Does Wine make Linux too loose?
For those Wine aficionados out there, beware of the remote possibility that your Linux system could be infected by Windows-seeking malware. "WINE running a Windows virus is nothing more than a 'stupid Linux trick' ... for now," said Slashdot blogger hairyfeet. But if the year of the Linux desktop ever arrives, he wonders, can Linux hold up to a "tidal wave of stupidity"?
Following the Karmic Koala's joyful reception last week, sentiments toward the FOSSy marsupial have become distinctly less enthusiastic in recent days -- at least for some.
"Early adopters bloodied by Ubuntu's Karmic Koala" was the headline on a piece that ran in The Register on Tuesday, which chronicled multiple cases of frustration among some users upgrading to the new version.
"More than a fifth of people upgrading to Ubuntu 9.10 have reported issues they can't fix, according to an Ubuntuforums.org poll," The Register reported. "Only around 10 per cent of those upgrading or installing reported a completely flawless experience."
A Biased Snapshot
Of course, the opinions represented in said poll aren't exactly representative of the population at large, as Slashdot bloggers quickly pointed out, biased as it is toward those with problems.
In fact, at the top of the poll, the following red-ink warning is given:
*** Disclaimer for those willing to analyse this poll ***
Most of users voting here are users with issues.
Users with painless experience are not likely to come here."
Nevertheless, word of The Register's report quickly spread, and bloggers far and wide didn't hesitate to register their own reactions.
"I upgraded to Ubuntu 9.10 and it is quite buggy," wrote MichaelSmith on Slashdot, for example. "Much more than previous releases. I have had to go back to the NDIS wrapper to use my WG511 PCMCIA wifi adapter. I haven't had to do that in years."
On the other hand: "The statistics derived by The Register are invalid, and probably quite wrong, being from a nonrepresentative self-selected subset of Karmic installations or upgrades," countered AliasMarlowe.
"Here's another nonrepresentative data set: I have installed or upgraded 4 PCs from Jaunty to Karmic at home (2 upgrade 32bit, 1 upgrade 64bit, 1 conversion 32bit to 64bit)," AliasMarlowe added. "All went flawlessly, even the migration of user accounts and reinstallation of applications (including commercial paid-for apps) on the 32bit to 64bit reinstallation."
'Never, Ever Upgrade'
Over on LXer, meanwhile, HoTMetal warned, "I've said it before and here it goes again: never, ever upgrade. Clean installs are the *only* way to go."
Then again: "Never upgrade? Clean install only? That's Windows-think," shot back tuxchick. "I have Debian boxes that have gone for years without ever needing a reinstallation, upgrade and dist-upgrade all the way. Though with Ubuntu upgrading to a new release has always been a roll of the dice."
Bottom line? If you're upgrading, be prepared at least for the possibility of a bumpy ride early on.
The Hazards of Wine
The problems one is likely to encounter with Linux tend to pale by comparison with the security problems one is likely to have using Windows. Unless, that is, you're using Wine.
Indeed, alert blogger fsufitch recently uncovered a situation in which Wine allowed Linux to get infected by a virus targeting Windows.
"Wine emulates Windows well enough to get infected by a Windows virus," fsufitch wrote -- noting, however, that the observed virus didn't work as intended.
'Color Me Unworried'
"So WINE can get a virus intended for Windows, if you jump through some hoops to help the virus along," wrote AliasMarlowe on Slashdot, where bloggers took quick notice of the news. "Color me unworried."
Then again: "Linux IS BY NO MEANS impervious to infection, but you would need to really put an effort into getting and STAYING infected," wrote Jeff901 over on Digg. "Things just don't run without your knowledge or control."
And an anecdote: "Using Linux, I'd gotten into the habit of ignoring warnings about all the websites I knew spread malware and viruses -- sometimes because I was looking for something, and sometimes just because it's fun to walk through a battlefield with godmode on," JanusTheDoorman began.
"Then, because I needed to run certain software for school, I reinstalled Windows onto my laptop, and absentmindedly continued my usual browsing habits for about a week without so much as spybot to keep me safe," JanusTheDoorman added. "The moment of realization was a bit like what I imagine it'd be like waking up in a doorway, noticing a syringe on the ground next to you, and feeling an itch in your arm..."
Just how big a security concern is Wine? Linux Girl felt it her duty to ask around.
'A User Education Problem'
"As long as said virus can't punch through my web browser and install itself, I'm fine with it," Montreal consultant and Slashdot blogger Gerhard Mack told LinuxInsider. "As long as viruses need user intervention to install, we can keep it down to a user education problem."
Indeed, "unless there is an inside job like Wine, it is very difficult to get a virus in GNU/Linux," blogger Robert Pogson agreed. "The GNU/Linux ecosystem is so diverse, hackers cannot build their stuff for all the varieties of drivers, kernels, GUIs, apps and builds to make overflows and such to work. They would rather compromise millions of willing zombies running that other OS -- it's just too easy."
The result is "1000:1 more security against malware with GNU/Linux these days," Pogson noted. "I love it.
"Reading the anguish of users of that other OS struggling for days to cleanse their systems only to reinstall after nothing works brings tears to my eyes," he added. "I just have to tell them about running malware free for eight years without a scanner."
'The Velma Problem'
A bigger question lies behind the current news, however, and that's, "Why does Linux not get viruses?" Slashdot blogger hairyfeet told LinuxInsider.
"Ultimately, I believe it comes down to the fact that the malware writers know that Linux users are generally more savvy, less likely to fall for tricks, and less likely to fall for the really dumb attacks," hairyfeet said. "Which is why I say, 'Linux users: hope and pray to Linus and RMS you NEVER have a year of a Linux desktop.'"
With mainstream users comes "'the Velma problem,'" hairyfeet explained. "Velma is sweet and nice and always remembers your name and all about your family, but Velma has a darker side: she is what we in the repair biz call ... DUM DUM DUM ... the disaster area."
'A Stupid Linux Trick... for Now'
Specifically, Velma is a user who "followed step-by-step instructions to turn off her antivirus and put the password in a password-protected .zip file," hairyfeet explained. "For what? It was supposed to be a 'happy puppy' screensaver."
Then there's the user who "would run ANYTHING -- .exe, .vbs, you name it -- as long as it had the word 'lesbians' in it," hairyfeet added.
"So WINE running a Windows virus is nothing more than a 'stupid Linux trick' ... for now," he said. "What will be ultimately more interesting is whether the volunteer nature of Linux will hold up to a tidal wave of stupidity if the year of the Linux desktop ever comes to be."
The minute they find out the "Velma problem" has come to Linux en masse, hairyfeet predicted, "your old friends in the Russian Business network and their friends in Nigeria and China will be happy to cook up 'Happy_Pup.sh' and 'lesbian_video_player.deb' and nicely provide step-by-step instructions that Velma and all her friends will follow to the letter."
Era of the Educated User?
Of course, whether those "Velma" users will all be using the same distro is another question entirely, as is whether hackers will be able to do significant damage amid the formidable strength that lies in Linux's diversity.
Then, too, there's the fact that any mass migration to Linux will surely have to involve at least some learning and education on the part of all those new users.
Dare we hope that the Year of the Linux Desktop -- whenever it happens -- may also bring about the Era of the Educated User? Now *that* would be a milestone in computing history.
Return to internet news headlines
View Internet News Archive