I’m not a mindless fanboy. There are things about Linux which fail. Just now, as I was doing some research on this post, I ran into a website which caused a race condition on my Lenny box. I had to start closing tabs one by one until the CPU meter dropped to a normal level. For the most part, it happens on sites with heavy media apps, and usually it’s Guardian or Telegraph, online UK news organizations. At least, that’s where I notice it most. Such hammering never happened on Windows machines when I visited those sites, because the browser plugins work better on Windows.
However, that’s a small price to pay for a certain level of security. I’ve had Windows machines compromised several times. I’ve never had a Linux box compromised. I keep wondering if each new killer virus is going to bring things to a crisis point. This Downadup/Conficker thing is grabbing a lot of machines. Peaking at 15 million or so, we’ve been told the experts expected worse. However, this is just the latest in several versions of the virus, and the creator is a highly skilled expert. It gets meaner with each upgrade. Take note: Even if you applied the patch from MS, it can still be passed around inside a network, via a USB memory stick, via email, and some other typical user behavior. Simply turning off AutoRun may not solve the problem.
Just what would constitute a crisis point? I’m not sure anybody knows. Right now, everyone is waiting for the virus to download part 2, whatever it is the thing is waiting to download to all the machines it now controls. I’m wondering just how nasty this thing can get. Of course, we note the worm is not having such good luck in Western Europe and the US, because of the higher likelihood of those machines having been patched, we are told. The virus seems strongest in locations where pirated copies abound. However, I note it’s not hard to get a pirate copy of XP which updates just fine, yet does not phone home via WGA. I can get one tonight, but I have no desire to make my system the property of the Redmond Borg.
I’m going to guess whomever is producing this virus is waiting until it gains traction here in the West. That is, the current herd of 15 million bots will be sending out the next version, or something even nastier. Whatever he and his friends plan to do with that large of a bot-herd can’t be nice.
Meanwhile, I’m keeping Lenny up to date, and I don’t trust my DSL router/firewall to do all the work. I’m using a fairly simple script I found here [dead link removed]. While it seems crackers do try to grab Linux boxes, or other types of Unix(-like) systems, such attacks are rather hard to automate. A part of me wonders whether such attacks will be stepped up if a large number of Win-boxes disappear or are replaced with Linux boxes, so that the target share for Linux gets bigger.
