I find it amusing when the same human beings who rationally promote GNU/Linux on the server get hung up on small details when the subject changes to the Desktop. Sam Varghese points this out:
“Both Weber and Behlert were at pains to point out that the SUSE enterprise desktop would cost less, provide inter-operability, ease of use, desktop security and ease of management far in excess of other operating systems. But still, they said, it would be incorrect to position SLED as a full replacement for Windows.
Asked whether this was due to the licensing agreement which Novell had signed in 2006 with Microsoft, both replied in the negative.”
see But what happened to the desktop?.
The fact is the same characteristics that make GNU/Linux work on the server are available on the desktop and they are more than sufficient to choose GNU/Linux desktops. One does not “need” a particular M$-only application any more than the world needs only one brand of car. We need generic software for IT and we should shop around. Many can and do work without M$’s OS on the desktop. The performance, reliability and security are great as is the low cost. What’s not to love about IT based on GNU/Linux?
In fact, RedHat which is doing very well on the server has lots of clients using GNU/Linux and OEMs are shipping millions of units. They just are not as tied to M$’s apron strings as Suse.
RedHat:
“What do Vanderbilt University, the University of Stirling in Scotland, and Yuba K12 School District in Northern California have in common?
Along with thousands of other higher-education institutions and K12 school districts globally, they’ve chosen Red Hat® to enable their IT infrastructures and encourage students to learn in new and exciting ways.
Desktop or server. To teach. Learn. Manage networks. Or develop and conduct research. Red Hat can empower you with affordable, reliable open source technology.”
The quality of FLOSS is superior to non-FREE software in many ways but measures of cost and quality are undeniable:
“The democratization of innovation has also demonstrated a remarkable solution to the problem of The Mythical Man Month, thereby transcending the limits of conventional industrialization. For example, sourceforge.net is an open source development resource that hosts over 180,000 projects and has more than 1.9M registered users as of December 2008. Extrapolating from the extensive FLOSS (Free, Libre, and Open Source Software) survey of 2002 (and updated in 2005) there were over 490,000 sourceforge.net developers in 2006 [when the thesis of this section was first developed--tiemann] who spend more than 10 hours a week or more tending their open source projects —an aggregate effort of some 5 million person-hours per week. The three top reasons they list for their involvement is:
1. Because it’s fun
2. Because it improves their skills
3. Because it is good for society
Note that this does not include Linux developers (who use kernel.org, not sourceforge.net), nor Apache, nor the GNU project, nor many of the other larger and more heavily commercialized open source projects. To put these 5 million joy-filled person-hours per week into perspective (again, this does not include Linux, Apache, GNU, or many of the other “large” projects), let’s look at the productivity potential of the most successful proprietary software company, Microsoft, in two ways (using numbers that were contemporaneous with the FLOSS survey data, October 2006):
1. If all 61,000 employees wrote code, they would have to work over 80 hours/week
2. If Microsoft’s $6.6B/year R&D budget were spent on programmers averaging just $25/hour, they could pay for about 5 million person-hours of work per week
Thus, the sourceforge.net website has equaled or exceeded Microsoft’s productive potential using a social, not an industrial model. When we consider all the open source developers not included in the sourceforge.net numbers (numbers that are increasing exponentially), we see the clear emergence of a new software production capacity entirely outside the conventional limits of the industrial model. Moreover, we find precisely the kind of improvements that Deming would have predicted by taking a transformative approach: according to findings published by Coverity, typical proprietary software has a defect density of 20-30 defects per 1,000 lines of code (KLOC), a number relatively unchanged since the 1960s. When they measured the quality of the Linux kernel (and later, other open source software) they found the following results:
2004: 985 defects in 5.7 MLOC of Linux kernel source code, or 99.3% lower defect density than average (compare to 114,000 to 171,000 defects in same amount of code)
2005: While the Linux kernel grew 4.7% in overall code size, defect density decreased by 2.2%. Moreover, 100% of all “serious” defects identified were fixed within 6
months
2006: The survey was expanded to entire LAMP stack and an additional 32 OSS programs. No correlation found between size and defect density, implying OSS development methodology is not limited by scale (nor restricted to just Linux developers)
What the top industrialists could not achieve with proprietary software and financial capital, free software has demonstrated with community development and intellectual capital.
…
“
That’s not too different from my oft-repeated expression, “FLOSS is a cooperative project of the world.”. The world can and does produce its own software for server and desktop. Not using GNU/Linux without any reason is questionable. Dependence on particular applications is not an excuse for poor design of IT systems. The mistake was often choosing to be locked-in to the non-FREE model of software development long ago.
Ignoring those kinds of savings on the desktop due to imaginary problems is foolish. RedHat and others have a hard time making money with GNU/Linux on the desktop because so many are locked in but that doesn’t mean the rest of us cannot save big money by using it. Canonical, Dell and many other OEMs do make money shipping PCs with GNU/Linux but we can install it ourselves customized as we wish at very little cost. I recommend Debian GNU/Linux on client or server because it works. GNU/Linux works for Munich, School Divsion 73 in BC, Canada, the city of Largo and Google on desktops and servers. Why not you?
17494
12787
206
3
2
23945 
11876 
11726 
4650 
4272 
1641 
198 
14 
2 
0 
0 
0 
[ubuntu] Suspend and hibernation problems on Laptop.
view story
linux-howto
http://ubuntuforums.org – I have a Acer Aspire 5515, 1.6Ghz AMD, 3GB RAM, ATI Xpress 1200 graphics. I’m running Ubuntu 12.04 LTS 32 bit. I cannot suspend or hibernate, I’ve tired many of the options I’ve found via google (scripts, uswsusp, etc, etc) but nothing works. When I go to hibernate all that happens is the system goes to a blank screen and never shuts off, left it up for 15 mins, nothing, end up having to power down and restart. If I attempt to suspend, it seems like it will work properly, but then it will not come back, you just see the screen flicker ever so slightly and it never comes back up, tried (Hardware)
http://www.linuxine.com/story/ubuntu-suspend-and-hibernation-problems-laptop
eug, your point is what? That a consumer installs GNU/Linux and has a problem? Consumers have problems installing toilets, too. What’s the point? Do you think a consumer would have no problem installing that other OS? I can tell you that’s not so. I’ve done it a few times and had lots of problems: drivers, malware, slowing down, hangs, re-re-reboots, going in circles following M$’s helpful links…
I have taught students to install GNU/Linux on random PCs in schools and never had a problem that stopped them. I wish they had. They might have learned more.
Hibernate is an pending issue from prehistory til now.
Dektop boxes do not suffer this problem.
Servers do not need 3D video drivers,
do not need wireless drivers
and do not need hibernate.
I love linux but i´m conscious of its limitations.
GNU/Linux seems to have been “ready for prime time” for a while. The aforementioned problems above could possibly be mitigated by buying GNU\Linux PC’s pre-installed. That way, the OEMS could fix these problems before the user ever sees them. If users had to similarly install Windows themselves,I believe that GNU\Linux and Windows would be on much more even footing. The problem seems to be that nobody sees what OEMS do behind the scenes. In some cases that means testing certain hardware configurations in advance or writing custom drivers.
