[kwlug-disc] so ... what's your opinion on linux anti-virus software?

unsolicited unsolicited at swiz.ca
Fri Feb 6 00:48:11 EST 2009 

Chris Frey wrote, On 02/05/2009 10:44 PM:
> On Thu, Feb 05, 2009 at 09:20:52PM -0500, unsolicited wrote:
>> I think you have many things wrong here. Playing devils advocate ...
> 
> Thanks for your response.
> 
> I should have been more clear about my first reply.  I wasn't really
> replying to Robert's specific question, but more to the thought processes
> of his friend, and I didn't make that clear.  Sorry about that.

Fair enough. It doesn't change anything, but fair enough.

Thanks Lori for:
	< Insert fantastically cogent uber-rant. >

	- you caught the spirit and intent. I'm still chuckling over your 
one-line summary.

As indicated, devil's advocate, and yes, somewhat, but only somewhat, 
extreme.

Chris, you are absolutely right, in a perfect world. Everybody would 
have the time, inclination, and energy, to learn everything about 
everything. It just ain't so. If you'd like, wherever you saw toaster, 
substitute digital camera or mp3 player. Which is, really, just a 
diskette in another form. How about a cell phone?

For you, me, most everyone else at the LUG, we have the inclination, 
and we make the time. Energy, I'm not so sure of - as John alluded to 
it not long ago, I (we?) seems to be have less and less of it every 
year. (-:

But we have no business expecting the same of those not similarly 
inclined. We have every business of encouraging them to use these 
tools to do something. They should be able to do so without having to 
learn computerese and be constantly looking over their should in the 
process.

We have long past the point of expecting every car owner to be able to 
do their own tuneups. The complexity has gone past us. As with computers.

> I was arguing from the point of view of a user switching his own personal
> computer from Windows to Linux.  Perhaps my post makes more sense
> in that light.

My arguments apply to any user of any computer at any time.

They sit down to get something done. They don't sit down to use or 
apply security updates, virus patches, or OS / kernel updates.

Say I had a pleasant afternoon and took some pictures. Now I'd like to 
see them. Full stop. That's all I should have to think about.

Say tomorrow I take an 8 year old for an afternoon and take some 
pictures. We'll go home and fire up edubuntu to look at them. He 
shouldn't have to worry about viruses. Not that they will prevent his 
computer from booting, not that they will destroy the pictures he so 
carefully crafted, not that opening one will take him to a porn site. 
And he shouldn't have to worry that sending a picture to grandpa may 
give grandpa a virus.

They (users) know viruses and other 'bad things' are out there - given 
our education and practical experience. Better be protected. Don't 
understand them, but better be protected. Doesn't matter whether I 
need it or not, I need to know that I'm covered. Full stop. I need to 
not have to think about this any more. I installed Kubuntu and klamav, 
I'm protected. I've been responsible. Full stop.

If only it were that simple. It should be that simple. It should be 
part of the distro.

	Let's not get into why it isn't at the moment. Beyond, for Linux - 
because doing so would bless a particular app, and the resulting noise 
"just wouldn't be worth it." For Windows, it's because MS understood 
it had to leave some hole for other people to make use of if they 
wanted other vendors to join their bandwagon and play in their 
sandbox. Except ... if MS did it, imagine the suits when it turned out 
it didn't actually protect them. Hey, we can sucker Symantec into that 
position instead! Cool!

	Never mind MS bastardized the OS' into being OS plus apps. Without 
notepad and solitaire, it's just a blank screen. Hard for the 
marketing people to sell.

	I admit to a baffling inconsistency in that they included a defrag. 
Or the other extreme of grinding Netscape into the dust for having a 
better app than the one that came with the distro (Windows).

> If you still would have written everything you did when just talking about
> a single user's PC, switching from Windows to Linux, well, then I have

If you have a computer. That's all it takes. I essentially can't 
conceive of a computer without any connectivity. Computers produce 
things. How do you communicate the results (or back them up)? Sneaker 
net? You're connected. You could bring back a bad diskette.

Yes, we should learn safe computing before we open the box. Just like 
most everything else, we don't. We have to deal.

In your particular example ... people from Windows have learned they 
need certain things to 'feel safe'. I perfectly understand why Bob got 
asked the question he did. Windows, or anything else, the same 
principles apply. Whether Linux is likely to get a virus today, it 
will tomorrow and as the years come. Take 2 pills and call me in the 
morning. You'll feel better (safer) for doing so.

> a nice semi-rant of my own that I almost posted before realizing our
> different topics. :-)  I think we ended up talking about two
> different things, due to my lack of clarity.
> 
> To be clear, my views:
> 
>         - for a single user, virus scanning isn't really needed on Linux,
>                 since he should be learning his own machine... this
>                 does not include users that have to pound away at a
>                 machine for work... those users truly don't care

There is no such thing as a single user in a connected world. We live 
in a connected world.

>         - for an admin, virus scanning is just one of those plugs in the
>                 dike, and a valuable asset to security... others have
>                 already answered that question better than I can

Every single machine needs anti-virus, anti-everything. It's CPU overhead.

We have to be responsible to those who connect to this server. We 
cannot be certain those who do have been so responsible. We do not 
live in a responsible world - if we did, there would be no malware.

For years the argument against it has been waste of precious CPU 
cycles. Maybe there's some truth to that. Today, I think less so in 
this age where CPU cycles aren't so precious, now that we have so many 
of them with our dual cores, and GHz speeds. Just how often have you 
seen any computer, except very hard working servers, e.g. sql, 
particularly desktops, running both processors at 100% for more than a 
few seconds. Excluding bugs / run away processes, and the like.

Chris, you're not wrong, and no harm or foul. It's just a common, 
long-time perspective we need to get over. Yes, this is an academic 
discussion, and to some extent I'm playing devil's advocate. But only 
to some extent.

It's the apps people. (And anti-whatever isn't an app, it's overhead. 
And we shouldn't have to think about it, it should just 'already' be 
taken care of by virtue of having an OS.)

Look at Bob's recent post (beagleboard). Why should he even have to 
think about these issues? Think of fridge computers. How long before 
the fridge computers are beagleboards? They should all just be safe, 
forever safe / self-updating, out of the box.

But the world we live in says, install anti-virus - take the pill. 
You'll feel better. It should already be there. We shouldn't have to 
recompile the kernel, taking us out of the (security) update stream in 
the process ('specialized' kernel).

</rant - with apologies (^:>

It's the apps, people.

More information about the kwlug-disc mailing list