I really don't know or understand where you get all this from.
What motivates criminals or vandals in the first place. Criminals are motivated by easy reward and their target selection is based on the weak and vulnerable. Who are the weak and the vulnerable computer users - sadly almost exclusively M$ users. They use the os as a tool and normally totally unaware of their own vulnerability. Easy targets.
Vandals - normally intelligent beings bored with their environment and envious of others. Again they will perpetrate their deeds in an environment that offers liitle exposure to being caught. Again the vulnerable - M$ users.
The vast majority of Linux users are technophiles. Aware of their environment and their own systems and generally not soft targets. This does not mean they are not attacked. I have an internet server which is attacked several times a day. If you make it hard attackers are not going to generally try very hard as they move on to softer targets where they don't have to work so hard. Don't blame Linux. The blame lies with the user in most instances since it is they who have failed to ensure their own security. If you have a house and leave all the doors and windows (excuse the pun) open you are bound to be the victim of a robbery at some stage.

3a is not self-evident. Some parts of 3b might be... mainly those parts about most Linux user being honest well-meaning citizens. Now, please stop belaying the point and provide some hard facts backing up your assertions. Enough of this ambiguous BS... you are wasting the time of everyone who is at all interested in helping you see the truth.

You really need to stop smoking that stuff. It is making you paranoid.

Windows is under attack because (a) it is everywhere and (b) it is, by default, vulnerable - although the moderately astute user can secure it quite adequately.

Linux/Unix machines are often higher value targets than Windows machines bercause they are used as servers and routers. They most certainly are under attack, and there are any number of exploits that work against them. Linux sysadmins most certainly do have to harden their systems.

It is clear that you really have no comprehension of how a modern OS works, and how it interacts with the hardware. Just keep in mind that DOS was primitive even by the standards of the day.

...well, sounds like someone has got a self-appointed task, in which case please don't complain about your 'time being wasted'. No one is being forced to read this thread or respond. You're all big boys, and if you want to play big boy games, you're playing by big boy rules, as they say in the SAS.

Tiger at least seems interested in discussing some key issues, like motivation.

True: (true) Criminals are motivated by easy money. Corollary: They commit crimes that make money.

Vandals: bored, intelligent (not always) envious (not always), don't want to get caught? (depends on the reward, i.e., peer praise, fame).

Who profits from attacks on Micosoft Windows users? Microsoft, hundreds of 3rd party 'anti-virus' sellers, security consultants etc. And there you have probably the largest group of conflicted and vested interests imaginable, adding up to a massive economic engine sucking people dry like vampires. Wel that explains alot of 'hackers, crackers, and attackers'.

And just like the mafia and all organized crime, they will lure and goad 'kids' and delinquents into doing much of the dirty-work so they can remain at arms-length and avoid legal culpability.

Vandals are used by Criminals to make money.

But doesn't explain the whole picture any more than 'lone gunman' explains John F Kennedy's assassination. Yeah, then another 'lone gunman' killed the 1st lone gunman. Yeah okay.

By the same token, you need to play by the big boy rules as well. These involve backing up what you say with facts not meaningless anecdotes about world war 2 and gym teachers.

We have invested time and effort into putting well worded responses together regarding your security concerns but you seem too wrapped up in your imagination to actually read and comprehend them.

Are you suggesting that MS, the antivirus companies, and security consultants are the primary manufacturers of viruses and worms? Because that sure seems to be your point. I think you'll find that even harder to backup than your rambling about the Linux crackers.

Nice to say but now back it up. Remember... big boy rules mean we can show facts which support our assertions.

Your certainly right it doesn't explain the whole picture. It barely even explains your own statements.

Are you suggesting that vested interests like 'anti-virus/spyware' makers *don't* take an active role in creating and promoting viruses/trojans/spyware? These are well documented public facts.

Just go to the websites of Anti-Spyware makers and read all about them, as they blow the whistle on each other. Even SpyBot is making public allegations that their competitors are uploading spyware to their own customers and marking competitive products falsely as 'spyware' (or truly as spyware!)

There are warnings all over the net not to trust '3rd-party' anti-spyware. Even Yahoo's Toolbar, hailed as a fantastic 'anti-popup/spyware' shield is itself SPYWARE, and there are complaints all over the net.

I don't have to offer 'proof' or 'evidence' of such trivialities. They're freebees.

It's like watching the mob turn and testify against itself in a shark feeding frenzy.

So now we know who is doing a LOT of the cracking and hacking. Who are the others?

Everybody knows that the CIA and the spooks from every other country are also constantly inventing and testing hackware and 'simulating' attacks by ACTUALLY ATTACKING anything and everything on the net. Buyer beware. Your tax money is being spent directly on wrecking your system, in order to gather data on and hone the techniques of cracking and hacking for espionage purposes.

So lets see: you have Microsoft (and all its subsiduaries and spooks), All the 3rd-party coat-tail riders, security (anti-security) firms, and spies of every flavour. Who do they use and set up? kids, hackers, losers, misfits, snitches, witness-protection clients and anybody they can force to work for them.

