FeriCyde Analysis: Linux Attacks Rare But May Rise

Posted by PaulFerris on Oct 24, 2006 5:00 AM EDT
LXer.com; By Paul (FeriCyde) Ferris
Mail this story
Print this story

Paul Ferris discusses the inherent problems of news sources with large stock interests at stake.



You can twist perception, reality won't budge. --Rush


I've always admired the above quote. Illustrating the idea for us nicely is this happy little number by Steve Hargreaves on CNN -- "Security analysts: Mac attacks rare but may rise".

Dig into the article, though, and something rather disturbing makes itself apparent. Do they have any statistics to back the headline? Sure, there's "about a dozen" (count'em Tex!) virus alerts sent out monthly for the Mac. There are none, near as I can tell, in the alert space for Linux and -- drum-roll please -- 13,000 for Windows XP.

I'm sure a lot of people used to hearing me blather on about Linux are thinking this article is going to be a piece hell-bent on bragging about Linux security. The numbers and experience -- my own personal experience and that of others -- do that just fine.

Nope, the topic for today is media integrity. We're looking at a rather misleading headline for an article. Don't forget -- a lot of people don't have time to get into content, the headlines "tell the story". Just where the heck does the author of this piece get off with the "may rise" part of the title? There's literally nothing in the article to support this. Digging into the article, there's a mention of Viruses being spread by the iPod -- to Windows XP boxes, no less...

Let's just do the numbers here for our dear Apple brother's in arms (Okay, some of you may disagree with my wanting to side with people buying proprietary solutions, but bear with me -- I'll address that at the end).

ANALYSIS_MODE=1
Let's do some shell code to get to the bottom of this. I'll use the basic calculator to find out just how comparative, numerically, this virus threat is:
# echo '12/13000' | bc
0
Yep, I'm injecting some shell lessons in here, for those of you who own something with a POSIX-like interpretor (Believe it or not, Mac owners, that means you too -- please don't scream in terror at the sight of command-line stuff, it's gotten a bad rap over the years ;). For those of you with Windows systems, you can easily and happily patch your systems to have this added functionality by loading Cygwin on your system. I'd recommend Microsoft's own solution -- but last time I loaded it on a Windows PC it turned on (using default settings) a host of insecure crap and basically was no where near as stable or as comprehensive in functionality as good ole' Cygwin. FOSS to the rescue, once again!

Returning to the simple shell commands above. That answer is a bit misleading because we don't have the scale high enough (not enough leading zeros). We can easily adjust this:

# echo 'scale=4; 12/13000' | bc
.0009
Okay, so we have definitive proof that in fact, there are, percentage-wise, a comparable number of viruses for the Mac. In my Mechanical engineering days, however, the number above would potentially be used to judge a material strength (imagine that I was selecting material to build a support beam, for example).

One material (a Mac) would be structural steel. The other, (Windows) would be comparable to something with far less usable strength, say, an inert gas, like nitrogen.

In other words, I'd argue that the number .0009 may as well be zero, for all practical purposes, when it comes to security. Heck, given the data and no idea about what's behind it, almost anyone with a statistical mind would potentially round that number to zero or assume it's an error based upon bad data points.

SPECULATION_MODE=1
Getting back to the point at hand, however, why do we see articles like this every year? Year after year, people predict that there will be more and more Mac and Linux viruses, and year after year, it simply doesn't happen. As a reference, I'd like to offer the following speculative data points of my own for what's behind this phenomena:
  1. Some clueless tech journalist, learning how to fill their in-box with what appears to be hate-based spam.
  2. Astroturf (Trust me, the term is overused and abused, but should never be ruled out).
  3. Inside tech humor (See: Articles by John Dvorak).
  4. People living in an alternate reality, intruding occasionally into our universe with articles that somehow describe their world more closely. In this alternate universe, these people own the vehicular equivalent to a Sherman tank, yet somehow get bunted into the weeds pulling out of their driveway by errant children on tricycles.
Hmmm. I'm gonna go out on a limb here and vote for either 1 or 2. While 3's have been seen from time to time (I've been a victim of them, sadly), they're very rare (Sorry John, you need bigger disclaimers).

The type 4 articles are a stretch, but I'm not ruling them out just yet, due to my understanding of Quantum mechanics and how reality is in fact a nebulous thing indeed.

But why would I suspect this of being a type 2 article at all? Well, it's the source. Possibly it's not AstroTurf (An article written to appear as serious journalism, but in fact is funded by someone with deep pockets and a hidden agenda) -- but here's why I'm suspicious of CNN when it comes to technology news stories and Apple.

Time Warner owns CNN and it also owns something called AOL -- or was it the other way around? It's all that dot-com insanity if you dig down into it. Anyway, they've got a stock interest -- that's the point I'm making here. In case you're wondering about stranger coincidences, take a look back around September for stories on iPod hearing damage on CNN, right around the same time Microsoft was buying stock in AOL.

That stock interest tilts the story, in my humble opinion. CNN is a news site but Time Warner is a profit center, which unfortunately for the people on the news staff, means stories like this will never give them an honest shake -- someone else, with less bias, is simply going to have to tell the story in this context.

Except, they didn't -- a quick Google search confirms that "iPod hearing loss" and CNN are rather frequently found together.

Don't get me wrong -- it's likely (just like Sony Walkmans) possible that iPods can be used to damage your hearing. My Mustang GT can be used to exceed the speed limit too. I should sue Ford motor company. My sink can be used to flood my house -- I should get CNN to do a series of stories on how dangerous the most popular sink faucets are -- oh wait, they don't have a competing stock interest to serve, so likely this simply isn't going to happen.

