I was actually thinking this over, over dinner. And I remembered that there used to be TONS of virii for Macs. Why? In the absence of market share, because it was EASY. No protected memory, remember?
Why did all the virus writers disappear? 1. Not as trivial as it used to be. 2. Not enough return to justify the work.
But, hey, what do I know: you guys are right, you'll never see a virus/trojan/rootkit for OS X. Apple has better programmers than any other company in the world, and they know more about computer science and security than ANYONE. Their OS will never be vulnerable. Never mind the countless exploits for any *NIX you care to look at...
Why does Windows have more virii? Well, for one, market share. What is it, like, 90% of the desktops in the world run Windows? That leaves how many other OSes to fill the remaining 10%? Yea, no wonder virus writers don't concentrate their time writing virii for them. Windows virus writers tend to take advantage of an exploit/code bug to write a virus to do evil deeds. Traditionally, that hasn't been the case with *NIX operating systems. Typically, you see the exploit explained, and occasionally some shell code or some C code to make it work. But that's it, really. No real "virus" or "trojan." Maybe it's because the users would be trying to run a BIND exploit on a Solaris machine aren't likely to NEED a pre-written virus. Maybe it's because most people leave their Windows install the same way they got it from the factory, which means there isn't a lot of testing to be done across different versions. Most *NIX users are likely to customize the environment somehow, which makes the testing much more difficult and would lower success rates.
RE: the servers on the internet. Typically servers get a bit more monitoring than do desktops; or at least I know mine do
That means hacks/cracks/whatever get detected faster. What good is it to gain entry to a machine if it's just going to be taken away as soon as the SysAdmin finds it, likely in a matter of days or hours? They don't need a virus scanner to tell them something is wonky. Home desktop users, do. A home desktop users isn't likely to be running, say, TripWire to find out that the MD5 hash of explorer.exe has been changed. Probably lots of reasons servers aren't targeted for virii.
But, hey, like I said, if you think *NIX isn't vulnerable to anything because you don't see a ton of virii for it, just head over to InfoSec or BugTraq. You'll find a nice, long list of exploits for any version you care to look at.
Quote:
Originally Posted by stomachmonkey
|