Monday, June 7, 2010

Trolling berlinbrowndev: On Mac/Linux/Windows Computer Viruses and Trojans

Why do some users get computer viruses and others don't?

I swap between using Win, Linux, Mac. I haven't gotten a bad/crippling virus on my Windows machine because I am careful. And I even do simple things like turn my machine off when I am not using it.

For windows machines, they are just insecure by design. Most people don't even use Windows with the knowledge that they can setup other user accounts. So they don't setup less privs accounts. There is one, login, one machine and a virus has a potential to disrupt that machine.

I don't know if Viruses, Trojans always get in this way, but Windows has some very insecure APIs. The ActiveX is basically a Win API component that can be triggered by the web or desktop software. ActiveX is a basically a gateway into your machine, if you the hacker know what you are doing. And now you have PDF, Javascript, Flash and all of these filetypes and runtimes that can read web documents. You read the document, a trojan is downloaded on your machine. The trojan launches ActiveX. ActiveX is a world into the WinAPI. You can add registry settings, setup windows services, etc, etc.

So, there are major flaws with Windows (at least WinXP and prior, I only know Windows XP, I haven't used Win7).

I am not bashing Windows, I am just pointing that there are major security issues. And these issues have been around for a decade or more. So, virus writers have been writing for Windows. The Win32 API hasn't changed much. And it is popular. It is a win/win if you are hacker writer.

On Windows, I haven't gotten a crippling virus. I watch what sites I go to. I only use Firefox. I use a less priv'd account for general use. I disabled Flash.

No comments: