Home > News content

"Eternal blue" sweeping across the globe, is it safe to replace Windows with Linux?

via:驱动之家     time:2017/5/15 11:30:49     readed:1472

The day before, the "eternal blue" swept the world, 90 countries have already attacked. Domestic education network was attacked hardest hit areas. However,Many computers that install Linux versions of operating systems and Apple computers have escaped while computers that install relatively old versions of Windows have been attacked.

Many netizens have expressed their gratitude on the Internet and praised the safety of Linux or apple. But in fact, it is not that these operating systems technically have significantly higher than Windows security, but hackers did not specifically attack it.

“永恒之蓝”席卷全球“永恒之蓝”席卷全球 用linux取代Windows就安全了吗?

China is the worst hit area of the virus

The armory is from the National Security Agency

The eternal blue sweep across the globe, in fact, the use of Microsoft's MS17-010 vulnerability. MS17-010 is one of the underlying services vulnerabilities in Windows systems that can affect 445 ports through this vulnerability. The hacker is through the 445 port scan open on the network, then the worm attack was implanted by control of the computer, the computer will be to scan the other computer, and ultimately to Domino the way to infect other computer.

The extortion virus sweeping the world, in fact, and the U.S. national security agency can not afford. MS17-010 was originally the U.S. National Security Agency (NSA)'s organization formula group, the Queen's 0Day vulnerability. Speaking of "the equation group" many people may feel strange, but speaking of the use of "earthquake network virus to destroy Iran's nuclear facilities, I am afraid that many people have heard of, and this event is considered" the equation group ".

Last year, a group of secret agents, known as shadow brokers, successfully hacked the formula group and leaked a large number of "formula group" hacking tools. After that, the shadow broker not only free to disclose to some people some of the hacker tools and data. It also claims that these "best documents" will be obtained via Internet auctions and will publish more tools and data if they receive 1 million bitcoins.

And this global large-scale hacker attacks, and the U.S. National Security Agency, national hacking tools can not escape the relationship. Moreover, the "shadow broker" obtained from the equation organization, some of the hacker tool name and Snowden published content coincide. As a result, it can be inferred that the NSA or US cyber warfare forces are likely to have been using Microsoft or some other technology company vulnerabilities to gather intelligence around the world.

Intel chips also exist high-risk vulnerabilities, ten years without changing the situation

The Intel chip has a microprocessor independent of the CPU and operating system called IntelManagementEngine, or ME for short. ME is an independent system different from the CPU, itself is actually a lot of firmware code to achieve the function, the key is ME which is used for remote management function, it can not be manipulated by the user computer remote management of enterprise. And in which there are high-risk security vulnerabilities, the attacker can use this vulnerability to carry out remote control of Intel's product system.

"(ME) it's not a secret," one insider said. When doing Bios 10 years ago (ME), Bios code to do after use to Intel ME tools to Bios and ME firmware packaged together, then burned into the Bios chip, the ME firmware has 4 megabytes big, Bios is only 2 Mb...... (ME) vulnerability has been there, people can find the leak hole research".

For ME vulnerabilities, foreign technology exposure website Semiaccurate said: 5 years ago began to Intel to carry out this vulnerability, Intel company 10 years to this vulnerability disdain.

The Semiaccurate website in the article also suggested that Intel deliberately left the back door in the chip: Although Intel ME has many officials, but ME technology Intel has been reluctant to talk about the topic, because no one really knows the true purpose of the technology, and whether it can be completely disabled.

In this month at the beginning of the month, Intel company said: vulnerability all Intel enterprise server and integrated utilization technology, relates to the version number is 6.x, 7.x, 8.x, 9.x, 10.x, 11.5, and 11.6 series of products all firmware. This means that Intel's firmware chip has been affected for almost ten years.

Intel company has said publicly that the firmware chip in recent ten years are high level security vulnerabilities, active behavior is not spontaneous, but because of the end of March 2017, security researcher Maksim submitted the vulnerability, confirmed the existence of security risks.

In purely technical terms, replacing Windows with Linux may not be safer

Thus, whether it is Microsoft's operating system, or Intel's CPU, there are security risks. What's more, the NSA has a series of hacking tools that exploit Microsoft's operating system vulnerabilities. Intel accepted the vulnerability feedback 5 years ago, has been dismissive of the practice is also quite suspense, so that Semiaccurate web site in its article also hinted that Intel deliberately left behind the door in the chip.

“永恒之蓝”席卷全球“永恒之蓝”席卷全球 用linux取代Windows就安全了吗?

The author thinks, should look dialectically.

Purely technically, there are two reasons for software or hardware vulnerabilities: intentionally leaving the back door, or inadvertent loss in the development process, resulting in loopholes.Whether it's software or hardware, as long as the code is written by humans, it's not realistic to have no loopholes in terms of the complexity of the current software and hardware. In other words, even if it is entirely their own development of chips and operating systems, may not be able to protect the existence of loopholes.

As far as the Linux derivative operating system is concerned, this has helped many users escape,Just because hackers didn't attack Linux specifically. After all, compared with Windows users, the real Linux attacks will be less valuable, and the vigilance and technical level of Linux users is generally higher than that of Windows users.

And Apple's situation is similar, because it is too small, so that hackers really attack it, gains are much lower than the proceeds for Windows attacks. Just like when Android just started, very small minority, the virus is very few, but after Android has been popularized, each kind of virus also developed immediately. Apple has not been attacked this time (except for users who install WIN7), more because of niche rather than security over Windows.

Security is always relative, not absolute. True security is a matter of fact, if the domestic operating system development ability, technical team with strong technical expertise in Microsoft, then the domestic Linux operating system will be better than Microsoft, but if the domestic team in technology and Microsoft have a larger gap, so, windows operating system is the strongest anti attack.

Given the gap between China's information technology and the United States today, replacing Windows with Linux may not be technically secure.

China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments