Why do computers even need virus protection?

Pages: 123
The title is wrong. It should be: why Windows needs virus protection? Linux and other OSes engineered with security in mind don't need virus protection.
It should be: why Windows needs virus protection? Linux and other OSes engineered with security in mind don't need virus protection.

Not true, unfortunately. For example, you can browse to web pages that would love to run Java on your machine and despite your OS being well designed, the Java can still read your files as you.

Furthermore, you might want to check the documents passed to you, so that you don't later pass on material that contains suspicious content.
Saying you don't need virus protection is like saying the worst case scenario is never touching a virus.

It's possible to have a completely secure system, but it's very unlikely because of how large the systems are and how many people of different skill levels worked on it.
Why do computers even need virus protection? Same reason programmers need compilers to catch their errors. We are human and make errors, computers and applications are made by humans. Unfortunately some humans hide viruses inside their applications or have it so if you give the main program permission it then sneaks and runs a program in the background that either is a key logger stealing your data or a virus to mess up your computer.
closed account (3qX21hU5)
The title is wrong. It should be: why Windows needs virus protection? Linux and other OSes engineered with security in mind don't need virus protection.


Every system will have holes in it that "hackers" will exploit (Even the OS's engineered with security in mind like Linux and other OS's). The majority of viruses are for windows that is true. But that isn't just because Windows has poorly designed security. I would say it is because out of all the OS's out there windows is the most used system so a obvious choice to a write you code for, and look for vulnerabilities in.

I am not saying windows does everything perfect for security (Far from it), I am just saying you can't blame it on windows completely. Because if lets say Linux was the number 1 installed OS in the world, we would be saying the same thing about it.
Would a criminal looking to steal credit card information target brilliant Linux users that would not even do anything that could get the virus in the first place? Or would they target the technologically-impaired Windows users that click on everything in the hopes of getting the computer to do what they think it is supposed to do?
I'll be honest, I don't have virus protection on my windows partition. Well I have a virus scanner, but it's not set to regularly scan and is not set to protect against possible threats. I'm not stupid with my computer and I keep my internet connected apps up to date for security risks. I keep the scanner just in case, but for the most part I have no need for it. My firewall (the built in windows one) works just fine.

Every system will have holes in it that "hackers" will exploit (Even the OS's engineered with security in mind like Linux and other OS's).


True, but we're not talking about targeted attacks, but viruses. The facts are simple: there are virtually no viruses for Linux/MacOSX right now despite their popularity (a few % are still millions).


Not true, unfortunately. For example, you can browse to web pages that would love to run Java on your machine and despite your OS being well designed, the Java can still read your files as you.


There has to be a Java vulnerability for that, first, because Java don't let applets read contents of the disk.

Second, I never run untrusted java applets - the nice thing about low popularity of Java applets is that I can enable them selectively for the pages I know and I need; and 99% pages don't need them, so default is to disable them).

Third, what would that Java applet do on my system? It can't register into autostart. It can't install a keyboard/screen hook. It might probably read my email; however writing a Linux virus that can reliably read user's emails assuming a huge fragmentation of Linux distros and programs used is much a tougher task than doing it for Windows. And actually it couldn't because it would need to know my password or hijack Gmail session - so it had to exploit some browser vulnerability.

I'm not saying Linux is inherently secure, but that it is enough protected and enough not-popular that nobody has interest in writing Linux viruses. Nobody tries to break into an alarmed house with closed doors/windows if there is a house with open windows next to it.


Because if lets say Linux was the number 1 installed OS in the world, we would be saying the same thing about it.


But which Linux? There is a dozen of active distros and multitude of combinations of various kernel/library versions and configurations. Additionally Linux is patched extremely fast compared to proprietary systems. It is very hard to write one reliable virus to target most of the Linuxes.
Last edited on
closed account (G309216C)
Well, Windows is actually more secure than Linux and Unix but not than Mac reason for this is because I reported multiple vulnerabillities to Linux regard it's remote Exploits. But again Unix is similar to Linux so there are many Native Exploits in Unix as well.

Whereas I only reported 1 vulnerability to Windows regarding Firewall which was vulnerably to Code Execution if attacked on a port I am not revealing. Although It was Windows Firewall, think how many people use it. But millions may use Firewall only but Linux also has tons more vulnerabilities in their OS but it is just that more use Microsoft Windows and not Linux\Unix.

Microsoft is targeted because major bussinesses to government facilities tend to use Windows due to ease of access and ease of using.