I’m curious, If you were to take a computer that had no OS on it, how long would it take to figure out how to install Windows. Does Windows include all the drivers for everything to work out of the box? Somehow I dont think so. I have never tried to install Windows from scratch, but I have with GNU\Linux. Mostly things just worked, even on distros which don’t use any proprietary drivers at all (though 3D graphics was a problem on one of my machines in that case).
Installing Windows OS from scratch can take an entire day.
ssorbom certified if nothing else solves so many problems.
eug servers do need hibernate when operating in remote areas running on solar. Wake up on lan can undo hibernate. Difference is this is hibernate to ram and you don’t have battery failure.
http://www.h-online.com/open/features/Kernel-Log-Coming-in-3-6-Part-5-Infrastructure-1713041.html
For laptop users there is a change in the upcoming 3.6 to allow hibernate to ram and hibernate to disk at the same time so a OS X, Windows default style hibernate.
Servers use a different style of hibernate normally because suspend to disk takes too long. 30 secound around loop lag for disk suspend is not workable to a server. Ram that is under 0.1 of a second is workable. In fact fast enough that server can go to suspend and wake up to answer packet and user does not even know it did.
Finally for hibernate to work right you need certified hardware. Acer Aspire 5515 is not certified. Lot if you run the http://biosbits.org/ you find out why they are not certified. Sections of the bios can be dead for suspend patched by driver in windows. Yes those a default install of windows without hard-drives also does not suspend on a lot of laptops because generic drivers will not work.
–Servers do not need 3D video drivers,–
Changed in recent years with opencl and other GPU off loading.
–do not need wireless drivers–
Routers need wireless drivers.
–If I attempt to suspend, it seems like it will work properly, but then it will not come back, you just see the screen flicker ever so slightly and it never comes back up, tried (Hardware)–
Acer Aspire 5515 is particular fun. Yes it comes out of suspend screen remains black because the back-light of the screen is not turned back up its still turned down to min values. Yes the screen flicker was it waking up. The bios in it fails to restore the pre suspend value to the screen. Yes it will do this on Windows as well if you have not installed the Acer drivers. This kind of fault is avoided using maker Linux certified hardware for Redhat or SUSE.
There is a fix kinda. Install tuxonice(software hibernate implementation not dependant on hardware) issue it only has save to disk not save to ram. Acer Aspire 5515 drivers for windows disable it hybernating to ram as well.
So if you make Linux work like Windows with makers drivers installed on that hardware it works. Otherwise it fails.
ssorbon wrote, “Does Windows include all the drivers for everything to work out of the box?”
I once installed XP on a system and the NIC was not recognized. The installation CD predated the revised device. Good luck downloading a driver. Strangely it was a very common NIC but revision “C” or something. The same machine had been running that OS earlier. Didn’t think to save the driver during a re-installation. I think we changed the NIC to carry on. That was a long time ago, about 2001/2, most likely. GNU/Linux ran fine on the PC out of the
boxCD.eug wrote, “i´m conscious of its limitations.”
What? Like some ridiculously large number of open files or processes? I have never encountered any task or configuration of hardware GNU/Linux could not handle. There may be exceptions but they are pretty rare. For most people there are no such limitation, being a single user on a single PC.
I could also comment on the limitations of that other OS, some not technical but arbitary like the
1015 PC limit in the EULA. Most ordinary users are not aware of that one and when their system expands they violate the licence. I have been in a lot of schools that allow file-sharing amongst any and all PCs regardless of the licence. I once saw a PC used as a media centre in the bush quit working because Vista could not phone home.I am not aware of all of the limitations of that other OS but it seems there are a lot more than GNU/Linux has. One of my first recollections of GNU/Linux is that in a bad situation it gracefully allowed me to kill off process or reclaim resources and keep running. That made my day.
Installing Windows OS from scratch can take an entire day.
Sure if you are a moron and start with Windows 1 before upgrading through all the versions to Windows 7 SP 1.
A Windows 7 installation takes less than 30 minutes, pizza delivery takes more time.
Ivan it can take a complete day if you have to install third party drivers and they are a pain in but to get.
This happens if you use non certified hardware.
Windows 7 30 mins is if you have a certified machine.
The key word is can. Its directly related to the quality of hardware you are using.
Re: Installing Windows OS from scratch can take an entire day.
Agreed!! That’s why I charge higher for Windows repairs. The worst is XP or Vista so much bloat!
Conscious of limitations? You reminded me of a few quotes.. “Born into a prison that you cannot smell or taste or touch. A prison for your mind.”
“I know you’re out there. I can feel you now. I know that you’re afraid. You’re afraid of us. You’re afraid of change. I don’t know the future. I didn’t come here to tell you how this is going to end. I came here to tell you how it’s going to begin. I’m going to hang up this phone, and then I’m going to show these people what you don’t want them to see. I’m going to show them a world … without you. A world without rules and controls, without borders or boundaries; a world where anything is possible. Where we go from there is a choice I leave to you.”
“You have to understand, most of these people are not ready to be unplugged. And many of them are so inured, so hopelessly dependent on the system, that they will fight to protect it.”
With any Linux distro once the base is installed I have never gone past 15 minutes, perhaps no more then 10 installing all the updated code.
Re: hibernation.
Like that’s a show stopper. I use Linux Mint 9 on the desktop and Mint 11 on my Dell 1525 Inspirion at the office, both hibernation features work just fine, perhaps you did not know what you were doing?
Windows 7 30 mins is if you have a certified machine.
No, Pete, Windows 7 installation happens in 30 Minutes or less unless you specifically choose hardware that is not supported.
Doing so would make you a moron. Are you a moron, Pete?
dougman Dell 1525 Inspirion is certified hardware.
Makes a huge difference to you bugs.
Hibernation works on the certified stuff. The non certified stuff you might need to beat it around the head with tuxonice with Linux or install makers drivers with windows to get a from of hibernate that kinda works. When you know what you are doing hibernate to disc you always have and it always works.
Quality hardware is Quality hardware.
Basically there is a lot of crap hardware that people waste their good money on. If people would not buy the non certified stuff hardware makers would be required to fix the stuff.
Ivan
–No, Pete, Windows 7 installation happens in 30 Minutes or less unless you specifically choose hardware that is not supported.–
The hibernate issues with Linux is the same issue as Windows installed from a retail disc. Installing from a retail disc is what you have todo in case of makers image on the harddrive gone by by and the user failed to burn them.
I find a lot of people come to me with Windows machines with issues. Cause the hardware was not certified. They have not used the hardware makers reinstall image(that was on there hard drive that died) so have used retail disc as recommended by Microsoft. And they have not installed the makers drivers to fix the bugs in the non certified hardware of their laptop.
Acer Aspire 5515 is not certified for Windows or Linux. Yes just because a computer has windows installed and runs does not mean the bugger is certified to be running Windows. If people where not incompetent Ivan items like the Acer Aspire 5515 would never sell.
