Linux and Antivirus software

[muzzy]

Yes well, muzzy.net is powered by the following... (well the host it redirects to)

Yay. You just portscanned http://www.cs.helsinki.fi, where I currently keep my homepages. The university probably doesn't like it, and if you were living in Finland you could get spanked for portscanning. There's been a case in highest court of law already in which portscanning was determined to be illegal, because it is used to find services that the user won't have right to use, and the act of scanning shows an intent to use them.

Either way, whatever OS my webspace provider uses shows their preferences, not mine. Though, I have to admit I do prefer having my website on a *nix platform despite all the issues it implicates. I just can't quite trust IIS, and I kind of like having a shell, too.

[Kintaro]

Yes well, I am in Australia.

In Australia, lazyness is something we celebrate every day. Feel free to email my internet service provider, and I garentee that nothing will ever be done. Nothing will be done on a legal scale because the amount of legislation in Australia regarding the Internet is rather slim. This countrys government is more backwards then you would ever beleive.

And its funny that you state right there that you prefer a Unix platform, despite the bullshit you spout everywhere.

[muzzy]

And its funny that you state right there that you prefer a Unix platform, despite the bullshit you spout everywhere.

Right tool for the right job. Same applies for everything, there are no golden hammers that work for every problem. For a dedicated web server for multiple users, I definitely wouldn't use windows. And if I had to, I definitely wouldn't use IIS. The issue with apache on windows is that the damn thing is developed on *nix platforms and mainly tested in them, so there are mysterious performance issues with it on win32. Sometimes apache+php+mysql solutions are just hundreds of times slower (really, i'm not kidding) on Windows 2000 than they are on pretty much any *nix system. I believe some of the problems are due to malloc implementation in the C runtime that ships with w2k, as it aligns things in funny way. On XP and Windows 2003 it should be better but I haven't done any benchmarking. Perhaps Windows2003+apache would work great for a webserver, but not having tested it I won't take sides.

For my personal desktop systems, I've found that windows is the best choice for usability, stability, flexibility, security, etc.

I don't have just a single preference for tools to use, I have different preferences for different tasks. I believe it's important to recognize strenghts and weaknesses of each system, and use the one that best fits a task at hand.

[Calum]

there's one thing that annoys me onnnn this board, and that's when people get slammed purelly because  they don'''t agree with the general outlook of the majority.

muzzy here has not said anything unreaasonable here, and people are jussssst criticising out of habit, because they know that s/he is "pro-windows", where's the point? i think it's a great idea to have an intelligent discussion about these things, rather than have eeverybody think the same thing and just come here to mutually backslap!

i do happen to disagree with a lot of the things s/he has said about specific issues, but this is no reason for a blanket criticism, in my opinion.

[Kintaro]

I don't have just a single preference for tools to use, I have different preferences for different tasks. I believe it's important to recognize strenghts and weaknesses of each system, and use the one that best fits a task at hand.

"If you repeat the same lie enough eventually people will believe it" - Adolf Hitler.

I think I know why you spout bullshit about Linux as a desktop system. You keep repeating yourself with a purpose, you keep making these same claims about Linux security, Windows security, with a purpose.

FUD FUD FUD! NTFS supports ACLs, it's just the default windows configuration that's to blame. It can be configured to be pretty good, but most users aren't aware of this. Also, many apps expect the permissions to be fucked up, and won't work if they aren't...

Unfortunately true. A lot of windows users don't know enough about the system to set it up properly, and since the config is braindead by default, the system will suck unless the user knows what to do.

What comes to messing the PC, most users don't have the ability to determine what's safe and what's not, and frankly most of them aren't interested in learning the necessary skills for that. Apps can still screw user's own stuff, even if the rest of the system stays protected. Don't you guys do anything with your computers or why aren't your own files the most valuable part of your personal systems?

Well, I have to admit I was being a little provocative there, but didn't find a better way to introduce myself to these forums. I'm a Windows user, and happy to run windows. I consider linux to be simple system, for the simple users. IMO, if you feel you're bound in windows and only able to express yourself in linux, it's probably because you can't use Windows

My two windows systems are both completely stable and secure. Haven't had any real problems with them, ever. I suspect windows is just too complex OS for you guys, so linux and such systems might be a better choice for your needs.

Tech-savvy or not, I've found that most windows haters simply do not understand how windows works. I won't defend Microsoft as a company, although I think the US government is partially to blame for the inability to cut MS into pieces. A lot of problems with Microsoft come from the fact that they're so damn big and so damn rich, that they can do pretty much anything they want to.

I've found windows to be fairly stable, quite secure, and many parts are well designed. Unfortunately, microsoft values backwards compatibility more than security, so there are some total braindead things around left from single user win16 times. I wish they'd go away, however the problem only relates to win32 apis and the concerned executive subsystem. If some day we can throw that away and move completely to .NET, a lot of the problems will just simply disappear.

