Feeds

UK Linux group slams Sophos virus threat claims

Anti-virus company is spouting FUD, says NetProject

  • alert
  • submit to reddit

Secure remote control for conventional and virtual desktops

Updated Anti-virus software developer Sophos has been accused of spreading fear, uncertainty and doubt over the safety of Linux systems by UK pro-open source organisation NetProject.

Sophos wrote to UK newspaper Computer Weekly t'other week to claim that viruses targeting Linux already exist.

Not so, responded NetProject director Eddie Bleasdale. Yes, anti-Linux viruses can be written, but Linux, like Unix, has sufficient systems in place to prevent unauthorised software from running on any "correctly configured and administered Linux computer".

"We have been working in the Unix area for over 20 years," Bleasdale said in a statement. "During this time we have never encountered a Unix or Linux virus nor have heard of any organisation that has been infected by a Unix/Linux virus."

So prove your claim, Sophos, challenged NetProject.

No, shan't, so there, responded the anti-virus company.

Bleasdale called Sophos for clarification, and received, he says, the following message from the company's senior spin doctor, Graham Cluley: "I don't have any response other than that which I have already given you...

"I don't have any more to say on the matter. I think it will be a waste of our mutual time if you email/phone Sophos on this matter again."

We considered giving Sophos a buzz too, but then we read Cluley's words: "I'll give the same response to any journalists who might call me up."

NetProject's challenge is simple: send an email with an attachment (presumably infected) and see if it screws up the system. Of course, where the infection comes from if there aren't, as Bleasdale claims, any Linux viruses doing the rounds is an interesting question, but presumably Sophos could come up with something.

Cluley later told The Register: "Sophos is in the business of protecting computers, not infecting them. Therefore we have no interest in responding to challenges to attack systems, especially when the result would only support what we know already."

"We believe that Linux is pretty much bullet proof and if Sophos is able to infect a well configured Linux box then it will uncover an implementation defect rather than a design flaw," said Bleasdale. "Anti-virus software simply treats the symptoms and does not address the fundamental design weaknesses that allow viruses... We need to stop the fear uncertainty and doubt that the anti virus companies are trying to create around Linux."

That last line's a dig at Windows. NetProject is essentially about promoting among UK businesses the use of systems that aren't based on Windows or other proprietary software, hence it's keen interest in Linux and open source.

In response to Bleasdale's FUD claim, Cluley told us: "Unix viruses are not a huge threat but the original purpose of Sophos' letter was to correct a previous correspondent to Computer Weekly who believed they did not and could not ever exist. Unix viruses do exist and there are many non-Sophos
sources which support that fact."

And that's certainly the case. Symantec's virus database lists only four Linux viruses, and Kaspersky Labs lists two (and one of those is already on Symantec's list, bringing to the total to... er... five. Which is, it has to be said, rather fewer than known Windows infections... ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Google+ goes TITSUP. But WHO knew? How long? Anyone ... Hello ...
Wobbly Gmail, Contacts, Calendar on the other hand ...
Preview redux: Microsoft ships new Windows 10 build with 7,000 changes
Latest bleeding-edge bits borrow Action Center from Windows Phone
UNIX greybeards threaten Debian fork over systemd plan
'Veteran Unix Admins' fear desktop emphasis is betraying open source
Microsoft promises Windows 10 will mean two-factor auth for all
Sneak peek at security features Redmond's baking into new OS
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
Google opens Inbox – email for people too stupid to use email
Print this article out and give it to someone techy if you get stuck
Redmond top man Satya Nadella: 'Microsoft LOVES Linux'
Open-source 'love' fairly runneth over at cloud event
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.