Yes a Acer Aspire 5515 will complete install without drivers of Windows 7 in 30 mins. But it will not hibernate properly until Acer drivers are added. Due to acer drive installers been slow bits of crude add 2 hours. Compared to some that is down right fast.
So yes people buy non certified hardware and run windows on it. Then they go and attempt to run Linux on it and cannot work out why they have hell. Lot of problems are avoided by not having crap hardware. Make re-installation if you ever have to so many times nicer with certified hardware Windows or Linux.
Reality is lot of the issues with Linux and hibernate fall into the camp the user does not know what quality hardware is.
You walk around most retail stores with the certified lists from their makers you will find over half of the computers on sale are not certified. Yet people buy them. They should be left on the shelf.
The list of issues around Linux computer supports lots is that people are buying crap.
Ivan scolded, “No, Pete, Windows 7 installation happens in 30 Minutes or less unless you specifically choose hardware that is not supported.
Doing so would make you a moron. Are you a moron, Pete?”
No, it would make Pete a fool for trusting that other OS to be a general-purpose OS as the trolls here tell us. That other OS does run on a lot of machines but many of them have drivers installed by the OEM that may or may not be available to end users. I remember a time when HP would give me a driver for a printer but M$ would not give me a driver for the USB part. I was running Lose Me so I didn’t need anything state of the art, just something from the archives. No good.
@Ivan “No, Pete, Windows 7 installation happens in 30 Minutes”
Even as a non techie I know this to be wrong. After installing the miserable nothing that windows is that is where the problems start. People then have to download and install all the drivers for their specific bit of kit. Download antivirus and update….and on and on until even non techies like me realised a long while ago Linux is easier, safer and better.
satipera wrote, “Even as a non techie I know this to be wrong.”
Good list of chores but the biggie is applications. Imagine having to install dozens of applications on a machine. With GNU/Linux you can just ask for kde-desktop-environment or whatever and it happens while you go to lunch. I did an installation of “7″ once to revert a GNU/Linux installation. It took hours and we never did get the printer to work nor the networking with the XP and GNU/Linux machines. For that machine I had to explicitly install OpenOffice.org, anti-malware, Chrome browser, two printer drivers and a whole bunch of updates because the CD was a year old. The user had insisted on going back to that other OS and I never could get it to work for her. She could not print on the printer at the end of her arm and she could not share documents with other teachers. We parked “7″ and I gave her another GNU/Linux box to finish her work.
When I originally posted I was referring to the base OS (plus whatever drivers were needed to get peripherals working). As much as I don’t like Windows, I don’t think it is fair to compare their end user applications to those in, say, Debian. Microsoft isn’t even allowed to include everything by default (read Internet Explorer). If Microsoft were to try including their own sets of default applications for everything, they would probably be hit with an anti-trust lawsuit, at least if they used proprietary formats to save their stuff in. As I understand it, that is what the browser wars were about, more than the browsers themselves. Of course they could probably fix that by using real open standards, but that probably aint gonna happen.
ssorbom wrote, “Microsoft isn’t even allowed to include everything by default (read Internet Explorer).”
Good, that tips the tables of competition back 0.01 degree.
Nevertheless, while naysayers deride the effort required to install apps in GNU/Linux, the fact that distros make it very easy is a huge advantage of using GNU/Linux at least for OEMs, system integrators and administrators. I think most users could figure out how to shop in an app market or use a GUI-package-manager. If not, it would take a minute or two to learn how via the web.
There are many reasons to prefer GNU/Linux all rational and sufficient on their own. Millions do.
The naysayers are paid by M$ to spread fud about GNU/Linux. Whether you temper your comments in a misguided show of fair play they will still do everything in their power to silence you.
“The naysayers are paid by M$ to spread fud about GNU/Linux.”
Really? Where can I get some of this PaidMicrosoftShill(TM) money!?
“Whether you temper your comments in a misguided show of fair play they will still do everything in their power to silence you.”
You mean like how I’ve refused to ban you despite your repeated, obvious, drive-by tolling on TM Repository?
” “Microsoft isn’t even allowed to include everything by default (read Internet Explorer).”
Good, that tips the tables of competition back 0.01 degree.”
That’s not good at all! Nobody here is saying “good, wifi broke in ubuntu, that’ll convince some people to stop using it”. We’ve complained about the issues because we DON’T want them to happen, not because we want to “kill linux” or some other fantasized BS.
You’re not interested in bettering technology, you just hopped on the Linux bandwagon back when it looked like it couldn’t lose. Now that you’re “team” isn’t doing so well, you’re happy every time someone else has to suffer. How weak as an individual do you have to feel that your arbitrarily chosen “team” has to win at all costs?
Why do you treat this like its some kind of battle and why do you feel like you have to “win” so badly? You’re so emotionally invested that it would seemingly break your heart to consider other people in this ecosystem for once.
“Hibernation works on the certified stuff.”
Then why does it work on Windows?
“The non certified stuff you might need to beat it around the head with tuxonice with Linux or install makers drivers with windows to get a from of hibernate that kinda works.”
Then why does it work on Windows?
“When you know what you are doing hibernate to disc you always have and it always works.”
Then why does it work on Windows? (without having to know “how it works”)
“Quality hardware is Quality hardware.”
Then why does it work on Windows?
“Basically there is a lot of crap hardware that people waste their good money on. If people would not buy the non certified stuff hardware makers would be required to fix the stuff.”
Then why does it work on Windows?
TM Repository. To be correct Paid Microsoft Shills are normally better quality than you. They have some competent arguments.
Microsoft does not pay for those who cannot hide well.
In fact some of those who create TM’s on TM Repository and don’t post else where are Microsoft. How do you pick it the message on TM Repository matches Microsoft Anti-Linux documents released latter exactly. Either MS is plagiarism or you are infested.
So you are free labour Microsoft has no problem using that.
“Microsoft does not pay for those who cannot hide well.”
Haha, yes, keep telling yourself that Microsoft invests millions of dollars into convincing 1% of the software market to switch to Windows. Meanwhile, it’s OSX eating Windows’ lunch right now, not any linux desktop variation.
Whatever it takes to make you believe it.
All of us here have experienced usability issues and development issues first hand, which is more than you or pogson can say about any Windows or OSX software in the last decade. Yet you keep denying that we saw what we did and create conspiracy theories to make yourself feel better. Anything to not have to admit that your beloved SOFTWARE has flaws!
TM wrote of that other OS hibernating, “Then why does it work on Windows?”
Hmmm… Google search for “* won’t hibernate”:
It doesn’t seem that hibernation is much of an issue for anyone, so why is it an issue for TM? Perhaps TM should change his tune.
TM wrote, “Why do you treat this like its some kind of battle and why do you feel like you have to “win” so badly?”
Why do you treat this like its some kind of battle and why do you feel like you have to “win” so badly?
In fact I don’t see this as much of a battle. */Linux is growing by leaps and bounds and M$ is stuck serving its slaves or vice-versa.
“In fact some of those who create TM’s on TM Repository and don’t post else where are Microsoft. How do you pick it the message on TM Repository matches Microsoft Anti-Linux documents released latter exactly. Either MS is plagiarism or you are infested.”
