×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Ask Slashdot: Is GNU/Linux Malware a Real Threat?

timothy posted about a year ago | from the send-you-this-file-in-order-to-have-your-advice dept.

GNU is Not Unix 252

New submitter m.alessandrini writes "I've been using Debian for a long time, and I'm not a novice at all; I install system updates almost daily, I avoid risky behaviors on Internet, and like all Linux users I always felt safe. Yesterday my webcam suddenly turned on, and turned off after several minutes. I'm pretty sure it was nothing serious, but I started thinking about malware. At work I use noscript and other tools, but at home I have a more relaxed browser to be used by other family members, too. Here I'm not talking about rootkits or privilege escalation (I trust Debian), I think more of normal user compromise. For example, these days much malware come from malicious scripts in sites, even in advertising banners inside trusted sites, and this is more 'cross-platform' than normal viruses. So, what about non-root user malware? How much could this be real? And how can you diagnose it?"

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

252 comments

someone's spying on you (5, Insightful)

Anonymous Coward | about a year ago | (#43865453)

Your webcam turned on, then off, and you didn't ask it to? I think you need to figure out what happened first.

Re:someone's spying on you (4, Insightful)

0racle (667029) | about a year ago | (#43865731)

You know it was more likely a misbehaving application polling the webcam and not anything nefarious right? As another poster said, Flash is probably a leading culprit.

Re:someone's spying on you (2)

buchner.johannes (1139593) | about a year ago | (#43866161)

Flash applications have to be given the right to access the Webcam. You can rightclick in a flash thing and go to Settings / Global Settings and look at the privileges per site, or generally deny it (by default: ask for each domain).

Re:someone's spying on you (1)

tick-tock-atona (1145909) | about a year ago | (#43866825)

I'm sure a flash exploit (of which dozens are disclosed every year) is not going to obey some checkbox you've clicked in the settings.

Re:someone's spying on you (-1)

Anonymous Coward | about a year ago | (#43866237)

i have seen firefox get compromized and used for months never spreading to the rest of the system.. albeit on windows. without noscript. its not my machine or it wouldn't have a problem. i've seen freebsd get hacked on a machine with a 163 day uptime. due to unpatched vulnerabilities.
lets stop pretending computers are secure. they are not. if you want a system secure there are draw backs you have to deal with. if you want a system that is secure you have to do a lot of things that take a lot of effort. it's called hardening your computer. if you play fancy games on a computer you may as well call it compromised by the aggressive drm malware. that is looking for other games that aren't paid for or for certain pirating tools, and if they find them the software calls home in plain text where mitm attacks (government surveillance too) allow malware vendors to hack the machines if they weren't already hacked. it's scary connecting to the internet. okay so now you don't let people install games, this ruins the point of a very highend part of the market who essentially are compromised from the get go. i have to sweep my machine for malware every 2 weeks and i am behind a firewall or two and install games legal editions only and don't download anything other than linux iso's for the most part. now assuming your computer is behind a firewall isn't vulnerable from games and every program is in house certified by an expert. good start, users can then be trusted to no installing and using email that won't run attachments or scripts and scans for macro viruses. great then you only have backdoors and unpatched vulnerabilities assuming you remove those with in house team, that means you need open source, so you can maybe use mac os but probably are using linux, windows source code is only seen by a select group of university elites thanks to anti trust to look for anti trust issues in the code base. other than that you can rule out windows simply for not being secure. and even then you still need a active team doing all the work, keeping systems running securely. luckily most of android is open source even if it lags behind so it can be hardened and walled. anyways where was i oh yeah real security costs real money, vms are useful for people who have to let in unsecure users. but security is all about prevention and monitoring. there are problems in windows that can't be prevented but can be monitored. so basically you have to use promiscuous mode in kernel and save all data through secured open source machines and nail the vms that get corrupted by incompetence on the end user part and yes most end users are like 'i just want it to work' they don't want to know why, they want to know how to do their job that provides them with the good money they love to have access to. a sysadmin should have a plan for idiocy on their nets. otherwise you're screwed.

Re: someone's spying on you (3, Funny)

Anonymous Coward | about a year ago | (#43866381)

Please, save up your money so you can buy a line feed or a paragraph tag.

Re:someone's spying on you (3, Funny)

hobarrera (2008506) | about a year ago | (#43866251)

I avoid risky behaviors on Internet

I don't think op has flash installed.

