Wine a virus that is effected Windows( or both windows and linux) in Linux ( no other OS installed in the system ), will it effect Wine file or Linux file? Or both of them don’t get hurt?
On 04/24/2013 01:36 PM, aususe wrote:
>
> Wine a virus that is effected Windows( or both windows and linux) in
> Linux ( no other OS installed in the system ), will it effect Wine file
> or Linux file? Or both of them don’t get hurt?
very difficult to understand your question…try again…
but, there are no Linux viruses in the wild…
there is plenty of rootkits but no viruses
security is a big topic…i practice lots of things every day to make
my system safe–none of those things are worrying about Windows viruses.
well…i do not have WINE installed.
–
dd
I recall 5 years or more years back, a user tested Wine to see if he could infect the applications on it with a Virus. He failed in all attempts except one, and the one attempt where he succeeded in having the virus install, it failed in its intended disruptive function (it did something else instead) and it was not able to propagate.
That was many years back. Its possible with the improvements in wine (making it run more MS-Windows apps) and the improvements in Virus, that it may be more possible today for an MS-Windows app running under wine to catch a Virus. But that is speculation on my part and I have no evidence to support that speculation.
Wine= windows emulator for Linux. There is a very remote chance that windows virus will try exploit wine.
On Wed, 24 Apr 2013 11:36:01 +0000, aususe wrote:
> Wine a virus that is effected Windows( or both windows and linux) in
> Linux ( no other OS installed in the system ), will it effect Wine file
> or Linux file? Or both of them don’t get hurt?
Just like any application on WINE, it depends on how it’s implemented.
If it uses Windows APIs that aren’t implemented, no, it won’t work.
If it uses low-level DOS APIs (which used to be common), then no, it
probably won’t work because that’s not emulated in the WINE APIs (as far
as I know).
Why do you ask?
Jim
–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
On Wed, 24 Apr 2013 17:56:02 +0000, vazhavandan wrote:
> Wine= windows emulator for Linux.
WINE = “Wine Is Not an Emulator”. That’s the official WINE definition.
WINE is an implementation of the win32 APIs. It doesn’t emulate
Windows. It implements Windows APIs.
Jim
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
Technically emulator may mean a virtual machine but
Artha/wordnet says
emulator ~ noun very rare
- someone who copies the words or behavior of another
So in a sense it behaves like windows for the software which work on top of it. It is a emulator for me. Then again ,i might be wrong;)
Am 24.04.2013 20:36, schrieb vazhavandan:
> Technically emulator may mean a virtual machine but Artha/wordnet
> says QUOTE] emulator ~ noun very rare 1. someone who copies the
> words or behavior of another So in a sense it behaves like windows
> for the software which work on top of it. It is a emulator for me.
> Then again ,i might be wrong;)
>
I think the “wine = wine is not an emulator” is the same kind of joke as
“lame - lame ain’t an mp3 encoder” while it is exactly that.
On the topic, I think one of the most important reasons a normal windows
virus does not work is that there are no classical windows system files,
no windows services and nothing which run’s as administrator. So a lot
of infrastructure viruses depend upon is simply missing in wine.
–
PC: oS 12.3 x86_64 | i7-2600@3.40GHz | 16GB | KDE 4.10.2 | GTX 650 Ti
ThinkPad E320: oS 12.3 x86_64 | i3@2.30GHz | 8GB | KDE 4.10.2 | HD 3000
HannsBook: oS 12.3 x86_64 | SU4100@1.3GHz | 2GB | KDE 4.10.2 | GMA4500
On 04/24/2013 08:36 PM, vazhavandan wrote:
> i might be wrong;)
might be?
Wine Is Not an Emulator
read more: http://en.wikipedia.org/wiki/Wine_(software)
where you will find your answer used to be correct, almost:
instead of “Wine= windows emulator for Linux” it was:
an acronym for WINdows Emulator.
and, also you can read about why it is not an emulator…
–
dd
On Wed, 24 Apr 2013 18:36:02 +0000, vazhavandan wrote:
> Technically emulator may mean a virtual machine but Artha/wordnet says
> QUOTE]
> emulator ~ noun very rare 1. someone who copies the words or behavior
> of another So in a sense it behaves like windows for the software which
> work on top of it. It is a emulator for me. Then again ,i might be
> wrong;)
Well, I’d be inclined to say that you are wrong, because the WINE team
insists that they aren’t an emulator, they’re an API implementation
layer. I think they get to make that distinction. 
Jim
–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
On Wed, 24 Apr 2013 22:55:07 +0000, Jim Henderson wrote:
> On Wed, 24 Apr 2013 18:36:02 +0000, vazhavandan wrote:
>
>> Technically emulator may mean a virtual machine but Artha/wordnet says
>> QUOTE]
>> emulator ~ noun very rare 1. someone who copies the words or
>> behavior of another So in a sense it behaves like windows for the
>> software which work on top of it. It is a emulator for me. Then again
>> ,i might be wrong;)
>
> Well, I’d be inclined to say that you are wrong, because the WINE team
> insists that they aren’t an emulator, they’re an API implementation
> layer. I think they get to make that distinction.
They have a FAQ about it that’s a little more nuanced:
http://wiki.winehq.org/FAQ#head-c9e6502ad636315e905d07f7e44594757a6738e3
Jim
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
@ jim-thanks for the link. As @martin_helm rightly pointed out it is supposed to be a pun similar to lame.