That’s not true at all. Please present these documents! Please, show me the similarities.
You realize, the TM’s are all based on things the FOSS community has said, right? You realize several of the TMs are based on things you have said specifically. You’ve been caught several times in your own lies by people posting links to those TM’s you inspired. That was the whole purpose of the site, to disseminate misinformation that LIARS such as yourself try to peddle.
So once again, PLEASE PRESENT THESE DOCUMENTS YOU CLAIM MY SITE IS SOMEHOW INVOLVED WITH!
“Why do you treat this like its some kind of battle and why do you feel like you have to “win” so badly?”
Get this through your head; I don’t. I don’t want anybody to “win”. I don’t want to see Linux die, I want to see it improve!
That can’t happen when fanatically devoted folks like yourself keep defending flaws and being yes man, towing the company line no matter what. You hate Microsoft’s corporate culture, yet you wholly subscribe to the exact same thing when it comes to FOSS.
THAT is what I have a problem with. A grown man so emotionally invested in a piece of software that he sees everyone as opponents rather than people being vocal about the condition of something they use. I’m interested in the social and psychological aspects because if a man like you were poorer or suffered some REAL hardships (instead of perceived software ones) then there’s a good chance you would become even more unstable and violent.
(Plus, you make the rest of us Canadians look like right wing fundamentalists with your inability to yield)
TM repository:
One of the people on your blog seemed to think my comment about package compatibility between distros was incorrect…
I present an excerpt of a wiki post WRITTEN BY MARK SHUTTLEWORTH HIMSELF on the subject:
“Some people might say “but I installed a Linspire package on Ubuntu, and it worked, so they must be compatible”. And yes, in many cases a binary package from Linspire or Debian will Just Work (TM) on Ubuntu. But this is “accidental compatibility”, not “certified binary compatibility”. Your Mileage May Vary (YMMV) is not the sort of certainty most people would accept, and can hardly be called “certified compatibility”. Many packages have very simple dependencies, and don’t really require specific versions of system libraries, and they may well Just Work. But if you look below the hood, at some level or other, you will find binary incompatibility in every significant derivative distribution, from Knoppix through Linspire and the DCC, with Ubuntu being no different.”
https://wiki.ubuntu.com/MarkShuttleworth
I apologize for not finding a suitable source sooner.
Shuttleworth goes on to say this about non compatibility with Debian:
“That’s what makes open source development, focused on the SOURCE CODE and collaboration around the code itself, more productive than proprietary development.”
Not all are happy about this (including, I think, Ian Murdock: http://ianmurdock.com/debian/ubuntu-vs-debian-reprise/)
I just thought you should know…
Mr. Pogson,
Whoops, sorry, I meant to continue
Mr. Pogson,
I am sorry if I got too off topic, but it seemed relevant to some of the things that have been said so far.
“One of the people on your blog seemed to think my comment about package compatibility between distros was incorrect”
Feel free to sign up and respond. We welcome discussion and encourage differing opinion; That’s why I built the site after all. Hell, there’s plenty of disagreements between the most active members but things stay calm, rational, and group-think is avoided.
Pog and oiaohm would disagree, but all they did was take a cursory glance at the About page, assumed it was an anti-linux site even though the page clearly states it isn’t, and dismiss it. Naturally, they both noticed the site was made using open source technologies (and hosted on a linux server) which they thought was ironic because, as usual, they didn’t read the About page.
Re: hibernation.
Like that’s a show stopper. I use Linux Mint 9 on the desktop and Mint 11 on my Dell 1525 Inspirion at the office, both hibernation features work just fine, perhaps you did not know what you were doing?
Dougman, it is a show stopper. It is so much of a show stopper that Canonical deactivated it in Ubuntu 12.04 by default. Precisely because it doesn’t work reliably.
Your pitiful insinuation claiming that esoteric knowledge is required to get hibernation to work in the first place (“[P]erhaps you did not know what you were doing?”) just shows how much the Cult of FLOSS is disconnected from reality.
The performance, reliability and security are great as is the low cost.</b.
reliability
Ok, let’s see, on my Linux (Ubuntu)
– sound is broken — SoundBlaster sound card don’t work
– Flash is simply mute, no sound here
– Huawey modem does not work properly, regularly loose connection and I have to:
sudo killall modem-managersudo killall NetworkManager(no restarting services does not work)
security
If Linux so secure and virus- and malwarefree why there are so many solutions to protect against these non existent threats, for example:
http://www.kaspersky.com/anti-virus-linux-file-server and Kaspersky Endpoint Security for Linux
If there is supply — there should be some demand for it.
Download antivirus and update….
Ok, on Windows no problem with it, but when I tried to install Clam Antivirus on Ubuntu it failed because some files cannot be downloaded from Ubuntu repository, so now I even don’t know if my Ubuntu is infected and spreading spam. So now I have to compile it from sources.
@Robert Pogson
‘* = Linux, 1 hit’
Either you must have a very twisted sense of humour, or the ‘Google’ you are talking about is just a bit different to mine.
‘Ubuntu won’t hibernate’ – first result.
‘Ubuntu 9.10 won’t enter suspend/hibernate’ – third result.
‘… my machine will suspend but won’t hibernate’ – fourth result.
‘… Why won’t my computer hibernate and shut down properly’ – ninth result.
‘mint 12 won’t suspend or hibernate’ – twelfth result.
‘Hibernate doesn’t function’ – thirteenth result.
Really, how on earth did you manage to get 1 hit, of all possibilities?
Also, you are using list item tags (<li>) without encapsulating them in a list (<ul> or <ol>). Since WordPress also uses <li …> to display comments, you are in effect messing up the part of the comment section following ‘* = that other OS, 7K hits’. Get rid of the <li> tags if this is what you have done manually in your comment, or use ‘*’ instead of ‘*’ for asterisks if your WordPress install happens to treat everything starting with a ‘*’ as a list item.
“or use ‘*’ instead of ‘*’”
TM Repository
–You realize, the TM’s are all based on things the FOSS community has said, right? You realize several of the TMs are based on things you have said specifically. You’ve been caught several times in your own lies by people posting links to those TM’s you inspired.–
Really lot of those TM’s are in fact bogus. I am not perfect I have had a few errors.
Lets take you I have caught you claiming Windows has a Stable ABI. What is complete bogus and is provable. Yet you have not taken a TM against yourself or any of your others for the mistake.
TM Repository really that is the funny one.
Like this so called lie?? http://tmrepository.com/trademarks/ie6willkillbill/
This is the problem lot of your TM’s at me are bogus. The reality is poorly written business software fails to run on compatibility mode on IE 9.
Yes I have made a few mistakes. But most of the TM’s about me are in fact bogus and provable so if you do some research. TM Repository most of the support is that I said it. So they are attacking the person not the information with links and information.
@oiaohm
‘Lets take you I have caught you claiming Windows has a Stable ABI. What is complete bogus and is provable.’
Perhaps I have missed your explanation somewhere. Care to repeat it?
