[aklug] Re: Interesting article on malware for linux

From: Christopher Howard <choward@indicium.us>
Date: Thu Jul 16 2009 - 10:32:07 AKDT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Shane Spencer wrote:
> I'm having a hard time understanding why Gnome or KDE is at fault any
> of the listed malicious methods.
>
> If your computer is plugged into a network and a user is allowed to
> access it.. it is insecure.
>
> You can tighten it up and make it unusable for general purpose
> computing.. but for the majority that isn't a solution. You're wide
> open once you install any Linux distribution, even if you enabled the
> firewall during the install you can still make outbound network
> requests that do malicious things to your system. You can still
> install software that does idiotic things to your computer. Etc..
> That's why I prefer using debian/ubuntu and have a lot of faith that
> the packages I get aren't going to completely pwn my system.. and more
> faith that the md5sum signature for each package will keep me from
> installing man in the middle softwarez. Which it does. Linux..
> Windows.. Solaris.. you name it.. each operating system seems to be
> incredibly susceptible to the whims of the end user. :)
>
> - Shane
>
> On Wed, Jul 15, 2009 at 10:21 PM, Christopher Howard<choward@indicium.us> wrote:
>> James Tweet wrote:
>>> http://www.geekzone.co.nz/foobar/6229
>>>
>>>
>>>
>>> ---------
>>> To unsubscribe, send email to <aklug-request@aklug.org>
>>> with 'unsubscribe' in the message body.
>>>
>>
>> Thanks - another reason to hate Gnome and KDE.
>>
>> My solution to the crisis: Install Xfce, get rid of those stupid desktop
>> icons, and open all files from within a program or from the command line.
>>
>> --
>> Christopher Howard
>> http://indicium.us
>> http://theologia.indicium.us
>>
>> I digitally sign /all/ of my e-mails via PGP. If you receive any e-mails
>> supposedly from me without my valid PGP signature, please take
>> additional steps to verify the authenticity of the message.
>> ---------
>> To unsubscribe, send email to <aklug-request@aklug.org>
>> with 'unsubscribe' in the message body.
>>
>>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>

Like you say, if a user is determined or stupid enough, he can
eventually make some part of his system a victim of malware.

I think the author of the article didn't take quite a broad enough
perspective on this issue. We have always told people "Linux doesn't
need anti-virus software" not because it was completely impossible for a
user to make the system vulnerable, but because in Linux it is fairly
easy to make your system practically impenetrable if you only follow a
few simple precautions. For example, only install software from your
official repo, open downloaded files from within the appropriate
program, etc.

In Windows, however, it is a different environment. Virtually none of
the software you install can be trusted because it either comes from a
company that won't let you look at the source code or from a
malware-infested freeware site. And there have been vulnerabilities in
the mainstream software that make it dangerous to do mundane activities,
vulnerabilities which often only receive attention after the first wave
of victims. (Anyone remember the wmv trojan?
http://seclists.org/bugtraq/2005/Jan/0130.html)

- --
http://indicium.us
http://theologia.indicium.us
I sign /all/ my e-mail messages via PGP. If you receive any e-mail
supposedly from me without my valid PGP digital signature, please take
additional steps to verify the authenticity of the message.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkpfcicACgkQQ5FLNdi0BcXz5gCfTlIb5X44yx9rVptVdaBRNMZA
EdIAniA2qQWdDrI7A6ijuU4j3grnouS2
=7t/Y
-----END PGP SIGNATURE-----
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Thu Jul 16 10:32:38 2009

This archive was generated by hypermail 2.1.8 : Thu Jul 16 2009 - 10:32:38 AKDT