[...]turned on, and turned off after several minutes[...]

Even so, polling a webcam is a few seconds at most, not minutes.

Re:someone's spying on you (2)

gagol (583737) | about a year ago | (#43865905)

I use electrical tape... nice and clean and assure me nobody is going to take a snapshot of me in underwear! Oh, I don't do video conference much...

Yes. (-1)

Anonymous Coward | about a year ago | (#43865455)

Yes.

Re:Yes. (1)

crutchy (1949900) | about a year ago | (#43866657)

linux is more a target for hackers, not malware because of all the hobby web servers out there that aren't secured properly. it's been proven beyond reasonable doubt that linux can be infected but without intervention from the user either directly (clicking/installing something while logged in as root) or by deliberately disabling default security measures, viruses can't automatically propagate, which defeats the purpose of infection in the first place.

if you're worried about non-root malware, maybe do a fresh install of debian and then after you get yourself set up as a non-root user (preferences and stuff) make a copy of your home directory to a backup location, set write permissions to root only, and then make a little script that you can run in single user mode either if you think you're compromised or maybe even every 6 months just for good measure, that deletes home directory config files (not documents), copies config files from the backup and changes write permissions back to non-root.

on the other hand, if it doesn't really cause any problems (performance or intrusive behavior) maybe don't bother with it. occasionally when i cold boot i have to unplug and plugin my usb keyboard or mouse, and for some reason i have to unmount a usb stick twice. it might be a software/config problem or it might be my mobo. when it really bothers me i might google how to fix it.

Preinfected (4, Funny)

Anonymous Coward | about a year ago | (#43865459)

It would help if the manufacturers would preinfect their software so we could stop worry about "if" we are infected and move towards just accepting it.
*Disclaimer: I in no way work for, represent, or contract for Sony. (Sorry Sony lawyers made me add the preceding text.)

Re:Preinfected (4, Informative)

CheshireDragon (1183095) | about a year ago | (#43865937)

It would help if the manufacturers would preinfect their software so we could stop worry about "if" we are infected and move towards just accepting it.

This is actually happening with phones now. just read some of the permissions of Facebook, Chrome, Firefox and a few others. They can take a photo or record audio without your permission.

Re:Preinfected (1)

BobPaul (710574) | about a year ago | (#43866861)

Android has no API for "take_a_photo_with_permission()", there's just stuff to access the camera. It definitely makes sense why facebook app might need access to the camera: it clearly supports taking photos directly, and that's something users want. I'm not sure about Firefox or Chrome, but maybe flash runs within the brower's security context, so the browser would need permission to access the camera if flash was going to?

I highly doubt facebook, chrome, and firefox are using the camera without our knowledge. That said, the permission system on android could be improved to ensure this doesn't happen. Google has alread said they don't want to do that, though.

lsof is your friend (1)

Anonymous Coward | about a year ago | (#43865461)

You're using Debian and didn't look to see what's using the /dev/ entry?

Not as real a threat as on Microsoft Windows (-1)

Anonymous Coward | about a year ago | (#43865473)

Just take a look at the numbers. See how many Microsoft Windows only malware "products" come out each day, and then compare that to other platforms. Make your own decision as to how "real" the threat is.

Re:Not as real a threat as on Microsoft Windows (0)

Anonymous Coward | about a year ago | (#43865899)

Just take a look at the numbers. See how many Microsoft Windows only malware "products" come out each day, and then compare that to other platforms. Make your own decision as to how "real" the threat is.

You don't need many malware products if the user base don't take it seriously. It wasn't Debian, but since you mention "other platforms" - the single biggest malware epidemic in modern times was Mac Flashback, infecting as much as 1% of the OS-X user base (beating Windows Conficker for the honor [pcworld.com], at 0.7% of user base infected).

Re:Not as real a threat as on Microsoft Windows (0)

Anonymous Coward | about a year ago | (#43866369)

Speaking of Flashback, it also targeted the Java plug-in on Linux and nailed a few of them too. Disable your Java, Linuxtards.

Don't worry (4, Insightful)

Black Parrot (19622) | about a year ago | (#43865487)

It was just Skynet checking out what you were up to. Or maybe the ATF. Or Russian Mafia. Or...

As for security, ~5 years ago read someone's account of watching while someone on the internet installed a root kit on his Linux box in a matter of minutes.

Presumably some platforms/applications are less likely to be compromised than others, but the safest assumption is that everything is compromised, or would be if the experts wanted it.

