We know Microsoft is in the midst of a campaign to destroy the idea of Linux being less costly in the server field. And we know they are starting to speak out more and more these days about the "dangers" of Open Source hurting the IT business field.
I was wondering, since Microsoft has some really good software engineers and really good computer science people, do you think they would ever make a "Linux" virus, worm, trojan, etc and release it to the internet?
I'm sure that with the talent they have working at Microsoft, they could come up with something, say a trojan in an application and release it to be downloaded by a third party. For example, a Word 2000 converter or an Excel spreadsheet viewer for Linux. Eventually, it would be found but if they covered their tracks, Microsoft may never be blamed.
Meanwhile they might benefit from raising the spector of a new "Linux" trojan or virus being present. And destroying the concept of Linux being more secure (which it is not unless you take precautions such as a root password, limiting access to and from the internet, etc).
Are we dependent on their conscience? Or would there be too much risk in being found out? Have they tried this in the past?
Well, now I'm going back to my book on how the Illuminati started World War 2 to set back German industry since it was getting too greedy. :)

Are we dependent on their conscience?
More like they're dependent on ours ;)

I think that is pretty unlikely. The benefits of such a plan would be small, but getting caught at it would be a public relations disaster.

MS has more powerful methods at its disposal, e.g., patents, armies of lawyers, and many billions in cash.

I would rate this as highly unlikely for about 3 solid reasons.

1) They have the same problem as any virus writer. 99% don't run as root, 1/2 use OpenOffice spreadsheet, 1/3 use Gnumeric, 1/18th use vim (kidding, have no idea), 1/4 use Corel's offering... Mix that up with Mozilla Mail, Evolution, Kmail, pine, firefox mail (I think I saw a standalone client), mix in every flavor of kernel 2.2.x through 2.6.x) and so many recompiles, and different distro's with slightly different storage places, etc...the list goes on. So, to make a trojan of the magnitude you are talking about, they have to focus on a low level kernel flaw.

2) In order to be able to really find a low level kernel flaw, that will allow root exploit, and then propagate something, I think it is safe to say that at least 20-40 people are needed to extensively scan the kernel source. They have to be able to find a major, or critical flaw that none of the other kernel developers saw.

3) You have to keep 40 people plus management quiet forever. I don't know about you, but the odds of this happening are slim.

I would not put it past them that they have at least thought of this, maybe invested some resources, but ran across the difficulty in making a broadly applicable trojan/virus. I would submit that at any given time, a very well written trojan could find the right conditions to propagate, what 5% of the time? Just a pure guess.

That isn't to say that they would not LOVE to see it, but MS will remain king of automatic virus propagation and trojan dispersal for many years to come.

hlrguy

Originally posted by hlrguy
firefox mail (I think I saw a standalone client)
You mean thunderbird?

I think it's highly unlikely they do such a thing. It's possible, off course it is. But I think those things are discovered soon enough to not be a very large problem. And, as said - wth would I want a .doc-reader or whatever for?
It's fun to speculate about, nevertheless.
Sam

Perhaps not M$ directly.....M$ helps to fund SCO and SCO's normal business is all but gone so "they" have plenty of programmers just sitting around who ostensibly know *nix......hmmmmmm!! :D



G

Just a "linux virus" question: Is it not conceivable that an email worm could be passed around, unsuspecting linux users (Ha!) would open an attachment, which would email itself to some random emails found somewhere, and attack sco.com or something (on second thought, would that be a bad thing? ;) ). Even though a user wouldn't be able to destroy his own system, multiple users could slow down a network/website. Or am I missing something (other than the fact that most linux users know not to open strange attachments)?

Originally posted by hard candy
I was wondering, since Microsoft has some really good software engineers and really good computer science people, do you think they would ever make a "Linux" virus, worm, trojan, etc and release it to the internet? Have you not seen me post this the 15 other times people have asked why there aren't as many Linux viruses?

http://www.roaringpenguin.com/about/articles/anti-virus.php

;)

And just for you, I'll post a link to the other page that talks about all this in detail:

http://www.linuxmafia.com/~rick/faq/index.php?page=virus

But that's just Rick's opinon, he could be wrong...

wait, wait, wait! I am Rick....could I be wrong? Perish the thought!! :D Perhaps not as "right" as some might want, but....Wrong???? lol



G :D

I'd say you're more at risk from any of the thousands of average joe's that might try writing a linux virus.

MS talent should be busy finding their next buffer overflow vulnerability. :D

Originally posted by GigaShadow
wait, wait, wait! I am Rick.... D'oh!

I was debating whether or not to make that "but that's just Rick Moen's opinion, he could be wrong", and decided not to. I think I should have... :p

Anyway, in case you haven't gone to that page yet, the title of it (what gets displayed in the browser title bar) is "But That's Just My Opinion, I Could Be Wrong". That's why the comment. ;)

Originally posted by hard candy
Well, now I'm going back to my book on how the Illuminati started World War 2 to set back German industry since it was getting too greedy. :)

That's not why they did it!

Besides, you don't have to start a war to stop industry, just tax it. That's the only reason to still have taxes when money can be printed for free: to control the people (private individuals, companies, and organizations) and limitting inflation.

Hmmmm... How do we know that hard candy isn't a double agent working for bill and creating that trojan to be released on the internet? And being the uber agent that he might be, he is now just beginning his track covering procedures that he learned at ms secret agent school at mdwatts' secret castle in canada. :eek:

Oh no!! I can't find my tinfoil hat!!
:D

Hmmmm... How do we know that hard candy isn't a double agent working for bill and creating that trojan to be released on the internet?

Actually, MDWatts and I did work for Micosoft from 1994 to 1999. I was Vice President of Software/OS Relations . And MDWatts was Senior VP of OS Security.
We both got canned at the same time for incompetence, so in our bitterness, we started using Linux.
I would never go back to work for Microsoft unless the money was good. MD said he would never go back unless that pretty secretary called him.
We did try to cooperate with other OS's and software companies but if they will not tell you how they designed something, what else can you do except buy them? And MD had a hard time convincing the programmers and software designers, you should enllarge the buffers not over run them. They just wouldn't get it. So it wasn't our fault- we were unjustly fired.