From: ToolPackinMama on
On 3/26/2010 7:25 PM, FromTheRafters wrote:
> "ToolPackinMama"<philnblanc(a)comcast.net> wrote in message
> news:hoiqt6$do4$2(a)news.eternal-september.org...
>> On 3/26/2010 11:56 AM, Charlie Wilkes wrote:
>>> On Thu, 25 Mar 2010 21:34:55 -0400, FromTheRafters wrote:
>>
>>>> ...does Linux really *want* that marketshare? I'm tellin' ya - the
>>>> Linux
>>>> userbase is getting de-clued as we speak due to infiltration by
>>>> users
>>>> that would otherwise use Windows7
>>>
>>> I hope you are right about that infiltration. I would like to see the
>>> Linux
>>> marketshare grow because it will mean more support.
>>
>> Well, I thought that was the idea. Microsoft being evil, and Linux
>> being more secure than Windows and all.
>>
>> How hard-hearted does a guy have to be to tell people people who want
>> to join Linux users that they are not welcome?
>
> :oD
>
> ...but seriously, many think that there should be a test and a license
> application. :o)
>
>

I think that would be a good idea for any computer user, regardless of OS.
From: Dustin Cook on
"FromTheRafters" <erratic(a)nomail.afraid.org> wrote in
news:hojht9$pqq$1(a)news.eternal-september.org:

> "Dustin Cook" <bughunter.dustin(a)gmail.com> wrote in message
> news:Xns9D47BF9C9FB14HHI2948AJD832(a)69.16.185.247...

> That is what I vaguely implied by my comment that they don't have to
> be *direct* about it. Indirect infection they call it, but to be sure,

I know. I was just providing an OS neutral example for those who might not
be aware of indirect infection methods.

> some executable file's need more translation before being set in
> memory as an executable image - source code gets translated into a
> program file and the program file gets translated into an executable
> image - looks kinda like PE infection is actually an indirect method

That depends on the method used for infection. A well written prepender
which doesn't rely on temp file usage could have the option of direct
infection AND indirect infection. It just depends on the intentions of the
author.

> My antagonist has gone a long way toward proving my *other* point
> regarding the infiltration of the Linux userbase by clueless
> individuals. :oD

I couldn't help but notice that too...


--
"Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh..
nudge this boulder right down a cliff." - Goblin Warrior

From: FromTheRafters on
"Peter K�hlmann" <peter-koehlmann(a)t-online.de> wrote in message
news:hohojf$kf5$00$1(a)news.t-online.com...
> FromTheRafters wrote:
>
>> "Peter K?hlmann" <peter-koehlmann(a)t-online.de> wrote in message
>> news:hogbud$pvs$00$1(a)news.t-online.com...
>>> FromTheRafters wrote:
>>>
>>>> "RayLopez99" <raylopez88(a)gmail.com> wrote in message
>>>> news:8e0f56dc-79cb-4de0-a222-
>>> fde64270179c(a)g28g2000yqh.googlegroups.com...
>>>>
>>>>> Some misguided dude made this statement:
>>>>
>>>> "No OS should need AV if written properly"
>>>>
>>>> Misguided indeed. AV will be needed to detect "viruses" - viruses
>>>> do
>>>> not
>>>> depend upon any lack of security,
>>>
>>> Bullshit. How do you think those thingies come into the system in
>>> the
>>> first place? How do they start executing?
>>
>> They get invoked.
>
> By what exactly?

By the user, or the system, who cares? They may or may not even
execute - there is no guarantee that a particular replicant will
execute, only that it might. If the parent causes the passing of program
execution to the child (thus ensuring that it runs) it is a true worm,
and as such does not need to attach to pre-existing code (infect - which
is what *viruses* do to self-replicate) to have the ability to execute
and self-replicate in turn.

