Izzy has a good post about
security, viruses, and myths. In it, he explores the "age old" question as to why there are no viruses for Macs. While, in the past, the answer
may have been market share, the main reason now is the same reason there are no viruses for Linux, Solaris, or any operating system with a strong security model: You. Simply. Can't. Write. One. At least not one that will have any measureable affect.
Why? Two words: security model. In the non-Windows world, users run as normal users, and not as administrators. Any application or script compromised can only modify files owned by that user. Any attempts to modify system files or system binaries will be denied. Now, Windows Vista is supposed to solve some of this by making a user run as a normal user, and prompting for additional privileges when needed, but I've read it's so annoying, people are turning the feature off and running as administrator.
Another reason: bad software design. Example: scripts in Word documents and in Lookout, er, Outlook e-mails that run without user intervention, and e-mail themselves to everyone in your address list. Yes, KDE4 will have DBus-in-everything-even-your-toaster
®, but to my knowledge, scripts attached to e-mails will not run without user intervention. And if you run a script or binary attached to an e-mail, you had better know what it is (there are also the holes in MS products that can be used to lie about the type of a file: calling an executable file a jpeg, for instance).
Another choice that makes Linux a little bit more secure (not sure about Mac) is that any file on a web site or in an e-mail is either opened by the application that can view it (
not execute it) or it must be saved and have its execute permission set. No accidentally executing a program attached to an e-mail here. Granted, you could say, "Open this EXE attachment with Wine" (a windows emulator) or, "Open this Python script attachment with the Python interpreter," but again, you must take an explicit action, and are warned that opening an attachment can compromise your system's security. [Disclaimer: I've not checked the behavior of Kommander scripts for KDE. Clicking on one may offer to open them with the Kommander script interpreter.]
But even if you open an attachment with malicious code, it is running as your user, and no files can be modified other than your own. Conclusion: the virus can't spread on the system, and it can't infect system files. The worst it can do is replicate itself (poorly) to the user's files and
maybe other people in the user's address book. It can't install itself as a system service, install a key-stroke logger, or other such malicious behavior.
Note: If you have scripts in your home directory which you run as administrator, make sure they're owned by administrator and not by you. Hmm...need to check my ~/bin. But then again, if you have scripts in your home directory that you run as administrator, it probably means they are custom scripts that would be very hard to write viruses for anyway.
So, it all comes down to security and how it is enforced. If Microsoft wants a secure system, they should write an emulator for backwards compatibility, throw away Windows, and start from the ground up to design and write a secure operating system.
