Tuesday, April 18, 2006

The advent of the mount virus

I had previously wondered whether the large number of Linux-Windows dual boot systems would attract viruses that can propagate between the two operating systems (OS), making a relatively secure OS (e.g. Linux, if up to date with security patches) insecure by association with an insecure OS (e.g. Windows, even if up to date with security patches).

Gartner last week published an advisory stating that Mac OS X is at no additional risk from viruses through dual booting. While it is correct that current Windows viruses cannot infect Mac OS X on a dual boot system, it is also true that there are a lot of open code bases that include a plethora of file system drivers that could be ported to Windows by ambitious virus authors. It is also true that an OS can usually be identified by the file system it's on, for historical reasons not worth going into.

The best advice, as always, is to use your insecure OS (yes, Windows) only on virtual machines.

Update 25/04/2006:
Looks like we may be skipping the dual boot virus stage and heading straight for VM rootkits. This seems to be in line with rumours that Apple's next operating system release will have a virtual machine to run Windows and Linux operating systems as guests, included.

Update 02/05/2006:
Finally someone hears me.

Update 11/10/2006:
Link - link - somewhat related topic

No comments: