlies Mac OS X] and Linux ARE more secure,"
wrote one reader. "They have been developed, open-source style,
by people who know exactly what they are doing. Unix and Linux
have had at least 10 years of battling hackers to better
themselves. This leads to an extremely secure environment."
Many of you also pointed out simple design decisions that
make Mac OS X and Linux much more secure than Windows XP.
For example:
* Windows comes with five of its ports open; Mac OS X comes
with all of them shut and locked. (Ports are back-door channels
to the Internet: one for instant-messaging, one for Windows XP's
remote-control feature, and so on.) These ports are precisely
what permitted viruses like Blaster to infiltrate millions of
PC's. Microsoft says that it won't have an opportunity to close
these ports until the next version of Windows, which is a couple
of years away.
* When a program tries to install itself in Mac OS X or Linux,
a dialog box interrupts your work and asks you permission for
that installation -- in fact, requires your account password.
Windows XP goes ahead and installs it, potentially without your
awareness.
* Administrator accounts in Windows (and therefore viruses that
exploit it) have access to all areas of the operating system.
In Mac OS X, even an administrator can't touch the files that
drive the operating system itself. A Mac OS X virus (if there
were such a thing) could theoretically wipe out all of your
files, but wouldn't be able to access anyone else's stuff --
and couldn't touch the operating system itself.
* No Macintosh e-mail program automatically runs scripts that
come attached to incoming messages, as Microsoft Outlook does.
Evidently, I'm not the only columnist to have fallen for this
old myth; see
http://www.sunspot.net/technology/custom/pluggedin/bal-
mac082803,0,1353478.column
for another writer's more technical apology. But the conclusion
is clear: Linux and Mac OS X aren't just more secure because
fewer people use them. They're also much harder to crack right
out of the box.
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about MAGNet, its meetings and events, and its
mailing list, including information on subscribing and unsubscribing,
see the MAGNet Web site at <http://magnet.berkeley.edu/>.
This archive was generated by hypermail 2.1.5 : Fri Sep 19 2003 - 11:45:28 PDT