They do say that it is more than an emulator.
“Thinking of Wine as just an emulator is really forgetting about the other things it is”
On Thu, 25 Apr 2013 01:26:03 +0000, vazhavandan wrote:
> @ jim-thanks for the link. As @martin_helm rightly pointed out it is
> supposed to be a pun similar to lame.
> They do say that it is more than an emulator.
Well, they say that it’s not an emulator the way, say, MAME is an
emulator. They refer to it as “not an emulator” because it doesn’t do
hardware emulation, it just provides a compatibility or API layer.
That’s not really emulation any more than linking to libstdc++ is Linux
emulation.
Jim
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
On 2013-04-25 06:41, Jim Henderson wrote:
> On Thu, 25 Apr 2013 01:26:03 +0000, vazhavandan wrote:
>
>> @ jim-thanks for the link. As @martin_helm rightly pointed out it is
>> supposed to be a pun similar to lame.
>> They do say that it is more than an emulator.
>
> Well, they say that it’s not an emulator the way, say, MAME is an
> emulator. They refer to it as “not an emulator” because it doesn’t do
> hardware emulation, it just provides a compatibility or API layer.
> That’s not really emulation any more than linking to libstdc++ is Linux
> emulation.
You can also create native Linux applications (ELF binaries) that call
mostly the wine libraries instead of Linux libraries. This makes for
faster migration of Windows applications to Linux, you don’t have to
extensively modify the application.
–
Cheers / Saludos,
Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)
Further to this, I note the wine wiki has this to say on the subject:
Because of Wine’s ability to run Windows binary code, concerns have been raised over native Windows viruses and malware affecting Unix-like operating systems.[61]](https://forums.opensuse.org/#cite_note-61) Wine can run most malware, but programs running in Wine are confined to the current user’s privileges, restricting some undesirable consequences. For this reason the developers of Wine recommend never running it as the superuser.[62]](https://forums.opensuse.org/#cite_note-62) Malware research software such as ZeroWine[63]](https://forums.opensuse.org/#cite_note-63) runs Wine on Linux in a virtual machine, to keep the malware completely isolated from the host system.
Note the project Zero Wine where:
Zero Wine is an open source (GPL v2) research project to dynamically analyze the behavior of malware. Zero wine just runs the malware using WINE in a safe virtual sandbox (in an isolated environment) collecting information about the APIs called by the program.
The output generated by wine (using the debug environment variable WINEDEBUG) are the API calls used by the malware (and the values used by it, of course). With this information, analyzing malware’s behavior turns out to be very easy.
From what I have read, Zero wine is not a nominal wine version, but rather it is a version of wine enhanced in a DELIBERATE effort to try and help virus run easier … 
Despite that effort, there are problems with Zero wine … for example according to the wiki:
Zero wine runs malware quite well overall, however, it has problems with various packers (in example, wine fails almost always with PE programs packed with Armadillo) and sometimes you will get no data for both “Report” and “Signature” sections. Anyway, the “Headers” and “Strings” report’s sections will appear giving you interesting information about the binary (although not the behavior of the malware).
in case one wants to try this at home … ??? … then note the cautions:
First of all, remember, RUNNING MALWARE IN YOUR COMPUTER IS ALWAYS A BAD IDEA. You must isolate the virtual machine (or the real hardware box) from the real world when possible. Sometimes it’s mandatory to allow the malware to connect to the real world, however, you might be attacking other people.
And, what is more important, remember, a malware written to escape the WINE sandbox will escape (even when the WINE’s sandbox is configured with only the C: drive) and it might affect your network, your real machines.
Maybe the OP wanted to know how he could possibly create a virus that runs in Wine…
Nowadays everything is possible. I would already be happy if I could run the few applications that I would like to run in wine. But they never worked well.
On 2013-04-25 14:06, stakanov wrote:
> Nowadays everything is possible. I would already be happy if I could
> run the few applications that I would like to run in wine. But they
> never worked well.
Same here…
–
Cheers / Saludos,
Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)
> Wine a virus that is effected Windows( or both windows and linux) in
> Linux ( no other OS installed in the system ), will it effect Wine file
> or Linux file? Or both of them don’t get hurt?
>
As Wine can barely run the programs it’s designed for…I wouldn’t worry
about it. If it were me I’d run something like VMware Workstation in Unity
mode, you get better results. I’ve supported Crossover for years but it
has never achieved what I’d hoped. VMware gets closer at least. If you can’t
afford VMware or have religious zeal against commercial software, KVM or
virtualbox might suit the bill and will deliver the sandboxing to keep you
safer…not safe…safer. You still have to worry about Windows.
On Thu, 25 Apr 2013 15:22:43 +0000, GofBorg wrote:
> As Wine can barely run the programs it’s designed for
Many programs run just fine. FWIW.
But I do tend to use VirtualBox rather than WINE.
Jim
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
On 2013-04-25 17:22, GofBorg wrote:
> As Wine can barely run the programs it’s designed for…I wouldn’t worry
> about it. If it were me I’d run something like VMware Workstation in Unity
> mode, you get better results. I’ve supported Crossover for years but it
> has never achieved what I’d hoped. VMware gets closer at least.
The problem with both vmware and virtualbox is that you need a Windows
license. Wine does not.
Ah, instead of vmware workstation the player option is a very viable
option, and gratis.
–
Cheers / Saludos,
Carlos E. R.
(from 12.1 x86_64 “Asparagus” at Telcontar)