Re:Don't worry (1)

Anonymous Coward | about a year ago | (#43865561)

How was the rootkit installed? Can you please elaborate on what security failures were involved?

Re:Don't worry (5, Funny)

Anonymous Coward | about a year ago | (#43865747)


luser$ sudo apt-get install rootkit

Re:Don't worry (4, Informative)

Anonymous Coward | about a year ago | (#43866043)

How was the rootkit installed? Can you please elaborate on what security failures were involved?

Not sure if you are looking for how he did it, or indirectly doubting the story, but in case this is in doubt - there are plenty of Linux rootkits.

http://blog.sucuri.net/2013/02/linux-based-sshd-rootkit-floating-the-interwebs.html [sucuri.net]
http://www.securelist.com/en/blog/208193935/New_64_bit_Linux_Rootkit_Doing_iFrame_Injections [securelist.com]
http://arstechnica.com/security/2012/11/new-linux-rootkit-exploits-web-servers-to-attack-visitors/ [arstechnica.com]
http://packetstormsecurity.com/UNIX/penetration/rootkits/ [packetstormsecurity.com]
http://www.slideshare.net/AndrewCase/omfw-2012-analyzing-linux-kernel-rootkits-with-volatlity [slideshare.net]

list could go on for quite a while..

Re:Don't worry (0)

Anonymous Coward | about a year ago | (#43866829)

Next question would then be: Would running BSD be any better?

Malware (1)

BootSpooge (61137) | about a year ago | (#43865495)

That's not an O.S. issue. If anything it is an app issue.

Re:Malware (0)

Anonymous Coward | about a year ago | (#43865645)

And by 'app' you mean 'software'.

Re:Malware (0)

Anonymous Coward | about a year ago | (#43865667)

Unless the OS is Windows, then it's an OS issue.

It is an OS issue too (2)

betterunixthanunix (980855) | about a year ago | (#43866527)

If an infected application can affect other applications, it is an OS issue. Your infected web browser should not be able to read your GPG keys, but right now most GNU/Linux distros do nothing to stop that from happening.

Do you deal with customers? (5, Informative)

Doug Otto (2821601) | about a year ago | (#43865517)

When I ran Linux on my laptop for work I always ran some form of AV. I really wasn't concerned about my own machine being compromised. The scenario that bothered me was the potential for a client to send me an infected file which could get forwarded to another customer. Do to the nature of our business, at the time, that would've been rather embarrassing.

Webcam (-1, Troll)

Anonymous Coward | about a year ago | (#43865519)

It's linux, expect it to fuck up often when it comes to device drivers.

Define "real" (0)

Anonymous Coward | about a year ago | (#43865525)

Getting struck by lightning is real. Worrying about/preparing for it very much is silly. Draw your own conclusions about how this applies to malware on a Linux machine that's kept up-to-date and the user avoids risky behaviors.

For lightning, make a will, and you're covered. For Linux, make backups, and you're covered.

Re:Define "real" (5, Interesting)

VortexCortex (1117377) | about a year ago | (#43865727)

Getting struck by lightning is real. Worrying about/preparing for it very much is silly. Draw your own conclusions about how this applies to malware on a Linux machine that's kept up-to-date and the user avoids risky behaviors.

For lightning, make a will, and you're covered. For Linux, make backups, and you're covered.

My home has a lightning rod. So do all the tall buildings downtown. I have UPS and surge protectors, and even surge arresting breakers in my home's electric service panel. It's not just worrying over lightning, it's also worrying over accidental electrocution (all circuits are GFCI protected in some form, which has saved my bacon more than once); The power spikes and drops in this city are pretty bad. Every time it rains or the wind blows a bit we get little power hiccups. My home has been struck by lightning 3 times in the past 20 years. My neighbors behind me have had a tall pine tree struck, and the neighbors across the street showed up at my doorstep at 3am one morning after a particularly loud thunder clap -- The large china-berry tree in their front yard was struck and it fell over on their house.

Just like with Malware and any OS, there is far more you can do to prevent against lightning or electrical damage. I've never lost a system to power issues, and I have many. In addition to backups I use VMs -- Oops, virused a VM image, restore from snapshot -- It's like a backup, but smarter.

Re:Define "real" (0)

Anonymous Coward | about a year ago | (#43866293)

It's actually unsafe and poor form to protect all circuits with GFCI.

Cite: current NEC.

