Operating Systems and Security Against Viruses

This is a discussion on Operating Systems and Security Against Viruses within the A Brief History of Cprogramming.com forums, part of the Community Boards category; Another way would be to intercept the O/S I/O requests on any file(s) and/or folder(s) to be hidden. Thus, bypassing ...

  1. #1
    Registered User
    Join Date
    Dec 2006
    Location
    Canada
    Posts
    3,183
    Another way would be to intercept the O/S I/O requests on any file(s) and/or folder(s) to be hidden. Thus, bypassing the item to be hidden.
    And your program will now be qualified as a virus =). AFAIK, there is no "normal" way of doing this.

  2. #2
    C++まいる!Cをこわせ!
    Join Date
    Oct 2007
    Posts
    22,901
    Quote Originally Posted by cyberfish View Post
    And your program will now be qualified as a virus =). AFAIK, there is no "normal" way of doing this.
    That depends on what it does. Many AV & security software solutions use this method to protect the system.
    No, it's not a normal way and it's bound to break with new versions of Windows. Many security companies were hooking calls to the kernel, but Microsoft stopped that with their KernalGuard (for x64 XP/Vista).
    Quote Originally Posted by Adak View Post
    io.h certainly IS included in some modern compilers. It is no longer part of the standard for C, but it is nevertheless, included in the very latest Pelles C versions.
    Quote Originally Posted by Salem View Post
    You mean it's included as a crutch to help ancient programmers limp along without them having to relearn too much.

    Outside of your DOS world, your header file is meaningless.

  3. #3
    Registered User
    Join Date
    Mar 2005
    Location
    Mountaintop, Pa
    Posts
    1,059
    Quote Originally Posted by cyberfish View Post
    And your program will now be qualified as a virus =). AFAIK, there is no "normal" way of doing this.
    You had better start notifiying such companies as Mikko Technologies (File Protector) and other companies that market Folder Hider, Folder Castle and similar products to cease and desist their marketing immediately since they're only selling a virus. These companies and more use the same principle that I outlined above to hide files and folders. I would suggest you start immediately since there are a lot of commercial and shareware entities markieting this "virus". I think we may have a pandemic.

  4. #4
    Registered User
    Join Date
    Dec 2006
    Location
    Canada
    Posts
    3,183
    well, I guess in the windows world people are used to have third parties "fixing" windows bugs. Viruses work by exploiting Windows vulnerabilities (bugs in Windows). I always find it funny when I see how Microsoft "recommend" people install antiviruses (basically Windows bug fixing packages), instead of fixing those bugs themselves. In the UNIX world, if you tell someone that has never heard of Windows about the concept of antivirus softwares... he/she would think you are joking. A program that does what antiviruses do, on Linux, would be most certainly considered a virus. I guess Windows changes the definition of virus...
    Last edited by cyberfish; 02-24-2008 at 07:49 PM.

  5. #5
    C++まいる!Cをこわせ!
    Join Date
    Oct 2007
    Posts
    22,901
    Well, no, not all... Anti-virus software stop spread of malicious software, for one. That has nothing to do with the operating system.
    Many security companies add extra security to Windows, not fix bugs... They aren't bugs, it's more like it's missing security features.
    But then, if they tried to add it, they would probably find EU breathing down their necks.
    Quote Originally Posted by Adak View Post
    io.h certainly IS included in some modern compilers. It is no longer part of the standard for C, but it is nevertheless, included in the very latest Pelles C versions.
    Quote Originally Posted by Salem View Post
    You mean it's included as a crutch to help ancient programmers limp along without them having to relearn too much.

    Outside of your DOS world, your header file is meaningless.

