[IP] more on Viruses

To: Ip ip <ip@xxxxxxxxxxxxxx>
Subject: [IP] more on Viruses
From: David Farber <dave@xxxxxxxxxx>
Date: Sun, 22 May 2005 09:48:46 -0400
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
References: <0915A0E9-778B-4260-B1F6-EB9DDBA0CB2D@xxxxxxx>
Reply-to: dave@xxxxxxxxxx
Sender: owner-ip@xxxxxxxxxxxxxx



Begin forwarded message:

From: Jason Weisberger <jweisberger@xxxxxxx>
Date: May 21, 2005 8:37:14 PM EDT
To: dave@xxxxxxxxxx
Cc: Ip ip <ip@xxxxxxxxxxxxxx>
Subject: Re: [IP] Viruses


Dave,

The answer people seem to be looking for isn't one about "can" avirus be written for Mac OS X, but really about the threat model.There are so many millions of Windows users out there that they offerthe entire playing field of whatever a virus author is looking for.While there are plenty of OS X users out there, there are far fewer -and the virus just won't be as productive. This is why, even thoprevious correspondents here have been clear to point out, you caneasily write a virus for SCO - we just never see or hear about them.Who the hell wants to be the guy that took down all 50 of those SCOboxes, the guy who stole all $50k the SCO users had in their personalfiles, etc. You can get many, many times the impact - be it stealingpasswords, credit card numbers or resending funny emails by pickingon Windows users.

If anyone on the list can conduct threat model assessments, I'd loveto see a comparo. Seems like it'd be a market analysis on each OS'susers tho and characterizing them may be hard as there are so manysegments.


Jason
--


On May 21, 2005, at 4:33 AM, David Farber wrote:

Begin forwarded message:

From: Spafford Gene <spaf@xxxxxxxxxxxxxxxxx>
Date: May 20, 2005 10:47:23 PM EDT
To: David Farber <dave@xxxxxxxxxx>
Subject: Viruses
Basically, any system that has writable store that can allowwritten files to be executed, and which does not run mandatoryaccess control (MAC) according to an appropriate integrity policy(ala the Biba model), can be infected by a virus.
The Mac OS X does not use MAC and policies such as Biba.Therefore, it can support a virus.
It is trivial to write a virus for Unix. Back in 1989, twoarticles were published in the (now defunct) journal "ComputingSystems" (Volume 2, Number 2, Spring, 1989) that described Unixviruses. The articles were by Tom Duff and Doug McIlroy. Doug'sarticle, "Virology 101" is available in many places on the WWW; Ididn't find a copy of Tom's in a cursory search.
Linux viruses have been written and published.
Now, more to the point is how easy is it to craft a virus that isappropriately stealthy and also will spread reasonably well? Thoseare more difficult issues to address rather than simply writingsomething that can replicate. This may be where the Mac OS has somedefensive advantages.
However, there is no question that viruses can be written for MacOS or any other standard Unix-like system.
-------------------------------------
You are subscribed as jweisberger@xxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/




-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] more on seeking a forecast
Next by Date: [IP] BitTorrent Facilitating Illegal File Swapping of Star Wars On Day of Opening
Previous by thread: [IP] more on seeking a forecast
Next by thread: [IP] BitTorrent Facilitating Illegal File Swapping of Star Wars On Day of Opening
Index(es):
- Date
- Thread