Author Archives: Mina Lorance

Mina Lorance

How do viruses infect computers?

There are basically two ways that viruses and worms can infect a system: social engineering, and poorly designed software. Social engineering is the art of conning someone into doing something they shouldn't do, or revealing something that should be kept secret.

A user receives an email that looks like it’s coming from a known company and the body of the message informs the reader that the attached file is a critical update that should be applied immediately, OR the email contains an image attachment that turns out to be an executable with an image extension and poof the system is infected. Poorly designed software is seen in software vulnerabilities, bugs or even insecure logic. Poorly designed software makes it easier for social engineering to take place, but such software can also subvert the efforts of a knowledgeable, security-minded individual or organization. Together, the two factors can turn a single virus incident into a widespread disaster.

Why is linux safer?

Permissions on Linux are universal. They cover three things you can do with files: read a file, write to a file, and execute a file. Not only that, they come in three levels: for the root user (who can do anything he likes), for the individual user who is signed in (who would only have access to files he owns), and for the rest of the world (other). Typically, software that can impact the system as a whole requires root privileges to run because system files are only executable or writable by the user.

So for a Virus to mess a Linux system the following steps should occur, a Linux user would have to read the email, save the attachment, give the attachment executable permissions, and then run the executable.

Even as less sophisticated users begin to migrate to Linux, they may not understand exactly why they can't just execute attachments, but they will still have to go through the steps. Further, due to the strong separation between normal users and the privileged root user, our Linux user would have to be running as root to really do any damage to the system. He could damage his /home directory, but that's about it. So the above steps now become the following: read, save, become root, give executable permissions, run. The more steps, the less likely a virus infection becomes, and certainly the less likely a catastrophically spreading virus becomes.

Conclusion

Security is, as we all know, a process, not a product. So when you use Linux, you're not using a perfectly safe OS. There is no such thing; but Linux establish a more secure footing, one that makes it far harder for viruses to take hold in the first place; however, if one does take hold, it is harder to damage the system, if one succeeds in damaging the system; it is harder to spread to other machines and repeat the process.

When it comes to email-borne viruses and worms, Linux may not be completely immune - after all, nothing is immune to human gullibility and stupidity - but it is much more resistant. To mess up a Linux box, you need to work at it; to mess up your Windows box, you just need to work on it.