And if you don't cooperate, there's always Ruby Ridge. Yeah they'll shoot your wife and kids, because in the modern world, there's no moral or ethical difference between the cops and the crooks.

Whoa... time to take your meds. I'm as paranoid and anti-fed as the best of them but I can see a nutcase when they pop out of the woodwork (hey, it takes one to know one).

You haven't provided facts... again you have slipped into anecdotes (Ruby Ridge) and rumor. On top of that, you have not shown in any way that these companies get kids and others to work for them and take the fall.

Worst of all, this doesn't even relate to your original statement about Linux users being the main bad guys out there.

[frob relaxes, starts to enjoy the fall, and calmly drinks his tea... wondering how deep this particular rabbit hole goes.]

yeah, thanks for reminding me: German drug companies supplying LSD to the CIA to derail the Anti-Vietnam protest.... four dead in Ohio. No reason to be paranoid.

English is such an imperfect language for communicating meaning, but so apt for starting fights:

I said (meant) ..."crackers are all Linux users." Wouldn't you want your own machine secure?
Not: "Linux users are all crackers." (although this is cuter.) 0

"criminals are all gun-owners." is not the same as "gun-owners are all criminals." (or is it?)

I never said you said all Linux users were crackers. That would be reversing what you actually said, which is that the crackers were using Linux. You've already pointed out this reversal but it was never made by myself or anyone else here. You have yet to show that the majority of crackers prefer Linux and attack Windows because they hate Microsoft (remember that was what you said... look back and check if you forgot).

What the hell does the CIA LSD test have to do with Linux and crackers? You keep pulling more random stuff in the path of your real argument to disguise the fact that it lacks substance.

Now, back up your statements in 3a. We are all waiting with baited breath to see this wonderful proof of the demons in our midst.

EDIT:

I wouldn't go so far as to say that you're making a fool of yourself, but it is plain that you're missing some of the *nix fundamentals based on the assumptions you make. See below.

Not quite, even in the days of real-mode execution; in today's protected-mode operating systems, not even close.

Actually, many (if not most) motherboards have a DIP switch or jumper to enable BIOS write protect.

However this is largely unnecessary under *nix. Here is the chain of events which must happen - and EACH point would have to be vulnerable:

1. You would first require a user who is stupid enough to click an executable attachment. Yes, I am using the charged word "Stupid" - intentionally. The reason: In the Windows world, no matter how many times IT says "don't open attachments unless you KNOW what they are AND are expecting it" users invariably click them. "Gee, what's this? Let me click it and find out." That is the epitome of stupidity. So now, for the sake of your argument, we will assume that your defined first line of defense will be compromised 100% of the time.
2. Assuming the attachment is a windows .exe, it will NOT run on Linux without an API thunking/translation layer. For the sake of this argument we will assume a) wine or a workalike is present b) .exe is associated with wine, allowing clickable-execution of Windows programs and b) wine is correctly installed, allowing Windows executables to run

The BIOS-overwriting virus is now dropped dead in its tracks. Wine does not allow direct access to the hardware because a) windows drivers are not implemented in wine and b) it is in protected memory c) the kernel itself blocks direct access to hardware and b) *nix permissions block it AND the umask further filters permissions

Now, for the sake of your argument, to play devil's advocate, we will assume that the attachment is a Linux or *BSD executable.

1. You would first require a user who is stupid enough to click an executable attachment. Yes, I am using the charged word "Stupid" - intentionally. The reason: In the Windows world, no matter how many times IT says "don't open attachments unless you KNOW what they are AND are expecting it" users invariably click them. for this example we will assume that your *nix users are equally clueless and go "Gee, what's this? Let me click it and find out" 100% of the time. That is the epitome of stupidity. So now, for the sake of your argument, we will assume that your defined first line of defense will be compromised 100% of the time.
2. Now the virus will attempt to copy outside of ~ to overwrite /bin/ls. It is stopped dead in its tracks.
3. For sake of argument we will further assume that your sysadmin gave clueless users write access to /bin. Okay, /bin/ls has now been compromised. Now someone will have to execute ls -- WITH ROOT PRIVILEGES -- in effort to overwrite the BIOS. We will assume it happens; the script is stopped dead in its tracks because it is not installed as a kernel module. Game over.

This is where you are falling short and your lack of *nix fundamentals is showing. Unless you have a VERY lazy sysadmin (such as often exist in the OS/X world, unfortunately, because users are UNWILLING to learn permissions. I've seen some environments where they "chmod -R 777 /" - a VERY bad -- and stupid -- thing to do) permissions are enforced by the filesystem driver, and by default the kernel.

Ah but now you're relying on non-updatable hardware for security. Once a vulnerability is found in hardware (nonflashable firmware), and the exploit is made known, all bets are off and infection is guaranteed.

It takes a certain level of stupidity, such as the "chmod -R 777 /" situation I referenced above.