Re:Define "real" (1)

Anonymous Coward | about a year ago | (#43866337)

Getting struck by lightning is real. Worrying about/preparing for it very much is silly.

My home has a lightning rod. So do all the tall buildings downtown. I have UPS and surge protectors, and even surge arresting breakers in my home's electric service panel. It's not just worrying over lightning, it's also worrying over accidental electrocution (all circuits are GFCI protected in some form, which has saved my bacon more than once); The power spikes and drops in this city are pretty bad. Every time it rains or the wind blows a bit we get little power hiccups. My home has been struck by lightning 3 times in the past 20 years. My neighbors behind me have had a tall pine tree struck, and the neighbors across the street showed up at my doorstep at 3am one morning after a particularly loud thunder clap -- The large china-berry tree in their front yard was struck and it fell over on their house.

...and you inadvertently prove the OP's point. The reason getting struck by lightning is so rare is that, even when lightning actually strikes something, it almost always strikes something taller than you. A building, a tree, your house. But you? No. You were not struck by lightning, and neither were your neighbors. Your downtown is not full of people getting struck by lightning. Just some things in your area that are taller than humans, and that is all fairly normal. Good electrical grounding saves property damage and saves you from fires, but it doesn't prevent you from getting struck by lightning. It is beyond rare to get struck by lightning, just as the OP said, even for you, who apparently live in Lightningpalooza. And I'd say Linux malware in the situation described is rarer than that.

Re:Define "real" (1)

ebno-10db (1459097) | about a year ago | (#43866789)

My home has been struck by lightning 3 times in the past 20 years.

Do you live in central Florida? I understand that's "Lightning Alley". PITA electrically, but fun to watch.

Re:Define "real" (0)

Anonymous Coward | about a year ago | (#43866815)

My home has a lightning rod. So do all the tall buildings downtown.

Sounds like it's not enough, or perhaps they're not working effectively. Lightning rods bleed static charge, which should prevent lightning strikes [youtube.com]. The metal pole sunk into the ground may be badly corroded or the ground at the pole might be bone dry, either of those means your lightning rod [wikipedia.org] has stopped working.

Re:Define "real" (1)

BobPaul (710574) | about a year ago | (#43866893)

He said "get a will and you're covered". I don't think he was talking about losing a computer to lightning, but getting struck personally while you're walking around.

That said, there are things you can do for that, too... try not to be the tallest object during a thunderstorm (ex, don't be in a boat on the lake, don't be in the middle of a field, and don't hide under the tallest tree). As you point out, there are very few times when burying your head in the sand is the best move.

Re:Define "real" (-1)

Anonymous Coward | about a year ago | (#43866637)

Problem with Linux, there is no way to make a complete backup of the OS similar to Windows's wbadmin or AIX's mksysb. The best is to rebuild the box from scratch and untar the filesystems, or use a utility that is image based.

Once a Linux box is recoverable by just booting from a DVD and running a restore program that can restore the partitions, files, metadata, and other items, that will help a lot for being "enterprise grade".

GNU (-1)

Anonymous Coward | about a year ago | (#43865529)

Has anyone seen mike hunt?

Re:GNU (-1)

Anonymous Coward | about a year ago | (#43865647)

I have. Enormous and smells like death.

Re:GNU (0, Offtopic)

Anonymous Coward | about a year ago | (#43865799)

Has anyone seen mike hunt?

Yeah, right next to Uranus.

Nice deniability (0, Funny)

Anonymous Coward | about a year ago | (#43865565)

So you get GF / Wife vids of doing who knows what posted to the internet and you can now claim plausible deniability - smart move!

Linux's Biggest Threat is Human Engineering (2, Insightful)

Anonymous Coward | about a year ago | (#43865605)

Do not copy and paste commands into your terminal that you do not understand.

The vast majority of compromised Linux systems that I've dealt with have not been because of any malware or crazy hacking, they've been because people copied and pasted commands that gave attackers free access to their computer. I've seen fairly computer literate people open their systems right up because they had a bug, searched Google, and entered the first command they saw into their terminal.

Don't do it. Don't let your parents, friends, or whoever relies on you for tech support think that this is okay behavior. It's just as bad as launching random exe's in Windows.

