Sophos chief concedes Unix virus frustration

The development of on-access scanning for Unix would give Linux users the same the type of technology that protects Windows and Macintosh users when they inadvertently double-click or otherwise attempt to open files infected with viruses such as those bundled into some e-mail attachments. However, Hruska said Sophos's software engineers are having a frustrating time dealing with the Linux kernel.

"The fact that there is no such thing as a standard version of Linux; no such thing as a standard for FreeBSD...the very fact that you don't have a version of the operating system that is stable in what it consists of makes [developing the technology] a much harder proposition," said Hruska.

Hruska said Sophos has already quietly released a prototype of its Unix on-access scanner that can identify about 100 viruses, to "a number of interested parties". However it's unclear how successful the prototype has been.

"It went fairly well," said Hruska. "Given that apparent complexity of the problem it went very well but we have learnt a few things about what we should do differently".

Sophos said its on-access scanner was coming along nicely but did not put a time-frame on its final release.

Hruska said that anyone who believes that Unix is any less susceptible to viruses than Windows-based systems is living under an illusion.

"The first virus ever was demonstrated under Ultrix, which was a Unix system operating on a Digital Vax," he said.

When it comes to explaining why virus writers pick on Windows with such frequency, he took the line often heard from the Redmond that it was simply a reflection of the fact that it's the world's most widely-used operating system.

"As we see it, in the future with more proliferation of Unix onto the desktop we are almost certainly going to see more viruses appearing for Unix," he said.

However, while lack of standardisation is working against the likes of Sophos it may be a key to Unix' defence. Microsoft admits that at least part of the reason that its operating system is targeted so frequently is the ease with which miscreants can get a hold of tools to exploit its vulnerabilities. Hruska said that while a virus might affect one version of the Linux kernel a slight variation may be impervious, impeding its propagation.

Hruska added that most successful Unix viruses are written in higher level programming languages -- again reducing the potential for mischief.

Hruska, -- who said he would be gauging business sentiment toward non-Microsoft software as part of his annual Asia-Pacific tour -- claimed Japan was currently leading the charge when it comes to interest in non-Microsoft desktop software.

"It's one of those things that will hit us like a Tsunami where nothing seemingly happens for a long time and suddenly the whole thing gains momentum -- before you know quite a few people will be doing it. If I was Microsoft, I would certainly be worried about that particular aspect of it".

• Related stories

• Alerts

Add your opinion

Hruska, is talking bullshit. W ...Anonymous -- 08/06/04

Hruska, is talking bullshit. When he makes statements like:

"The fact that there is no such thing as a standard version of Linux; no such thing as a standard for FreeBSD."

You know he has no idea what he's talking about. There is one, and only _one_ FreeBSD distribution. If he gets this wrong, he probably has the rest wrong too.

• Reply to comment
• Reply to story
• Report offensive content

Exactly Anonymous -- 05/05/08 (in reply to #120105413)

I couldn't believe that someone could say there is NO STANDARD FreeBSD. Hello? George? Anyone home?

Hruska should remove HIS illusion of FreeBSD "insecurities" and stuff it.

• Reply to comment
• Report offensive content

Are your Unix developers aware ...Anonymous -- 10/06/04

Are your Unix developers aware that a properly locked down Unix/Linux system is impermeable to viruses. And such a locked down system is still fully functional. Unlike the MS variant where most people have to remain logged in as administrator just to use the system.

By producing such a Unix AV product you are just contributing to the general anti Open Source propaganda emminating from you know who~1. And also boosting your own stock value.

In the last six months list any number of Unix servers compromised by viruses as against the amount of Windows servers hit. That would be real evidence instead of some imaginary future vulnerability.

• Reply to comment
• Reply to story
• Report offensive content

'The development of on-access ...Anonymous -- 21/06/04

'The development of on-access scanning for Unix would give Linux users the type of technology that protects Windows and Macintosh...'

If you can write software for a Mac why are you having problems with the unix like operating system Linux? Why are you complaining about a kernel when you should be using application interfaces encoded in the libraries that come with the OS.

'The fact that there is no such thing as a standard version of Linux ...'

Why is this an issue? The API's don't change. Unix API's have been stable enough to allow an enormous amount of software to be written. That software is portable across many platforms and many OS versions. e.g. X runs atop Linux, Free/Open/NetBSD, Solaris. Opera runs on Windows, Linux, *BSD... I currently have a system with approximately 190 packages installed on it and can readily access a further 10 thousand (roughly) pre compiled packages. The majority of these packages are written in a portable and platform independent style; they look and behave the same way on FreeBSD/Linux/MacOS...

'Hruska said Sophos has already quietly released a prototype of its Unix on-access scanner ...'

Why do I need a product like this? I have a selection of email scanners available to me already - currently I have procmail configured to scan and reject email containing Microsoft specific viruses, not because I can be infected with such malware but because I am tired of reading the same Windows rubbish over and over again.

'The first virus ever was demonstrated under Ultrix, ...'

That would be the internet worm of 15-16 years ago (iirc). Carried a dictionary (approx 100-200 entries) of common user passwords around with it. People very soon got the hint that using your name, your favourite colour, or your job title as a password is not a good idea.

'As we see it, in the future with more proliferation of Unix onto the desktop we are almost certainly going to see more viruses appearing for Unix'

Yes, but will there be enough to support you in your current business.

'Hruska added that most successful Unix viruses are written in higher level programming languages-
again reducing the potential for mischief.'

I don't follow this argument. It's written in C therefore it's less dangerous than if it's written
in assembler? Would someone care to list these unix virii and the high level language they are written in?

'Hruska claimed Japan was currently leading the charge when it comes to interest in non-Microsoft desktop software.'

You are a day late and a dollar short. Japan has had a love affair with FreeBSD and more recently Linux for at least a decade.

• Reply to comment
• Reply to story
• Report offensive content

• Just In

• Most Popular

• Most Discussed

Reader Services

Popular Topics

Essentials