‘This is the problem lot of your TM’s at me are bogus. The reality is poorly written business software fails to run on compatibility mode on IE 9.’
Excuse me, but I don’t recall Javascript or HTML being part of any ABI in Windows. Again, care to elaborate on that?
iLia remember common usage of Linux is file storage.
Kaspersky Endpoint Security is Windows, Linux, OS X. A Linux installed server point can be looking after Windows and OS X clients as well. So you deploy a Linux small business server distribution you have Kespersky on the windows clients you install the Kaspersky management server on the Linux box and everything works.
Linux does in fact support real-time scanning. The majority that Kaspersky is looking for on Linux is Windows and OS X programs not items that infect Linux.
iLia clamav is not how to detect infection on Linux. By the time anti-virus normally works its way too late. You have been infected for months.
If you are worried about infection you use a HIDS/NIDS solutions and rootkit hunters.
TM Repository
http://www.tmrepository.com/trademarks/windowsisbuggy/
while you at it delete this one as well person again has presented no facts proving me.
http://test.winehq.org/data/c0d2029560372974001f75acbbaebda54473a51a/
Along the top there NT4,2000,XP,2003,Vista,2008 and Win7. Those lines are not Wine running emulation mode. That is the wine test suite being run on Windows of that version. So wine has bug for bug compatibility. Wine cannot code by the MSDN because its not correct in many places.
This is what makes some third party programs unstable on windows because they followed the MSDN and there is some Conner case bug that causes there program to fail. Issue is other Windows coders find these bugs and exploit them so there program runs faster. Result bug stuck for evermore.
I never said that Linux world could not copy it. Process of coping it you find the bugs.
TM Repository Dr Loser is the one lieing here. Not me. Your site is filled with lies who say things I don’t say.
Wine first goal was to make a Windows ABI that was bug free. This had to be given up on and copy Windows bugs so applications could run. This is recorded in Wine Official history by the way if you look it up TM Repository.
TM Repository somehow I am not lie teller you claim me to be. People on your site do deformation against me state things I have never said.
This is why I beat you into the ground. I am not the lie teller you think me to be. The people at TM Repository get to place a TM without having to source references or do proper research if the claim is valid or not.
I could keep on going with TM’s targeted at me that are simply bogus. Really start doing a audit TM Repository of your FUD and TM’s. Lot are bogus. Or were correct and are now bogus because time moves on.
TM Repository its funny you want me to provide you with references supporting statement. Yet anyone can take out a TM or a FUD thing on your site and not have a single valid document backing their accusation.
This is why TM Repository is a pack of Trolls.
‘iLia remember common usage of Linux is file storage.
‘Kaspersky Endpoint Security is Windows, Linux, OS X.’
Excuse me, but I don’t think you understand what they mean by “Endpoint Security”. A file server, by definition, is not a network “endpoint” (i.e. a computer terminal).
Also, Kaspersky offers two distinctively different products called “Kaspersky Anti-Virus for Linux File Server” and “Kaspersky Endpoint Security for Linux”. The latter also contains a run-time heuristic analyser that is inherently useless for a file server. Perhaps you should read the product manual before commenting on the functionalities?
http://support.kaspersky.com/kes8linux/common?qid=208283109
‘Along the top there NT4,2000,XP,2003,Vista,2008 and Win7. Those lines are not Wine running emulation mode.’
http://wiki.winehq.org/ConformanceTests
If I understand correctly, the results you have there were collected with the use of WineHQ’s own test suites. One question that comes immediately to my mind is how they the measured “success” and “failure” in each and every of those unit tests. In other words, do they have a fixed set of criteria for each unit? Do they make sure that their unit tests don’t rely on API bugs to achieves certain results? And, most importantly, do they make sure their own tests are not, in fact, buggy and error-prone? Based on some of the documented git commits, I believe the methodology employed by Wine developers is at best dubious.
That Exploit Guy. The heuristic analyzer checks out windows PE and other windows binary formats as well as Linux ELF on Linux.
http://support2.kaspersky.com/2703 read down notice Kaspersky Anti-Virus for Linux File Server also has the heuristic analyser.
That Exploit Guy the Kespersky heuristic analyser is not in fact limited to runtime.
http://usa.kaspersky.com/about-us/press-center/press-releases/kaspersky-lab-presents-kaspersky-endpoint-security-8-linux
Read and say sorry now The Exploit Guy.
Kaspersky Anti-Virus for Linux File Server difference one that it does not require a graphical in fact does not include it. You get Kaspersky Web Management and console with the for Linux File Server and with Kaspersky Endpoint Secuirty for Linux you get graphical and console. Otherwise its exactly the same anti-virus with the exactly the same functionality. If you are using something with a graphical it can be simpler to use the endpoint secuirty where you get console and graphical and no web management console. Lack of web management is not a major problem thinking if you install Kaspersky Administration Kit and push policy and pull stats back. Yes the one console to web rule them all.
That Exploit Guy you could be a version out of date. Version 7.0 there was the split you were talking about. Version 8.0 and on the anti-virus is identical between the two Kaspersky products on Linux.
There is no performance difference the difference is how you want to administrator it. Local GUI on the Linux box or remote web gui. If you say stuff GUI I use ssh and bash it makes no difference at all.
Its always funny how many people don’t know crap about the anti-virus products they use and say two different products have different scanning engines when they are absolutely identical.
That Exploit Guy
–One question that comes immediately to my mind is how they the measured “success” and “failure” in each and every of those unit tests. In other words, do they have a fixed set of criteria for each unit? Do they make sure that their unit tests don’t rely on API bugs to achieves certain results? And, most importantly, do they make sure their own tests are not, in fact, buggy and error-prone?–
Particular programs require particular API bugs. So you are required to test to see if those bugs are their. If they are not particular programs will not run.
http://www.winehq.org/docs/winedev-guide/testing
That Exploit Guy there is a nice bit of formal documentation on the process. And the testbot you can go through and see the exact failure reason.
Remember this is not some hick project. Code-weavers pays the maintainer a full time job. Everything has to go past him.
@oiaohm
‘That Exploit Guy. The heuristic analyzer checks out windows PE and other windows binary formats as well as Linux ELF on Linux.’
You misread. The cited page concerns Kaspersky Anti-Virus for Linux Server, not Kaspersky Endpoint Security for Linux.
They are two different products.
‘That Exploit Guy the Kaspersky heuristic analyser is not in fact limited to runtime.’
Does that undermine the fact the run-time heuristic analyser, however you slice it or dice it, is inherently useless for a file server?
I don’t think so.
Face it – Kaspersky Endpoint Security for Linux is a product designed to protect against security threats targeting Linux workstations. Would you like me to send a query to a Kaspersky customer rep and let him or her repeat this same very fact to you in writing?
‘Read and say sorry now The Exploit Guy.’
How about no, my pompus fellow Internet user?
“TM Repository its funny you want me to provide you with references supporting statement. Yet anyone can take out a TM or a FUD thing on your site and not have a single valid document backing their accusation.”
This is not about TMR it is about your putting your money where your mouth is. And since you are normally not so shy about providing references to your points, one would think that doing so now would not be an issue.