Re:Linux's Biggest Threat is Human Engineering (2)

maxwell demon (590494) | about a year ago | (#43865861)

So you're saying adding the repository malware.org/debian and running sudo apt-get install rootkit was not a good idea? :-)

Re:Linux's Biggest Threat is Human Engineering (-1, Flamebait)

postbigbang (761081) | about a year ago | (#43865933)

Sudo, hell.

Most non-civilian Linux users run as root. They don't want no stinking user space hassles. They are coders. They are immortal.

Mod me as flamebait ONLY if you don't run as root consistently. And don't lie.

Re:Linux's Biggest Threat is Human Engineering (2)

h4rr4r (612664) | about a year ago | (#43866061)

I never do.
In fact we do not allow root to login via ssh.

Sounds like bad practices on that one. Developers should not have root access, normally they will just break something.

Re:Linux's Biggest Threat is Human Engineering (0)

Anonymous Coward | about a year ago | (#43866065)

fact... those who know use root

Re:Linux's Biggest Threat is Human Engineering (1)

interval1066 (668936) | about a year ago | (#43866835)

Most non-civilian Linux users run as root.

Dead wrong. Years ago, back in '06 I think, I had the unfortunate experience of working under a real penis who thought he knew better, until he accidentally deleted some system files and had to re-install. He poo-poo'd my notion of using su & sudo, but he didn't after his experience. I never log in as root, and I tell everyone I see doing it to knock it off.

Re:Linux's Biggest Threat is Human Engineering (1)

gagol (583737) | about a year ago | (#43866033)

Oh men! I just did that yesterday. Now my system is averaging 4.16 load. You think its related?

Re:Linux's Biggest Threat is Human Engineering (5, Informative)

Time_Ngler (564671) | about a year ago | (#43866037)

Also, do not ever copy and paste commands directly in your terminal from an untrusted website, even if you do understand them:

http://thejh.net/misc/website-terminal-copy-paste [thejh.net]

Re:Linux's Biggest Threat is Human Engineering (1)

Capt.DrumkenBum (1173011) | about a year ago | (#43866239)

Thanks for that.
I usually run them through a text editor, so I have a complete record of what I have done, I will do the religiously from now on.

It's easier to exploit. (-1)

Anonymous Coward | about a year ago | (#43865611)

I actually believe in general, from a strictly technical standpoint, that Linux is much easier to exploit than Windows. All of its internals are well understood, and there are more things one can do with shell access.

There is also a massive wide range of how secure a particular system is, based on settings and the OS of choice. Even in embedded devices, many have telnet/ssh hanging wide open allowing root access from the factory.

The primary reason Linux hasn't been a target is because of the relatively small and savvy user base of desktop Linux and that enterprise/server stuff tends to be more secure.

I'd worry about it a little, but bigger threats are things which target locked down Linux like Android.

Re:It's easier to exploit. (5, Insightful)

Nutria (679911) | about a year ago | (#43865713)

Linux is much easier to exploit than Windows. All of its internals are well understood, and there are more things one can do with shell access.

2003 is calling. They want their FUD back.

Re: It's easier to exploit. (3, Funny)

Anonymous Coward | about a year ago | (#43866451)

2003 is calling? Don't forget to warn them about Vista and Windows 8!

Re:It's easier to exploit. (1)

hermitdev (2792385) | about a year ago | (#43866599)

Not necessarily FUD. The original Google Android phone (the HTC G1) with stock firmware echoed all key presses on the home screen to a console running as root. Needless to say, made rooting the phone exceedingly simple. Start a telnet server, download a client from the app store, connect to localhost. See this for details. [xda-developers.com]

Re:It's easier to exploit. (0)

Anonymous Coward | about a year ago | (#43866423)

I actually believe in general, from a strictly technical standpoint, that Linux is much easier to exploit than Windows. All of its internals are well understood, and there are more things one can do with shell access.

Yes, but Windows keeps getting hit more often AND seemingly with more ease, without as good an understanding of how its internals work AND a less-powerful shell.

Say what you will about Windows being more popular and having a more savvy userbase. If, by your logic, Linux should be easier to exploit than Windows due to its internals being well-understood, then what does it say about Windows when it repeatedly gets exploited by people effectively firing at it blindly?

Re:It's easier to exploit. (4, Insightful)

mlts (1038732) | about a year ago | (#43866721)

That is what SELinux and AppArmor are for. They might not be 100% (as there were some kernel exploits that could be used to bypass those), but with proper policies in place, something getting UID 0 would be pretty limited in what it can accomplish.

OS X also has a similar mechanism in place.