  6. #6
    Registered User
    Join Date
    Dec 2006
    Location
    Canada
    Posts
    3,183
    Well, no, not all... Anti-virus software stop spread of malicious software, for one. That has nothing to do with the operating system.
    Many security companies add extra security to Windows, not fix bugs... They aren't bugs, it's more like it's missing security features.
    But then, if they tried to add it, they would probably find EU breathing down their necks.
    I am not saying anti-virus programs are viruses. People need anti-viruses to stop spread of malicious software only because Windows is inadequate at protecting itself. Malicious softwares work by exploiting software vulnerabilities (aka bugs). In a well-designed OS, no anti-virus is needed. Take, for example, Mac OS X or Linux. There was once a proof-of-concept virus written for Linux a few years ago, just to prove that Linux security is not perfect, and it was recognized as a bug in Linux, and was fixed by the Linux people (where Microsoft would irresponsibly recommend users to install an anti-virus to combat that). IMHO, that is the level of security an OS should seek to achieve. Also worth noting that Windows is the only OS out of hundreds currently in use today that requires an anti-virus for normal operation.

  7. #7
    C++まいる!Cをこわせ!
    Join Date
    Oct 2007
    Posts
    22,901
    I think you misunderstand.
    Linux is probably more insecure than Vista.
    "What!?" you say.
    Windows has long been exposed to all kinds of attacks and therefore has always needed better security. Linux and Mac OTOH are not so much exposed to attacks and therefore do not need so much security. Believe me, there are probably thousands of security holes in the Linux kernel that no one knows of. There may just be 100 in Windows, since Microsoft is patching them all since hackers are exploiting them.

    However, it may not even be bugs or security holes. It may just be the way it was designed. People can always get around it, even if it's secure. Even if no one can break in.
    So if your computer would be unbreakable if they didn't have the password... well, if they got the password somehow, then your computer wouldn't be unbreakable, would it? No, no, no. There's no such thing as a bug here. Just the way it was designed.

    Microsoft is right to recommend AV & Firewall to everyone, including Linux & Mac people because it adds extra security around everything. Is it a bug to run software? No? Then Windows breaks no rule when it executes malicious software, which is, after all, software.

    Linux & Mac users may not need a firewall and av software simply because the OSes are simply less exposed to attacks.
    Quote Originally Posted by Adak View Post
    io.h certainly IS included in some modern compilers. It is no longer part of the standard for C, but it is nevertheless, included in the very latest Pelles C versions.
    Quote Originally Posted by Salem View Post
    You mean it's included as a crutch to help ancient programmers limp along without them having to relearn too much.

    Outside of your DOS world, your header file is meaningless.

  8. #8
    C++ Witch laserlight's Avatar
    Join Date
    Oct 2003
    Location
    Singapore
    Posts
    22,127
    This thread was moved from rehan's File hide in C++ thread.
    C + C++ Compiler: MinGW port of GCC
    Version Control System: Bazaar

    Look up a C++ Reference and learn How To Ask Questions The Smart Way

  9. #9
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Portugal
    Posts
    7,532
    Malware availability in windows has probably more to do with a business decision then Microsoft's always advertised inability to deal with security issues.

    I know I'm stretching it, but I can't stop thinking the large quantity of $$$ that characterizes the industry that thrives with Microsoft "invulnerabilities".

    What would happen to this industry if tommorow Microsoft launched the successor to Vista with a new file security system similar to that of Linux?
    The programmer’s wife tells him: “Run to the store and pick up a loaf of bread. If they have eggs, get a dozen.”
    The programmer comes home with 12 loaves of bread.


    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

  10. #10
    C++ Witch laserlight's Avatar
    Join Date
    Oct 2003
    Location
    Singapore
    Posts
    22,127
    Linux is probably more insecure than Vista.
    "What!?" you say.
    Windows has long been exposed to all kinds of attacks and therefore has always needed better security. Linux and Mac OTOH are not so much exposed to attacks and therefore do not need so much security. Believe me, there are probably thousands of security holes in the Linux kernel that no one knows of. There may just be 100 in Windows, since Microsoft is patching them all since hackers are exploiting them.
    I would like to buy that reasoning, but it requires actual statistics, otherwise it is mere speculation. This old article on Windows v Linux security: the real facts points out that even if such statistics are provided, they may be a victim of bias.