So cut the crap and provide the reference Hamster.
http://support2.kaspersky.com/2703 << Read this this is the Kaspersky Anti-Virus for Linux File Servers new features.
–Enhanced Anti-Virus Protection:
new Kaspersky Anti-Virus Engine;
heuristic engine (emulator) included;
support for archive contents curing;–
Hell yes the it includes the heuristic engine. Same one.
That Exploit Guy
–Does that undermine the fact the run-time heuristic analyser, however you slice it or dice it, is inherently useless for a file server?–
This is in fact wrong its not useless. Because if I am running some odd ball network protocol on the server I need exactly the same protection as running a desktop application.
heuristic analyser allows you to detect what is not known to the signatures. Without it the anti-virus is pretty much useless.
Also if I am running something like http://www.zentyal.org that includes a desktop and is running thin terminals you guess what you need it all.
The on access scanners are identical and that is the only run-time scanners the products contains.
–http://support.kaspersky.com/faq/?qid=208283750–
Read
–Kaspersky Endpoint Security 8 for Linux is designed for protecting workstations running Linux (32 / 64 bit) operating systems against malware.
The application combines the functions of the last versions of two products – Kaspersky Anti-Virus 5.7 for Linux Workstation and Kaspersky Anti-Virus 5.5 for SAMBA Servers. It intercepts file operations on two levels: kernel level (as a kernel module) and SAMBA level. The application has a local interface for GNOME and KDE, and can be remotely managed via Kaspersky Administration Kit. –
Notice something. I know the exact error you are making. That Exploit Guy you are slightly out of date. Before endpoint when it was Kaspersky Anti-Virus 5.7 for Linux Workstation and Kaspersky Anti-Virus 5.5 for SAMBA Servers. The split you are talking about existed. Has not existed since its been called endpoint.
Since the merge that makes endpoint there is no difference between the two products scanning engines.
For fileservers no graphical is option. SAMBA Servers edition also could be run without graphical. Endpoint version keeps that feature. Prior workstation did not contain that feature.
The fact the workstation edition was designed to protect only Linux desktops.
Endpoint is designed to protect servers and desktops as one.
Yes send a query to a Kaspersky customer rep get competent one ask how to use Endpoint to replace Samba Server edition. Find out it can be run on servers without graphic no problems.
Endpoint is almost everything. The for servers is cut back edition. Slightly cheaper.
@oiaohm
‘Particular programs require particular API bugs. So you are required to test to see if those bugs are their. If they are not particular programs will not run.’
Certainly. One would recall the effort invested to make SimCity run on Windows 95, but, as Raymond Chen explains, that was for a time when then the Internet was an alien thing to most people (and for the fact that there was no easy way to work around a use-after-free bug). Today, API/ABI changes are mostly managed and made compatible with legacy applications via shims, if feasible. The bottom-line, however, remains that a bug is an unintentional behaviour of the interface, and you should not expect it to exist or persist even though it is or has been there. One must note that Raymond Chen also points out Windows does not always provide compatibility workarounds but instead advice users to acquire patches from the vendors responsible upon encounting certain applications. There is a point where emulating the buggy behaviours become infeasible, and when that point is reached, the buggy behaviours must be dropped regardless of legacy compability.
Now, of course, none of that has anything to do with what I say about WineHQ’s test suites. The unit tests appear to be so ill-defined and poorly implemented that I even doubt if they can be used reliably to test for expected behaviours – let alone bugs. Most of the git commits were simply additional permutations of function parameters the should have been there right from the beginning. Some are rewrites that change the way the tests are done. Some are even bug fixes for the tests themselves. Can I honestly take the results from such tests with any kind of seriousness? I think not.
That Exploit Guy
–Most of the git commits were simply additional permutations of function parameters the should have been there right from the beginning. Some are rewrites that change the way the tests are done. Some are even bug fixes for the tests themselves. Can I honestly take the results from such tests with any kind of seriousness? I think not.–
The first point is that wine testsuite is going to disregard a lot of errors since it only tests what wine has implemented not the complete windows ABI. This is included in when to write tests in the test production guide. Adding more permutations of functions line up to wine implementation expand.
Testing what wine has implemented is very critical to wine to prevent regressions as the extras get implemented.
Test suite for java and other systems get rewrite to sections all the time and have bug fixes applied this is normal for a testsuite. Just like programs test suites are not 100 percent bug free.
Basically what you have just said is no test suite is worth a cracker. Since general operations of maintaining a test suite is extending and repairing it.
That Exploit Guy
–One must note that Raymond Chen also points out Windows does not always provide compatibility workarounds but instead advice users to acquire patches from the vendors responsible upon encounting certain applications.–
Key point Mircosoft does not promise developers their programs will keep on running.
That Exploit Guy you don’t need to test the complete windows ABI to see that the Stable ABI claim is false. That is not as stable as people try to claim.
Yes Raymond Chen is truthful with windows that you need vendors to keep updating there programs as particular functions break or the programs will stop working. Same problem you run into with Linux.
‘This is in fact wrong its not useless. Because if I am running some odd ball network protocol on the server I need exactly the same protection as running a desktop application.’
Ugh… You just won’t back down from a failed argument, will ya?
The product page for Kaspersky Anti-Virus for Linux File Server tells you right from the word “go” exactly what protocols it covers – namely, SMB, HTTP, FTP, NFS and Novell NSS (not to be confused with Network Security Service). There are no esoteric protocols, no local execution and thus no requirement for run-time heuristic analysis. Even if there were, that would imply running an application across two heterogenous operating systems via a network connection. No, we are talking about simple file servers, not terminal servers or application servers – there is simply no valid reason to perform run-time analysis of any kind on exectuable files, especially ones that you cannot execute reliably in the local environment.
@oiaohm
‘The first point is that wine testsuite is going to disregard a lot of errors since it only tests what wine has implemented not the complete windows ABI.’
That’s great! We all know Wine is very good at doing what it’s meant to do, don’t we?
Your argument has just taken a turn for the more ridiculous, I am afraid.
That Exploit Guy Explain this one away.
http://test.winehq.org/data/c0d2029560372974001f75acbbaebda54473a51a/index_Win7.html
The testsuites are all the same. 14 installs of Windows 7.
2 installs run the testsuite completely without a single issue.
The remaining 12 are all over the shop. Like 9 perform locale identically 3 don’t.
That Exploit Guy one of them includes entering data into registry does not process the same when it should.
Even more fun some of these bugs are regional particular. So you make a app in the USA send it to Japan and it don’t work right even that it works perfect on your machine. Does not work because the machine in Japan has a few extra bugs.
Linux Distributions don’t give you regional hell.
@oiaohm
‘That Exploit Guy Explain this one away.’
Explain what away? I have already pointed out very clearly that these are results generated with not terribly reliable test suites devised by the same people that brought to you a compatibility shim that is not terribly good at what it does. What more do you need?
It doesn’t matter if the test suites employed were the same or implemented differently by people from different planets. They are of the same poor quality – and that’s what matters.