What comes to security design, there's very little of that anywhere. The overall design is the old *nix design, of filesystem defining the access right, with suid bits set for applications that need greater access. Capabilities came at some point but I'm not aware of them still being used. Regarding the suid, it'd be more secure to have one central database of what's suid and what's not, so nobody's going to create a suidroot shell under some obscure directory and hide it there. And don't you tell me that there are security solutions to detect these, when you were pointing out the existance of security industry being implication of insecure design in Windows
* Note: Compareing default Linux to his optimised Windows.

There have been some funny kernel patches for linux around for quite a while now, but I hadn't seen any real distro use any of it. I hadn't heard that FC3 ships with it by default, and that definitely makes things interesting. With such patches, you can actually have a linux system that I'll admit is more secure than Windows. However, for now, I'll wait to see these things actually get more widely used.
* Note: Compareing default Linux to his optimised Windows.

So, wouldn't the best approach to solving the problem be user education? Software lock-in can be expensive, and businesses understand money. However, GNU is an evil empire when it comes to lock-in as well. Everyone's writing their "sh" scripts with bash syntax nowadays, m4 is backwards incompatible, gcc has language extensions that are widely used, etc. How are these not lock-in issues?

Linux can be more suitable to you, and as I said it's probably better for a lot more people because it's simpler than Windows. Windows is more complex, and way tougher to learn. Despite Windows being marketed for clueless folk, the Windows itself hasn't been designed for newbies. It's a serious OS for serious people, and currently (imo) the biggest problems are the amount of work it takes to properly configure one. If the default installation wasn't so braindead, a lot of you guys would appreciate the whole system more.
* Here he goes on about default Windows being the problem, after only ever finding hordes of problems in Default Linux and comparing them to his Optimised Windows. This is manipulation of information and journalism almost to the level of scum that is Fox News. Or similar to the propaganda spread by the Nazi's to spread idealogy.

Response:
* Note also that he has tendancy to blame companies, organisations, users, people, administrators, everything but Microsoft. Hitler liked to blame everything on Jews, Communists, and Homosexuals, etc, rather then the flaws in the strategys of germany in World War I.
* He has a tendancy to constantly belittle intelligence and constantly makes claims to express indirectly that he is superior. That educated Windows users are superior, much like the claims Hitler made that his perceived "Aryan Race" is superior.

With this analysis, I have concluded that Muzzy is the offical Windows Hitler.

Seig Heil!

[Kintaro]

I have no further arguement with Muzzy, he is right and, Seig Heil.

[Aloone_Jonez]

I agree with Calum, I think muzzy has raised some perfectly valid points and kintaro should just shut up. This debate has confirmed by suspicions that most people here can't see things from anyone else's point of view. When someone puts across a good argument for something someone else disagrees with but can't come up with an intelligent response they just get told to fuck off.

I think this is very stupid.

[Calum]

i do not agree that kintaro should shut up though, i think he raises a lot of good points too, and i am very interested in his comparisons with muzzy's informational delivery and that of hitler.

nobody seems to notice that he wasn't saying muzzy was a terrorist or a racist or anything (as hitler was), he was simply comparing the propaganda styles, which i think is valid. i was very very surprised to see that kintaro's thread about this was binned, and i think the binning was inappropriate. comparing somebody to hitler does not break any of the forum rules, unless it is made clear that this is being done as a form of personal attack, and i think it was made clear that this was not the case, and then verified by muzzy saying s/he takes it as a compliment, even!

however yes, i do agree that people shouting others down hinders creative and interesting discussion. that has brought this site down into the muck before and is the reason we have so many moderators now, because when the forums start filling up with mindless drek, nobody with any real opinions can be bothered to visit here.

[muzzy]

Well, there's this "hitler rule" which pretty much everyone has adopted because they're not interested in discussing hitler. However, this doesn't really belong to this thread now does it? I'm not sure if a new thread about it would be proper or not, because it tends to be more worthwhile to discuss things and not people.

To get back on topic, I'll reply to something a few posts ago, before the topic drifted:

By the way what's the chance of you loosing your work because a virus fucks the OS up whether it be Windows or Linux?

Most viruses nowadays don't try to trash anyone's work, however the potential to do this would be pretty much equal in both systems. At the moment, linux is safer because there aren't enough linux users to make linux system worth targeting. From point of view of a worm, Metcalfe's law holds true, and thus OS that has ten times more users is hundred times more viable for the worm to distribute itself on it. For spyware and other typical malware, the treshold of worthwhileness comes easier, and once linux begins to gain stronger hold on the desktop you'll be sure to see linux viruses about.

The popularity of firefox will definitely have people developing web exploits that target it, and most likely same attacks will work against linux as well. If you don't update your software constantly, you're going to be screwed. Ofcourse, windows users more so because they don't have any centralized common software update service, unlike some linux distributions.

In conclusion, I'm saying that the current "immunity" to malware that linux has to offer will be quickly disappearing, and the only way to stay safe is to stay current. You know, the same thing tends to work in Windows too. I'll be curious to know if not updating linux will be considered an user error by you guys while not updating windows wont

[Calum]

that is partially true, but firefox under linux is inherently less vulnerable than IE in windows i would say for several reasons.

one is the thing about firefox being totally seperate from the system (unlike the great concept of "integrating" IE into windows), also i think that since linux and firefox are open source holes are likely to get fixed before an exploit gets released that targets them, i have noticed microsoft tend to take a very long time to bring out patches a lot of the time, and in the meantime, nobody else can bring out a patch for windows, because it's closed source.