    Linux & Mac users may not need a firewall and av software simply because the OSes are simply less exposed to attacks.
    I believe firewalls are a standard installation on Linux servers.

    What would happen to this industry if tommorow Microsoft launched the successor to Vista with a new file security system similar to that of Linux?
    What's so special about Linux's file security? It seems to me that with Vista users are less likely to run as administrators unless absolutely necessary, and that has been one of the strengths of these Unix-like systems.
    Last edited by laserlight; 02-25-2008 at 02:32 PM.
    C + C++ Compiler: MinGW port of GCC
    Version Control System: Bazaar

    Look up a C++ Reference and learn How To Ask Questions The Smart Way

  11. #11
    Internet Superhero
    Join Date
    Sep 2006
    Location
    Denmark
    Posts
    964
    Quote Originally Posted by Elysia View Post
    I think you misunderstand.
    Linux is probably more insecure than Vista.
    "What!?" you say.
    Windows has long been exposed to all kinds of attacks and therefore has always needed better security. Linux and Mac OTOH are not so much exposed to attacks and therefore do not need so much security. Believe me, there are probably thousands of security holes in the Linux kernel that no one knows of. There may just be 100 in Windows, since Microsoft is patching them all since hackers are exploiting them.

    However, it may not even be bugs or security holes. It may just be the way it was designed. People can always get around it, even if it's secure. Even if no one can break in.
    So if your computer would be unbreakable if they didn't have the password... well, if they got the password somehow, then your computer wouldn't be unbreakable, would it? No, no, no. There's no such thing as a bug here. Just the way it was designed.

    Microsoft is right to recommend AV & Firewall to everyone, including Linux & Mac people because it adds extra security around everything. Is it a bug to run software? No? Then Windows breaks no rule when it executes malicious software, which is, after all, software.

    Linux & Mac users may not need a firewall and av software simply because the OSes are simply less exposed to attacks.
    Linux is open source, there might be thousands of people going through the code every day, which is hardly the case with Vista, so how could there be more security holes in the Linux kernel? Unless you have something to proove your point, i'd say you're wrong...
    How I need a drink, alcoholic in nature, after the heavy lectures involving quantum mechanics.

  12. #12
    C++まいる!Cをこわせ!
    Join Date
    Oct 2007
    Posts
    22,901
    Quote Originally Posted by Mario F. View Post
    What would happen to this industry if tommorow Microsoft launched the successor to Vista with a new file security system similar to that of Linux?
    Oh, if it increases security, you bet EU will be breathing down their necks and security companies screaming foul and Microsoft would find themselves in many more lawsuits than already.

    Quote Originally Posted by laserlight View Post
    I would like to buy that reasoning, but it requires actual statistics, otherwise it is mere speculation. This old article on Windows v Linux security: the real facts points out that even if such statistics are provided, they may be a victim of bias.
    Indeed, but I would point out that just because an OS is safer to use doesn't mean that it has fewer vulnerabilities.
    A typical example of that is Firefox which is actually more insecure in the code that Internet Explorer but they can get away with it due to the smaller install base.
    Quote Originally Posted by Adak View Post
    io.h certainly IS included in some modern compilers. It is no longer part of the standard for C, but it is nevertheless, included in the very latest Pelles C versions.
    Quote Originally Posted by Salem View Post
    You mean it's included as a crutch to help ancient programmers limp along without them having to relearn too much.

    Outside of your DOS world, your header file is meaningless.

  13. #13
    C++ Witch laserlight's Avatar
    Join Date
    Oct 2003
    Location
    Singapore
    Posts
    22,127
    Linux is open source, there might be thousands of people going through the code every day, which is hardly the case with Vista, so how could there be more security holes in the Linux kernel?
    As Ken Thompson has pointed out, you can't trust code that you did not totally create yourself.

    (And then you may not even be able to trust the code that you did create, heheh.)