>>> Windows makes those things trivially easy. Linux (unix in general)
>>> makes
>>> it difficult. *Very* difficult. Especially the "executing" stuff.
>>> You
>>> can't just download a virus-infected file and start it somehow
>>> magically.
>>> You have to make it executeable *and* start it. Manually. *No*
>>> auto-exec.
>>
>> Irrelevant.
>
> Not at all. Windows runs everything which happens to have the "rigth"
> extension

It can even invoke Word to execute a macrovirus based on *no* (or an
unregistered) extension - because it can recognize an OLE2 file format.

All of which is irrelevant with regard to viruses needing insecurity to
function.

>> The automatic starting is a worm function *not* a virus function.
>
> Bullshit

A worm can be defined as a virus ANDed with the ability to ensure
execution of its replicant. This is where the addage "all worms are
viruses" comes from. These days viruses are often defined as having the
"infection" function as a means to replicate, which makes "all worms are
*not* viruses" because if worms infected to spread they would be called
viruses instead. A worm then gets defined as a self-replicator that does
not *need* to infect in order to propagate. Now you get blended threats
being called worms (because the *need* to infect is not there even if
the infection function is used in one of the propagation vectors.

So, a virus gets defined something like ...a program or program
fragment that explicitly copies itself and can infect other programs by
modifying it or its environment in such a way that a call to the host
program implies a call to a possibly evolved copy of the virus.

Now, a program gets called a worm even if the user has to participate in
the ensuring done by the parent - that is, instead of seeing to it
itself, it enlists the help of the user (click-me). These are not true
worms, but the other behaviors that they exhibit are decidedly wormlike.

>> If a virus is able to instantiate its progeny, it is a worm. Viruses
>> have no
>> need for exploits that give them the ability to "worm", they exist by
>> transmitting from program to program, and are not always *direct*
>> about
>> it.
>
> Do you have something intelligent to add or are you naturally stupid?

Do you see the irony?
(many others do)

[...]

>> Programs, in some form.
>
> *What* programs?

Computer programs.

>>> Usually unix makes executeable files non-writeable for a user, a
>>> normal
>>> user can't even write into those directories.
>>
>> There is nothing special about executable files, even most of *them*
>> need translation before being placed in memory as an executable
>> image.
>> Direct infection is not the only way.
>
> You are an idiot of incredible proportions.

That is also irrelevant. Try to stay focused.

> If that virus can't attach itself to something and could not even
> install
> itself in any sensible way, how is it going to survice?

Survival is not guaranteed on any one system, it may just commit the
computer equivalent of murder/suicide, or mimic the host and do nothing
else. Viruses don't need to install anything.

>>> So come on, pray tell, what files are going to be infected with your
>>> oh-
>>> so-clever linux virus?
>>
>> Whatever is available, but that isn't the problem.
>
> In short, you have no idea at all. You blubber incoherent idiocy, wave
> your hands and mumble your bullshit.

Why so hostile? Your learning disability got you frustrated?

> Do you think that lunatic drivel you spout will fly?

Yes, because it is all absolutely true. It is your inability to
comprehend that makes it sound like lunatic drivel.

> You are simply waving your hands because you are totally clueless
> about
> the mechanism linux (unix) employs to run apps

You assume too much. The problem is that *you* do not know what a virus
is.

>>>> so properly written OSes can still support their existance.
>>>
>>> Naturally all OS can support them. After all, they are just files
>>
>> Viruses are *not* files, that is why they need a host program.
>
> Pray tell, what are they?

Programs.

> Can you get more idiotic than that or was this the end of it?

It looks like you don't even know the difference between a program and a
file. Keep up the name calling, it is all you are capable of doing since
you haven't the knowledgebase needed for any meaningful discussion on
this topic.

>> http://vx.netlux.org/lib/afc08.html
>>
>> Just read the intro - the rest is considerably beyond you.
>
> Well, you have understood obviously *nothing* of it

How would you know?

Did you even comprehend the part about:

"..is critical to understand that viruses are not programs that exploit
errors or omissions in the implementation of operating systems. They are
in every sense of the word, normal user programs, using only the normal
sorts of operations that every user of computers uses every day"

Do you dispute that claim?