[muzzy]

IE isn't especially "integrated" into the system any more than, say, zlib is integrated into linux. Remember the zlib vulnerabilities? Dozens after dozens of user applications turned out to be vulnerable due to it. In a statically compiled system, it required the full recompile. In dynamically linked, just replace the library. The actual IE browser client is indeed just a wrapper for a bunch of system stuff. WinINet core implements the actual connectivity, HTTP requests and other stuff, while MSHTML takes care of rendering.

The only "integration" here is that the IE web browser (which doesn't implement the internet functionality nor html rendering) also implements shell document views. However, the windows graphical shell (explorer.exe) is totally independent of this all, it just doesn't happen to care what it hosts in it. It is because of this flexiblity that people mistake the browser to be integrated into the system. If you think the WinINet network connectivity code sucks, the interface is published and well documented. You can go ahead and reimplement it, then install your version of the library on the system and everything will work. You can even reimplement the MSHTML library and have the IE browser use gecko rendering engine. I recall this has been done for an earlier version of mozilla long ago already.

Regarding patching, Microsoft cannot afford patches that don't work. All the applications have to work after patching, so testing has to be done even for simple and small patches. The linux patches, I've understood, are not tested that much. For an example, look at the ip packet fragmentation bugs earlier, i.e. the teardrop and nestea and such attacks. Several bugs were found in the same module, even same lines of code, over and over again. Right, they were always patched quickly, but after each of the first patches there were still vulnerabilities remaining, soon to be found. Then again, Microsoft managed to do same thing a few times as well. Just pointing out that bugs in open source don't differ that much from bugs in closed source.

[Kintaro]

I agree with Calum, I think muzzy has raised some perfectly valid points and kintaro should just shut up. This debate has confirmed by suspicions that most people here can't see things from anyone else's point of view. When someone puts across a good argument for something someone else disagrees with but can't come up with an intelligent response they just get told to fuck off.

I think this is very stupid.

s/muzzy/Muzzy
s/kintaro/Kintaro

This debate has confirmed by: This debate has been confirmed by...

Moreso, the debate has not been confirmed, these suspicions confirm bias in members, that is all. This is the most illogical claim I have seen on the whole board.

Write. Comprehend. Post.

---

Nonetheless, my complaint is that Muzzy always compares his enhanced configuration of Windows with features of some default installs of various Linux distributions.

[Aloone_Jonez]

s/muzzy/Muzzy
s/kintaro/Kintaro

This debate has confirmed by: This debate has been confirmed by...

That was a grammatical error, I meant my - I often feel that people are often flamed here for disagreeing with the majority. Some people here aren't very objective - they can't understand anyone else's opinions, and they have problems understanding both sides on an argeuement.

Moreso, the debate has not been confirmed, these suspicions confirm bias in members, that is all. This is the most illogical claim I have seen on the whole board.

Write. Comprehend. Post.

Not illogical, you just misunderstood my post which was my fault because the grammar was shitty - I'm sorry.

Nonetheless, my complaint is that Muzzy always compares his enhanced configuration of Windows with features of some default installs of various Linux distributions.

I can see you point and I agree with you, and I can see Muzzy's point too. I see what you mean he has repeated this arguement a lot but lots of anti-microsoft arguements are repeated just as much.

Linux can be unstable and insecure if you use a shitty distro and it's setup shitly too. Open source dosn't always mean better, even though it does have it's advantages.

By the way I still think Windows sucks and I'd rather use Linux, but I can't be arsed to have this dicussion again.

[Lord C]

Grisoft have released their very famous AVG anti-virus software to the Linux Community

It isn't open source, but it is another big name on our side.

[muzzy]

Nonetheless, my complaint is that Muzzy always compares his enhanced configuration of Windows with features of some default installs of various Linux distributions.

Well, there's no point comparing default windows installations to default linux installations. You can preconfigure your distro any damn way you like, so that'd be same as comparing unconfigured windows with preconfigured linux. Now that wouldn't be fair either.

Now, if only microsoft made it legit to distribute custom windows installation CDs, the world would be so much a better place. XP still needs to be activated, so what's the problem? Support nightmare? I don't think geeks would mind if it was allowed but unsupported by the helpdesk. Market dominance issues in unrelated fields? You speculate, monopoly abuse has been repeatedly confirmed.

Also, I'm comparing the windows system as-it-is, just configured. I think I've mentioned when kernel hacks/drivers are needed, so it's just fair to compare to the usual linux kernel tree as well. If you're going to setup a linuxbox with all the funky patches including grsec plus hand tuned setup, you can get a really nasty linux box indeed. Now, how many mainstream distros ship like this? None, because of compatibility issues. Some security features just aren't compatible with the applications, and people don't like this, even if they could have superior security.

If you go hacking kernels, you can make different system do a whole lot of interesting things. I maintain my view that windows system without third party kernel patches can be configured to be superior to a mainstream linux distribution without third party kernel patches.