[Am-info] The Linux virus threat?

[Fred A. Miller]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

"SOME OF THE recent press regarding the "Goner" e-mail virus has 
brought about interesting commentary from anti-virus manufacturers. It 
seems that a number of these folks feel that Linux viruses soon will be 
rampaging through the Internet alongside their Windows brethren.

 Don't hold your breath.

Why? Is Linux totally impervious to an e-mail virus? In theory, no. But 
in practice, it comes close.

 The current crop of e-mail viruses relies heavily on the knowledge 
that most people are using the exact same e-mail client: Microsoft 
Outlook. With that knowledge, virus creators can focus on a single 
attack vector, capitalizing on the fact that Outlook allows incoming 
messages to be executed as programs. These programs can manipulate 
files on the recipient's system and mail themselves to other poor souls 
in the receiver's address book.

 Outlook's vulnerability is due to the misguided attempt to introduce 
collaboration features, such as the execution of incoming programs, in 
a tool that does not properly implement the most critical collaboration 
feature of all: security. If you cannot determine that you trust both 
the message and the sender, it is a mistake to put yourself at the 
mercy of the message."

http://www.infoworld.com/articles/op/xml/01/12/17/011217opsource.xml?0102weli

- -- 
Fred A. Miller
Systems Administrator
Cornell Univ. Press Services
fm@cupserv.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8M1OFIhTtc6nTZIIRAlhoAKCfl3KtPfXie5v5wV8kPQ2HtTpeTACfZGKa
r4hxwennz9RxdvdRSZT36u0=
=1o2v
-----END PGP SIGNATURE-----