Linux viruses from China predicts Russian expert

Kaspersky Lab Anti-Virus reckons Linux users will be under attack from Chinese viruses... soon. Will Knight reports

A Russian anti-virus expert has warned that an influx of viruses targeted at the Linux operating system (OS) is on its way courtesy of hackers in China.

Eugene Kaspersky, founder of Kaspersky Lab Anti-Virus in Moscow, says the increasing popularity of the open source operating system in the West, combined with the dramatic uptake of Linux in China, will result in a plague of Linux viruses spreading their way across the globe.

Although there exist a few 'proto-viruses' (incomplete viruses) designed to attack Linux, no functional versions have yet been discovered. Kaspersky says that experts at his company's laboratories have successfully completed one such prototype: the result is a fully functional and potentially virile Linux virus. Kaspersky assures ZDNet that the virus is under lock and key and will stay that way.

According to Kaspersky, Linux poses a new challenge for virus-fighters because its open source-code will put viruses-writers at a distinct advantage. He also says, "It's easier to develop a virus [for Linux] because the binary format of Linux executables is very easy to understand, making it easier to modify files."

But while Kaspersky warns of imminent doom for the open source phenomenon, Jason Clifford, Linux developer and consultant, thinks the threat is overblown. He points out that the file system in Linux is structured to make it more difficult for malicious code to spread. "Because Linux is based on Unix, it is much more strict about file permissions. In order for a virus to have a real effect it would require someone to be stupid enough to run (log in) as root. On a system with 1000 users, if one user were to compile a virus he would damage his own files but no anyone else's."

Clifford reckons the suggestion harks back to the old myth of "security by obscurity" and argues that access to source code actually makes Linux more secure than its commercial rivals. Freely available source code means thousands of experts within the open source community are able to perform security audits, he says.

Clifford adds that although it is possible for a Linux machine to be infected with a virus, vulnerability has more to do with a users vigilance than the operating system itself. "It's not so much about the product but about how you manage your system. We advise people never to do anything in root unless they absolutely have to."

Linux viruses are, as yet, unheard of. Will this change as it becomes more popular? Tell the Mailroom

Take me to the Virus Workshop

Take me to the Linux Lounge