I would never exploit Windows or any Other OS as first even if I found one I would be considered evil to others. Other thing is Computer were made for good and not bad.

If anyone does not trust me of reporting Vulnerabilities PM me for a Proof of me reporting it.
How about vulnerability where Windows can be dropped into bluescreen by simple program which does not require any privilegies? Which works on terminal servers as well? Which was known for two years at least and it took publication on major IT resource for Micrososoft to admit that problem exist and fix it? If you weren't updating your Windows for last three days, look in exceptions topic, find offtopic code, compile it and run.

It was exception in freakin window resizing code! Which retard thought that placing UI code into kernel is good idea? PNG, WPF and others formats vulnerabilities... I cannot remember it all...
Last edited on
Moral of the story:
Use linux.

I have been using Linux for the last 4 years and I've never had a virus.
I switched to Linux when my Windows went down with a virus. Note that I actually PAID for Windows.

The only thing worse than pirating Windows is paying for Windows.
Last edited on
closed account (z05DSL3A)
Well, Windows is actually more secure than Linux and Unix but not than Mac reason for this is because I reported multiple vulnerabillities to Linux regard it's remote Exploits. But again Unix is similar to Linux so there are many Native Exploits in Unix as well.
Mac OS X is Unix...just sayin'.
closed account (3qX21hU5)
I would use linux if I could actually play my AAA games on it :(
Well, Valve have started to support Linux. And many games runs under Wine. Most Blizzard games do. I think there will be problems with damned Origins, though.
Last edited on
closed account (3qX21hU5)
That is true, though I would rather not mess with workarounds and stuff just to get a game working. The last previous times I have tried running my games on *Nix they always ran into one error or another that I had to find a workaround for. I eventually just gave up and went back to windows.

Now I'm on Windows 8 and loving it despite what most other people think of it (I love having metro instead of a start menu personally).

Though Valve seems promising, and if that starts to pick up support I might consider switching back.

For viruses I couldn't really care much about it. The way I deal with them is I to backup all my important files and stuff to my NAS server (Used to use external HD's), because I do regular system restores every few months or so. So if a virus does hit my system by chance it isn't that hard to do a full restore of the PC if I can't remove it easily. Takes only about 1-2 hours at most to do the restore and restore all the files to the computer.

So that is another tip you can use a AV if you want to, but always make sure you keep a backup of your system. That way when disaster strikes (Which it will) you are prepared.
my mum and girlfriend are always downloading virus checkers that are viruses or getting bloody babylon search toolbar somehow and all that crap

But millions may use Firewall only but Linux also has tons more vulnerabilities in their OS but it is just that more use Microsoft Windows and not Linux\Unix.


Citation needed.
But millions may use Firewall only but Linux also has tons more vulnerabilities in their OS but it is just that more use Microsoft Windows and not Linux\Unix.[Citation needed]
FTFY
Last edited on
All Operating systems make tall claims about how secure their offering is. Common Criteria is the standardised, rigorous, repeatable and verifiable framework for computer security certification.
http://en.wikipedia.org/wiki/Common_Criteria

Based on that, there is very little to choose between the two mainstream operating systems. Versions Linux that have been certified (Suse, RedHat, Oracle among them) and versions of Windows since 2000 have all been evaluated at EAL4 or EAL4+.
http://en.wikipedia.org/wiki/Evaluation_Assurance_Level#EAL4:_Methodically_Designed.2C_Tested.2C_and_Reviewed

IBM's PR/SM LPAR is the exception; these operating systems are certified at EAL5 or EAL5+.

The complete list of certified products (among them 100 operating systems) is publicly available at the Common Criteria site. http://www.commoncriteriaportal.org/products/

Subject to the caveat:
Technically speaking, a higher EAL means nothing more, or less, than that the evaluation completed a more stringent set of quality assurance requirements. It is often assumed that a system that achieves a higher EAL will provide its security features more reliably (and the required third-party analysis and testing performed by security experts is reasonable evidence in this direction), but there is little or no published evidence to support that assumption. - - Wiki


What is perhaps true is that the typical Windows user uses the OS in a more vulnerable manner than the typical Linux user. Just as the typical Linux user uses the OS in a more vulnerable manner than the typical Unix user.

I would like to see an OS with a switch on the back of the computer that you could turn the switch on for strong security, bounds and memory access checking, etc. or you could turn it off for none of that and heve the computer be super fast. Obviously with it off like that you would have to agree that you are held responsible for any damage.
Pages: 123