Linux Virus?

[thepwnerofnoobs]

If I were to somehow pick up a Windows virus using Linux in an Ubuntu / Windows dual boot, could the virus spread from my Linux partition into my Windows partition?

Any answer appreciated,
Daniel

 

[Ijack]

Theoretically - yes. Practically - highly (very highly) unlikely.

To expand slightly. If your Ubuntu installation has access to your Windows partition (which it probably does) then there is a remote possibility that a virus could be stored on that partition. And once it is on the partition there is an even more remote possibility that it could be activated when in Windows.

But you run anti-virus on your Windows, don't you? That ought to catch it.

 

[thepwnerofnoobs]

Thanks for the quick reply!

 

[Ijack]

Quick - but was it accurate? Wait to see what a few more knowledgeable people think.

 

[MU_Engineer]

If I were to somehow pick up a Windows virus using Linux in an Ubuntu / Windows dual boot, could the virus spread from my Linux partition into my Windows partition?

Any answer appreciated,
Daniel

This could happen, but it is not very likely because the normal way of becoming infected (encountering a virus that is immediately executed) cannot happen in Linux as Linux cannot automatically execute Windows executable files. You write to your Windows partition or a shared Windows-format partition while in Ubuntu and the virus file gets transferred to that partition in the process. You then have to execute the virus when you are in Windows to get infected- you have to open the infected file to become infected, if the infected file just sits there, it does nothing. This is probably the most likely way for this kind of an infection to happen, but I would say it's not likely you'll do more than set off your antivirus program in Windows and quarantine/delete the virus without any damage being done.

I wouldn't really worry about transferring an infection in this manner as most Windows viruses appear to Linux in a pretty comical manner. Drive-by infections pop up a window that says something like "Do you want to open or save the file $SOME_SKETCHY_NAME.exe?" Windows network worms can't touch Linux as they are looking for services that don't exist on ports that are closed, so you never even see them unless you're running a port sniffer and logging network traffic.

 

[audiovoodoo]

Whilst I generally agree with the previous replies let's not get to complacent. There is nothing to stop somebody exploiting a browser flaw to copy a file to a mounted Windows partition. As such a Windows system could become infected via a Linux connection, normally at the first boot following the introduction of the rouge file.

With the proliferation of systems such as ASUS use with the instant on OS then I think it's only a matter of time before people get more creative. As I say, the previous answers are correct but it could be done if people found the motivation.

 

[Ijack]

That's, sort of, what I was getting at. But, at the moment, I don't see the dual-boot market as being popular enough to attract the bad guys. I worry more about the complacent OS X users who assert that malware can't affect their OS (or Linux users who think the same).

 

[audiovoodoo]

It will come, the path is not to dissimilar to the ones that the VM viri will take. I'll put a pint of Theakstons on there being a Proof Of Concept before the summer is out.

 

[TegGhola]

On my box (Ubuntu) the Win partitions are not mounted by default, and require authentication to mount. So malware would have to at least trick you into providing authorisation before it could modify the Windows partitions.

Having said that, I only use Windows for gaming now. It's not worthy of real work.

 

[audiovoodoo]

A piece of malicious code would not require authentication as there is no way to set the security on the NTFS disc to do so. Your taking sensible steps but it's still not 100%. Yes, I am taking it to the paranoia level but people do need to think about these things.