That Exploit Guy
==there is simply no valid reason to perform run-time analysis of any kind on exectuable files, especially ones that you cannot execute reliably in the local environment.==
reliably is not correct. Linux can by idiots have binfmt_misc set up to auto run windows .exe files with wine.
Kaspersky Anti-Virus for Linux File Server works by hooking to the Linux kernel to catch disc io for HTTP, FTP, NFS and Novell NSS. It in fact does not integrate into any of those servers. It only integrates into SMB/Samba and the kernel.
http://support.kaspersky.com/linux_file80?level=2
–Kaspersky Anti-Virus 8.0 for Linux File Servers provides antimalware protection for file servers and workstations running Linux and FreeBSD systems (both, 32 and 64 bit). The application combines functionality both of previous version of the Kaspersky Anti-Virus 5.7 for Linux File Server and of Kaspersky Anti-Virus 5.5 for SAMBA Servers, being able to intercept file access operations at two levels: a kernel level (kernel module) interceptor and a SAMBA interceptor;–
Read the both descriptions.
That Exploit Guy both uses the Kespersky kernel module and the SAMBA interceptor to integrate run-time analysis.
The reality you have been tricked by the marketers.
Yes its know to work with the following list of Linux servers. But any other server is also protected because all we do is monitor file-system operations.
That Exploit Guy
–there is simply no valid reason to perform run-time analysis of any kind on exectuable files, especially ones that you cannot execute reliably in the local environment.–
There is one very simple answer. When you are not integrated into the server program itself and are only scanning where the kernel reads from disc.
Remember Linux kernel does not know how to load dynamic binaries so uses a userspace program to link up .so files to a dynamic binary.
Reality if you are reading a file to run it or reading a file to send across network it looks absolutely identical to the anti-virus.
That Exploit Guy by the way Kaspersky on Linux does byte code processing on read/write not real background server running monitoring even with Endpoint. Linux kernel security does not like apps snooping on other apps memory that much.
That Exploit Guy same test testing same feature on different install of windows should return same result.
Reality they don’t. Even for basic things like writing a value into registry.
Claiming a test suite is defective in areas does not disprove at all tests showing miss alignment. Since a defective test should still fail uniformly.
Quality of the test-suite does not come into it with a apples vs apple compare.
@oiaohm
‘That Exploit Guy one of them includes entering data into registry does not process the same when it should.’
You mean adviapi32:registry? That’s the portion of the Windows API responsible for registry access and modification. If you mean anything else, then clearly the test suites should not be doing anything of such nature.
I don’t see no error for that particular part of the results, by the way.
That Exploit Guy
–You mean adviapi32:registry? That’s the portion of the Windows API responsible for registry access and modification. If you mean anything else, then clearly the test suites should not be doing anything of such nature.–
Funny so applications should not write to registry using it right?
No I did not mean direct. atl:registrar The MS toolkit path to edit registry.
http://msdn.microsoft.com/en-us/library/49tet6k7%28v=vs.80%29.aspx
Microsoft nicely provides documentation to use it. And a few other places.
Fun right it not stable. So you code a C++ or a .net program write to registry and have opps it ate my homework.
faultrep:faultrep is funny. 2 machines did not log a fault report when requested by program.
ws2_32:sock is down right warpped. Somehow it thinks that 0.1.0.0 is loopback instead of the standard 127.0.0.1 on 9 of the test machines.
Now are you going to now try to tell me that the Windows ABI is not buggy it cannot even get what loopback for network is correct. I have never seen a default Linux install get that one wrong.
@oiaohm
‘reliably is not correct. Linux can by idiots have binfmt_misc set up to auto run windows .exe files with wine.’
I am sorry but Wine is not what I consider reliable for the most part. Maybe you are religiously obliged to believe otherwise, but I ain’t.
‘Kaspersky Anti-Virus for Linux File Server works by hooking to the Linux kernel to catch disc io for HTTP, FTP, NFS and Novell NSS. It in fact does not integrate into any of those servers. It only integrates into SMB/Samba and the kernel.’
Excuse me, but have you actually read the specs for SMB? You don’t appear to understand what it does or doesn’t, as far as I can tell.
‘The reality you have been tricked by the marketers.’
No, but it certainly seems that you have next to no idea how those protocols are actually implemented in Linux.
‘There is one very simple answer. When you are not integrated into the server program itself and are only scanning where the kernel reads from disc.’
So, open(), read(), write() and close() in terms of kernel API use.
I still ain’t seeing anything ‘esoteric’ going on here or anything that involves local execution.
None of the protocols in question involves local execution, by the way.
Come back to me when you have a better story to tell.
That Exploit Guy
–I still ain’t seeing anything ‘esoteric’ going on here or anything that involves local execution.–
Reality Endpoint on Linux does not monitor programs running. This is what happens. Kernel reads file from disc anti-virus checks file. Kernel loads loader anti-virus checks loader. Loader runs program anti-virus does not see this bit. Running program is the Linux Security module problem.
Really for someone who says they are an expliot guy you know bugger all about defeating anti-virus on Linux.
The Kaspersky Anti-Virus under Linux does not watch local execution at all in any of the Kaspersky products. You are assigning a Windows feature of that product to Linux.
That Exploit Guy reality here you don’t know the product.
@oiaohm
‘No I did not mean direct. atl:registrar The MS toolkit path to edit registry.
Microsoft nicely provides documentation to use it. And a few other places.’
That’s part of the Active Template Library – not strictly speaking a constituant of the Windows API but more a development toolkit.
I have serious doubts as to how to test such a thing proper.
Also, the environments in which the error occured involves running the tests without elevated privileges. That simply adds to my suspicion that the tests are, in fact, poorly written.
That Exploit Guy Can you explain getting the number wrong for loopback in winsock. There is more than 1 bug.
That Exploit Guy funny part is 4 test machines there are not running with elevated privileges. So it should have worked. Sorry invalid written test is not going to cut it.
@oiaohm
‘Reality Endpoint on Linux does not monitor programs running.’
Now you are just plain making things up.
From Kaspersky:
‘When scanning a program the analyzer emulates its execution and logs all its “suspicious” actions, e.g. opening/closing files, intercepting interruptions, etc. On the basis of these logs, a program can be recognized as possibly infected.’
That’s essentially the stock-and-standard, sandboxed test runs almost every piece of anti-virus software use for evaluating potential threats. Again, however you slice it and dice it, it is a run-time analyser.
That Exploit Guy even if you compare those two you notice as you scroll down MSI goes nuts on one and not on the other. Yes the lower rights are detected and only the correct tests are run.
That Exploit Guy
–That’s essentially the stock-and-standard, sandboxed test runs almost every piece of anti-virus software use for evaluating potential threats. Again, however you slice it and dice it, it is a run-time analyser.–
In fact no I am not. You don’t know anti-viruses and you just proved it.
–‘When scanning a program the analyzer emulates its execution and logs all its “suspicious” actions, e.g. opening/closing files, intercepting interruptions, etc. On the basis of these logs, a program can be recognized as possibly infected.–
Key word emulates. This is not run-time analyser.
This is a bytecode processing engine. You don’t load a possible hostile and let the cpu at it before you scan it.
Reality you cannot read in this case That Exploit Guy. You missed a complete word. analyzer never runs the program. It just Analyzers it by byte code processing emulation.
There are two analysers. One is runtime one is emulates. Emulates never ever runs the program to scan it so can scan binaries not native to your platform. Runtime analysers only scan what is native to your platform. Also cpu flaws and other things could see system exploited before Runtime analysers can detect.
All anti-viruses have some from of emulated.
That Exploit Guy every sandbox can have a hole. This is anti-virus software use emulation systems to assess if something is hostile. Bytecode processing engines that are not doing the real operations on the cpu are many times harder to break out of in some not known way.
‘That Exploit Guy Can you explain getting the number wrong for loopback in winsock. There is more than 1 bug.’
I don’t know exactly what “fg” and “wtb” stand for, but it appears that the latter refers to the so-called “WineTestBot” in the Winers’ (heh) circles. The former, on the other hand, seems to be the initials of one Francois Gouget who prefers other hardware virtualisation software to VMWare, for whatever reason:
http://www.winehq.org/pipermail/wine-devel/2012-June/096043.html
I cringle at the mere mentioning of QEMU.
Also, unlike those by “fg”, all tests performed by “wtb” simply passed with flying colours.
I wonder why.
“I cringe”, not “I cringle”.
@oiaohm
‘Key word emulates. This is not run-time analyser.
‘This is a bytecode processing engine. You don’t load a possible hostile and let the cpu at it before you scan it.’
I don’t want to be blunt, but in all honesty the time and patience I have for reading this kind of day-dreams are quite limited. ‘Bytecode’? Do you even know what that word means?
Bytecode engines and sandboxed execution are two completely different things. Bytecode can be executed within a sandbox. Likewise, a sandbox is not limited to isolate bytecode execution. Why not try and read up on the subject before defending your failed argument?
That exploit guy wrote, “the run-time heuristic analyser, however you slice it or dice it, is inherently useless for a file server?”
I think you don’t understand malware. It gets into a system any way it can and does what it wants one way or another. It does not matter whether it is a file server or a workstation. There are just more/different ways to get into one or the other.
“New heuristic technologies combined with traditional signature-based malware detection methods help to dramatically improve the efficiency of malicious object detection and ensure proactive protection against new malicious programs.”
see http://www.kaspersky.ca/products-services/business-security/anti-virus-for-linux-file-server
“Enhanced heuristic analyzer
Traditional signature scanning is supplemented with the improved heuristic analyzer. This helps to detect currently unknown threats which are similar to those that have already been detected, and significantly strengthens the overall protection level.”
see http://www.kaspersky.ca/products-services/business-security/endpoint-security-linux
@Robert Pogson
‘I think you don’t understand malware. It gets into a system any way it can and does what it wants one way or another.’
I hope you won’t too start talking about bytecode being sandboxes. That would just be irritating.
Let me tell you two things that will definitely happen when you have a piece of malware that is on disk but not in memory:
1. Jack.
2. Squat.
I hope I don’t need to elaborate on either of them given your obviously “40 years of observations” about IT and what not.
Just to end this once and for all, this is the description of what Oiaohm claims doesn’t have:
http://support.kaspersky.com/faq/?qid=208283750
‘Real-time protection of the file system against malicious code: intercept and analyze attempts to access files, disinfect and delete infected objects’
Seriously, stop defending him.
“You mean like how I’ve refused to ban you despite your repeated, obvious, drive-by tolling on TM Repository?”
Yet you ban 3 GNU/Linux evangelists and a white supremacist for expressing their views.
“Haha, yes, keep telling yourself that Microsoft invests millions of dollars into convincing 1% of the software market to switch to Windows. Meanwhile, it’s
OSX eating Windows’ lunch right now, not any linux desktop variation.”
We are the 1% and we will not give up until M$ sits beside Hitler in the panthion of villains.
Adam King wrote, “We are the 1%”.
Don’t believe that. We are at least the 3%
I think we are more than 10% but under-counted.
“Yet you ban 3 GNU/Linux evangelists and a white supremacist for expressing their views.
”
The raceguy was banned for posting off topic – a fairly good reason IMHO plenty of other sites use.
As far as the other “evangelists” please name them.
That Exploit Guy
–Bytecode engines and sandboxed execution are two completely different things. Bytecode can be executed within a sandbox. Likewise, a sandbox is not limited to isolate bytecode execution. Why not try and read up on the subject before defending your failed argument?–
I said bytecode engine. Not bytecode execution. There is a big difference. A bytecode engine and process the bytecode without really running it. Sees the code paths.
http://blog.clamav.net/2011/11/bytecode-signatures-for-polymorphic.html
–heuristic engine (emulator)– in Kespersky is in the same class as the clamav bytecode engine. This stuff Scary enough its like saying a lint or gcc runs the programs because it produces a flow map. Of course this is not true. The heuristic engine in kaspersky never really runs the program.
Basically there is more than 1 emulator define.
That Exploit Guy
–Real-time protection of the file system against malicious code: intercept and analyze attempts to access files, disinfect and delete infected objects–
Word there is file system you are miss reading. That is not run-time heuristics
That is the kernel hook that does not monitor execution or start a sandbox.
http://blog.clamav.net/2011/11/bytecode-signatures-for-polymorphic.html
The emulated is basically a de-complier designed particular to detect possible hostile actions.
That Exploit Guy the reality is that on Linux kaspersky does not check ram in either version you are pointing to at runtime. Kespersky anti-virus on Linux does not help you one bit against a in ram attack. You are depending on other sections of Linux to handle that.
Problem here you don’t know the topic That Exploit Guy so when you read emulator you think qemu, sandboxes…… Anti-viruses have something else they call an emulator as well. That is basically an very advanced de-complier that can map out the flow of the program. This is how come the heuristics will trigger before you have really run the program in any form. Why because a new varent of a malware could include the same code as old except now have a new feature that can smash its way out of a sandbox of the anti-virus this is why the anti-virus requires this special form of emulator. If you really run it you can kill you system by by.
You would put the anti-virus emulator in the same class as spice circuit testing software. Its never real.
That Exploit Guy part of security is know what each product protects. Kespersky on Linux its filesystem accesses and integrates into samba that is it.
The heuristic solution is identical between all of Kespersky current Linux products. The runtime monitoring is identical as well. The difference between the products are skin level.
–Let me tell you two things that will definitely happen when you have a piece of malware that is on disk but not in memory: 1 Jack.2. Squat.–
That is exactly what Kespersky is trying to make sure happens.
Kespersky does not help at all with a in ram buffer overflow or equal attack against Linux. You other sandboxing solutions like selinux come into play there.
“Yet you ban 3 GNU/Linux evangelists and a white supremacist for expressing their views.”
No, I banned your sock puppet accounts 3 times. White supremacy is way off topic and the other two were mirror accounts posting spam. One signed up and continued posting after I banned the first for posting a link to a no-longer-available YouTube video several hundred times.
Notice, Adam, that I haven’t banned your actual account at all though.