For what it's worth, I'm only picking on CNN here for the sake of example -- other news outlets (Do I need to jokingly use the phrase "Fair and Balanced" to illustrate?) have their tilts on other axis. The main point I'm trying to address here deals with how monetary interests of large corporations (Microsoft would be inclusive) tend to tilt news outlets. For what it's worth, the author of this story may not have chosen the headline -- it may have been done for them. Even if it's their own headline, an editor of the site might still be behind it, shelving more direct news stories in favor of ones that help the company bottom line.

You don't have this problem here at LXer. I know this because I've had discussions with the editors, and I know Dave (and Bob) Whitingers intentions -- they want a Linux news site about Linux first.

Some of you may not care about this very real and fundamental difference, but I'd argue that you should. A lot of you can simply, intuitively, "feel" this honesty. It comes in strange forms -- in editorial comments, in the way talkbacks are moderated -- in the very real consideration of the advertisers on the site.

Community focus isn't always the most profitable thing to do (it doesn't mean it can't make money though) -- LXer.com has grown to be something of a great community gathering point -- something very intrinsic to the longevity of the (FOSS) Free / Open Source Software movement. If it's about Linux, and it's news, it's here. The editors strive to make sure that the best news is posted in a timely fashion and they think about things like the bias above when they're posting. The site is more about a safe haven for discussion than anything else. This, along with a focus upon integrity makes for a winning, lasting formula.

Speaking of my own bias; It's heavily tilted for obvious reasons; I firmly believe in FOSS as a long-term solution to a host of technological problems. Yeah, that may on the surface sound very contradictory -- but in actuality there's an honesty involved that's sorely missing in the context of supposed "Mac" security in any CNN article (for example). No surprise, I'm admittedly a Linux bigot -- one willing to tell it like I see it from my own point of view.

Overall that's one of the reasons a news source gains credibility -- people over time learn to trust based upon conditions like this, and the reality -- the view of which we're all after, after all -- makes itself all that much clearer.


References:
     
  1. The article about "Mac virus threats on the rise" CNN:
    http://www.cnn.com/2006/TECH/ptech/10/20/apple.virus/index.html
    For what its worth, I'm not totally ruling out ineptitude on the part of the author of this story. My story is about appearances and intention, both of which I think stand for themselves based upon the evidence at hand.


  2.  
  3. You can find the article on CNN's web site about the stock purchase, but cannot, for some strange reason, find the iPod related articles -- they've expired. I know for a fact that the video feed of both stories were very close to back to back on or around September 15 of last year -- I was at my local work-out facility, and CNN was playing for everyones' enjoyment in the room. The "tilt" button lit in my head the moment that the iPod hearing damage piece was done and the stock purchase piece started shortly thereafter. Here's a link to the article:
    http://money.cnn.com/2005/09/15/technology/aol_microsoft/
  4.  
  5. Apple computer users, "Brothers in arms?"
    It's my humble opinion that as Apple's desktop market grows, Linux desktop growth is made easier. The main reason is that as people learn of choice in general, they will likely be more open to the idea of other choices, including Linux. Don't forget that Linux desktops are now available, unlike years past. The simple act of asking "What else is there?" may lead people to chose Linux as an alternative where they might not have in the past. Other than that, OSX is a pretty face -- I don't see myself using it, but I have friends that love it -- most of them complete non-geek types. Summary: It's not my choice, but it might lead others to accept Linux as a viable alternative if they see other non-Microsoft choices, such as Apple.
  6.  
  7. Cygwin is a port of Free Software utilities to the Windows platform. It's the first thing I load on a Windows computer if I'm stuck using one for any length of time. I then setup X windows and my favorite window manager (XFCE, but many others are available) and treat Windows like a badly debugged, horribly inefficient layer for things like X, vi, and bash. You can download it here if you're interested.
  8.  
  9. On math and the shell:
    Yes, I am aware that some shells support floating point math with $(( )) syntax. It's not a hard and fast feature (rather recent versions of bash, for example, don't support it). This obscure reference is in the article so that die-hard KSH-88+ fanatics can't whine about the added process overhead I've incurred by invoking an external command (the bc above) to do something 'built-in'. And of course, perl, awk and possibly zsh with the right extentions can do it easily. I'd use awk in most cases, it appears to have even less overhead than even bc:
    # ps -e -o "comm,vsize"  | awk '/perl/||/bc/||/a[w]k/'
    bc                2104
    perl              2756
    awk               1960
    
    Your milage may vary :0)



Paul (FeriCyde) Ferris is a Linux professional and community member. He has been using Unix and Linux for a combined total of over 17 years. His articles have graced LXer.com, Linux Journal, LinuxToday, LinuxPlanet, NewsForge and various other Linux news and technical information sites. His recent expertise with enterprise-class implementations of Linux have lead to the creation of the the batchlogin project, his first large-scale Free Software project. A husband, father and more, yet his technical passion is Linux and has remained so for the past 13 years.

  Nav
» Read more about: Story Type: Editorial, Humor, LXer Features; Groups: Community

« Return to the newswire homepage

Subject Topic Starter Replies Views Last Post
i agree.. i agree... cuzican 4 2,461 Sep 26, 2007 10:16 AM
When the numbers are already near zero... Syscrusher 5 2,337 Oct 25, 2006 12:35 PM
Reaching for a metaphor dinotrac 7 2,560 Oct 25, 2006 11:38 AM
dc jezuch 2 2,257 Oct 24, 2006 7:29 PM

You cannot post until you login.