What is your proposed alternative?

Limiting root use to administration is a very reasonable solution; it has worked for ~30 years so far and you can count the number of *nix viruses on your fingers, and they tend to only spread in sloppy environments where sloth reigns supreme.

{snip}

Now you've just castrated one of the best features of most processor architectures out there.

1. Just exactly how slow do you want your computer to run? Thanks, but I'd rather my Pentium Xeons run like Xeons and not like an 8088.
2. If this is implemented in hardware, when an exploit IS found, what do you think the vendors' solutions would be? A free upgrade from Bill & Ted's Excellent Motherboards? Think again: they'll tell you the product is EOL and would you consider upgrading to the latest widget-based motherboard which can not only run your current program, but make you a tuna-fish sandwich while you wait for it to boot?

Forkbombing is still possible on many Distros.
That is, apparently Linux USER ACCOUNTS aren't secure at all,
and are quite capable of bringing down the system WITHOUT BEING ROOT.

http://www.securityfocus.com/columnists/308

has a discussion on this: follow the threads too.

penguinlnx, that comes down to sysadmin sloth (laziness) and it is dependent upon how the kernel is compiled. Choosing an outdated distribution (e.g., Debian), a poorly-managed distribution, or simply compiling the kernel with the vulnerability is not really what one would consider to be an inherent *nix flaw, but a Stupid User Trick™.

Should we point out that Windows is still very vulnerable to DDoS attacks and a variety of buffer overruns, despite numerous attempts by M$ to fix them?

This is certainly a vulnerability, but one that can be fixed by the sysadmin. Which is not to excuse it.

Nonetheless, an exploit that crashes the server is a long step short of where you started, which was with malicious code that could take over the machine by gaining the processor after being loaded in RAM.

17-03-2005: Linux Kernel Multiple Unspecified ISO9660 Filesystem Handling Vulnerabilities
15-03-2005: Linux Kernel PPP Driver Unspecified Remote Denial Of Service Vulnerability
15-03-2005: Linux Kernel Netfilter Memory Leak Local Denial of Service Vulnerability
09-03-2005: Linux Kernel SYS_EPoll_Wait Local Integer Overflow Vulnerability
08-03-2005: RedHat Linux Less Remote Buffer Overflow Vulnerability
19-02-2005: Red Hat Enterprise Linux Kernel Multiple Vulnerabilities
16-02-2005: Advanced Linux Sound Architecture Libasound.SO Stack-Memory Protection Bypass Weakness
15-02-2005: Linux Kernel Multiple Local Buffer Overflow And Memory Disclosure Vulnerabilities
15-02-2005: Linux Kernel Multiple Vulnerabilities
14-02-2005: VMWare Workstation For Linux Local Privilege Escalation Vulnerability
07-02-2005: Linux Kernel ntfs_warning() and ntfs_error() Local Denial of Service Vulnerability
04-02-2005: SuSE Linux Open-Xchange Unspecified Path Traversal Vulnerability
03-02-2005: Linux Kernel IPV6_Setsockopt IPV6_PKTOPTIONS Integer Overflow Vulnerability
24-01-2005: Linux Kernel Device Driver Virtual Memory Flags Unspecified Vulnerability
21-01-2005: Linux Kernel Unspecified Local NFS I/O Denial of Service Vulnerability
20-01-2005: Advanced Linux Sound Architecture Library Stack Protection Disabling Weakness
19-01-2005: Linux Kernel Audit Subsystem Local Denial Of Service Vulnerability
13-01-2005: Linux Kernel User Triggerable BUG() Unspecified Local Denial of Service Vulnerability
12-01-2005: Linux Kernel Symmetrical Multiprocessing Page Fault Local Privilege Escalation Vulnerability
11-01-2005: Linux Kernel Multiple Unspecified Vulnerabilities
10-01-2005: Linux IPRoute2 Netbug Script Insecure Temporary File Creation Vulnerability
07-01-2005: Linux Kernel Random Poolsize SysCTL Handler Integer Overflow Vulnerability
07-01-2005: Linux Kernel Multiple Local MOXA Serial Driver Buffer Overflow Vulnerabilities
07-01-2005: Linux Kernel SCSI IOCTL Integer Overflow Vulnerability
07-01-2005: Linux Kernel Local RLIMIT_MEMLOCK Bypass Denial Of Service Vulnerability
07-01-2005: Linux kernel Uselib() Local Privilege Escalation Vulnerability
05-01-2005: Linux Kernel SYSENTER Thread Information Pointer Local Information Disclosure

The point is, Most Linux newbies install it right out of the box,
and haven't a clue how to tighten it down to the security level
of a server that's been running for 3 years.

A Linux New User would be lucky to even put together a shakey grasp
of security issues over a one or two year period, by which time
he could have been hacked a few hundred times.

Most Home Linux users don't have friends who happen to be
Server Administrators or Linux Security Experts, willing to come over for a few days.

Most current Distro kernels have their buns in the air as we speak.