(nevermind - - of course you do)


From: FromTheRafters on
"Peter K�hlmann" <peter-koehlmann(a)t-online.de> wrote in message
news:hoht4i$t8f$00$1(a)news.t-online.com...
> ToolPackinMama wrote:
>
>> On 3/26/2010 3:43 AM, Peter K�hlmann wrote:
>>> FromTheRafters wrote:
>>
>>>> http://vx.netlux.org/lib/afc08.html
>>>>
>>>> Just read the intro - the rest is considerably beyond you.
>>>
>>> Well, you have understood obviously *nothing* of it
>>
>> LOL! I love this quote:
>>
>> << We don't want to leave the impression that only the weak and
>> unprotected users of personal computers have been attacked in this
>> fashion. In fact, there is no question that several large computer
>> companies have been successfully attacked, and that viruses have been
>> spread throughout their timesharing systems, even where the most
>> stringent protection is provided. >>
>
> This proves exactly *what* of "FromTheRafters" idiotic claims?
> In fact, it is a quite damning assessment of windows "capabilities" to
> get
> infected, even when the best "protection" is used

The statements weren't platform specific. Most of the tests were
probably on Unix systems

> Come on, "FromTheRafters", tell us in detail how malware...

*Now* you say malware. Losing focus again? I'm in the *virus* group and
talking about *viruses*.

> ...enters a linux system, how it starts executing and how it attaches
> itself to some vector to stay on the system *and* keep executing

Attaches itself to some vector??

Sheesh!

Here's another thought. Don't be as concerned about spreading a virus as
you are about executing a virus. If you don't execute one, your chances
of spreading it are extremely low - so avoiding them kills two birds
with one stone.



From: Peter Köhlmann on
FromTheRafters wrote:

> "Peter K�hlmann" <peter-koehlmann(a)t-online.de> wrote in message
> news:hoht4i$t8f$00$1(a)news.t-online.com...
>> ToolPackinMama wrote:
>>
>>> On 3/26/2010 3:43 AM, Peter K�hlmann wrote:
>>>> FromTheRafters wrote:
>>>
>>>>> http://vx.netlux.org/lib/afc08.html
>>>>>
>>>>> Just read the intro - the rest is considerably beyond you.
>>>>
>>>> Well, you have understood obviously *nothing* of it
>>>
>>> LOL! I love this quote:
>>>
>>> << We don't want to leave the impression that only the weak and
>>> unprotected users of personal computers have been attacked in this
>>> fashion. In fact, there is no question that several large computer
>>> companies have been successfully attacked, and that viruses have been
>>> spread throughout their timesharing systems, even where the most
>>> stringent protection is provided. >>
>>
>> This proves exactly *what* of "FromTheRafters" idiotic claims?
>> In fact, it is a quite damning assessment of windows "capabilities" to
>> get
>> infected, even when the best "protection" is used
>
> The statements weren't platform specific. Most of the tests were
> probably on Unix systems

Hilarious

>> Come on, "FromTheRafters", tell us in detail how malware...
>
> *Now* you say malware. Losing focus again? I'm in the *virus* group and
> talking about *viruses*.

Malware encompasses viruses, too
ANd your complete failure to answer *any* question with anything more than
idiotic bullshit noted

>> ...enters a linux system, how it starts executing

Your abject failure to answer any of that is noted

>> and how it attaches
>> itself to some vector to stay on the system *and* keep executing
>
> Attaches itself to some vector??
>
> Sheesh!

Right. How do you propose the malware (virus, worm, whatever) survives the
next boot?
It *has* to attach itself to some vector (A file, install itself in the
filesystem, whatever) to be present then

> Here's another thought. Don't be as concerned about spreading a virus as
> you are about executing a virus. If you don't execute one, your chances
> of spreading it are extremely low - so avoiding them kills two birds
> with one stone.

Translation: You know *nothing* at all about the subject

All you are able to do is spouting some inane nonsense
--
Another name for a Windows tutorial is crash course