    Indeed, but I would point out that just because an OS is safer to use doesn't mean that it has fewer vulnerabilities.
    I agree, but you have given numerical estimates that posit that Vista is about 100 fold less vulnerable than Linux, based solely on the relative number of known attacks.

    A typical example of that is Firefox which is actually more insecure in the code that Internet Explorer but they can get away with it due to the smaller install base.
    I think that all the major web browsers are insecure, but saying "Browser X more insecure in the code than Browser Y" requires substantiation.
    C + C++ Compiler: MinGW port of GCC
    Version Control System: Bazaar

    Look up a C++ Reference and learn How To Ask Questions The Smart Way

  14. #14
    C++まいる!Cをこわせ!
    Join Date
    Oct 2007
    Posts
    22,901
    Quote Originally Posted by Neo1 View Post
    Linux is open source, there might be thousands of people going through the code every day, which is hardly the case with Vista, so how could there be more security holes in the Linux kernel? Unless you have something to proove your point, i'd say you're wrong...
    I would also like to add that even if reviewing the code (and how do you do that anyway with so much code?), you don't realize something is broken until it breaks. Do you know how much time is spent debugging and finding out how hackers are eating their way into the system? Yes, that's right. We aren't geniuses.
    So...
    1) With so much code, it's very difficult to scan and sniff out every part.
    2) Programmers differ in experience, so someone less experienced may scan a part of a code and miss vulnerabilities.
    3) You don't know it's a vulnerability until someone utilizes it.

    Quote Originally Posted by laserlight View Post
    I agree, but you have given numerical estimates that posit that Vista is about 100 fold less vulnerable than Linux, based solely on the relative number of known attacks.
    Hmmm. I'm guessing more it's due the security they've built around the OS and the number of patches. But yes, it's a stab in the dark. A stab in the dark that may actually surprise many as it goes against some logical thinking.

    I think that all the major web browsers are insecure, but saying "Browser X more insecure in the code than Browser Y" requires substantiation.
    There was a report on how FF was actually more insecure than IE some time ago. It's funny, yet true, and yet still FF is more secure even though there are more vulnerabilities.
    Quote Originally Posted by Adak View Post
    io.h certainly IS included in some modern compilers. It is no longer part of the standard for C, but it is nevertheless, included in the very latest Pelles C versions.
    Quote Originally Posted by Salem View Post
    You mean it's included as a crutch to help ancient programmers limp along without them having to relearn too much.

    Outside of your DOS world, your header file is meaningless.

  15. #15
    (?<!re)tired Mario F.'s Avatar
    Join Date
    May 2006
    Location
    Portugal
    Posts
    7,532
    Quote Originally Posted by laserlight View Post
    What's so special about Linux's file security? It seems to me that with Vista users are less likely to run as administrators unless absolutely necessary, and that has been one of the strengths of these Unix-like systems.
    I surely hope you are right, L.
    Because under Windows XP, despite the earlier advertisements, you can't really expect to be productive under non admin privileges.
    The programmer’s wife tells him: “Run to the store and pick up a loaf of bread. If they have eggs, get a dozen.”
    The programmer comes home with 12 loaves of bread.


    Originally Posted by brewbuck:
    Reimplementing a large system in another language to get a 25% performance boost is nonsense. It would be cheaper to just get a computer which is 25% faster.

Page 1 of 3 123 LastLast
Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Windows virus?
    By cyberfish in forum A Brief History of Cprogramming.com
    Replies: 99
    Last Post: 07-20-2008, 06:46 AM
  2. Viruses error code!!
    By Yarin in forum Windows Programming
    Replies: 7
    Last Post: 10-06-2007, 03:23 AM
  3. Software Engineering
    By Cii in forum A Brief History of Cprogramming.com
    Replies: 21
    Last Post: 06-11-2004, 05:00 PM
  4. Security on automated home
    By stimpyzu in forum A Brief History of Cprogramming.com
    Replies: 4
    Last Post: 04-11-2004, 02:14 AM

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21