Linux also has a bunch of different distributions. A bug that causes SSL keys to be very weak in Ubuntu is not going to affect RedHat systems.

This doesn't mean Linux is worry-free, but it is more secure than people think. To cite an anecdotal example, the proof is in the pudding -- look at all the amateurish Apache servers and LAMP stacks out there. If Linux had major issues in general, there would be major screaming on almost every forum how insecure the OS is.

Um, duh. (0)

Anonymous Coward | about a year ago | (#43865619)

So, what about non-root user malware?

There's your answer. And non-root user malware can become root-user malware by just adding a cron entry for itself to download the latest 'sploit code and having it run the exploit before you get a chance to reboot to finish a kernel update (or just in the hours before you run your daily updates).
We already know browsers are buggy. Mitigate your risk by running ad blocking software for your browser.

Yes. (0)

Anonymous Coward | about a year ago | (#43865635)

Yes. As strange as it is, a headline question can sometimes be answered with yes.

Linux was safer when it has both less market share and almost no users who download and run random things. As long as you have lots stupid people, they will be targeted.

There may also be major security issues in the code base (not just the user base), as well as the general design. I think there are major problems there, but even without those, there is clearly a threat here, because people do stupid things, and Linux isn't safe from that. Its actually pretty bad at defending itself from stupid users, since it empowers users to do stuff. Don't claim there is great VM and sand-boxing support to solve this: we are talking about stupid people here: it won't be safe at all unless running random crap is sand boxed safely by default, and people arn't desensitized to allowing applications to access random crap (Android, darn you with your apps that must access everything to target ads).

Now if you asked if Genode was safe, well, maybe that is closer. More secure design, and basically no stupid users: that is safer!

Obligatory xkcd (5, Interesting)

Anonymous Coward | about a year ago | (#43865655)

http://xkcd.com/1200/

Re:Obligatory xkcd (1)

maxwell demon (590494) | about a year ago | (#43865947)

Of course, if someone steals my laptop while I'm logged in, unless he drags it away from under my hands, he'll be presented with the screen saver's password screen.

Re:Obligatory xkcd (1)

Rockoon (1252108) | about a year ago | (#43866611)

Of course, if someone steals my laptop while I'm logged in, unless he drags it away from under my hands, he'll be presented with the screen saver's password screen

So he boots a linux live CD and then proceeds to rape your drive for all its got.

Re:Obligatory xkcd (1)

Anonymous Coward | about a year ago | (#43866779)

Without my encryption key? I think not.

Your webcam (5, Funny)

girlintraining (1395911) | about a year ago | (#43865659)

Yesterday my webcam suddenly turned on, and turned off after several minutes.

Hey, sorry about that. I was trying to get the girl next door that's leeching off your wifi. She's so cute! But when I turned on the webcam, I knew I had the wrong person. Also, dude, put some pants on. Nobody wants to see that.

Oh, and that stuff about Linux having malware? I'm sure you have nothing to worry about. The Year of the Linux Desktop hasn't come yet (though they say it'll be this summer for sure!), so you're safe. All the malware me and my friends at the Evil League of Evil make for Linux is designed to worm its way into web servers, ftp, etc., to spread malware to Windows boxes. We aren't interested in your personal life. You're a nerd, running Linux. We haven't found a single case of one of you having a life yet. Hell, you don't even have a decent car, man.

oh oh, gotta go, the webcam is up and... oooooh my....

Yes (5, Insightful)

Anonymous Coward | about a year ago | (#43865673)

As long as you have people on Ubuntu forums posting "sudo apt-get " as the solution to everything without explaining what they do, and as long as you have people willing to copy/paste the commands without understanding what they are doing, then malware is a threat.

The same groupthink plagues the Arch Linux forums. Blindly copy/pasting commands that someone else put on a wiki does not make you elite, it makes you an idiot.

The same issue exists in adding repositories from untrusted sources. What's the point of running an enterprise-class operating system if the first thing you do is add a third party repo from Russia and update the kernel with something ending -kmod?

The critical mass of idiot users still reside in Windows, where things like UAC and walled gardens exist to protect them somewhat. At least there, you have to know the administrator password to do real damage. Ubuntu and all the new user-friendly distros are content to put every new account in /etc/sudoers and allow you to use your own password to gain root access. Any operating system is prone to malware so long as people are willing to bend security practices.

If I ran servers... (4, Interesting)

Nutria (679911) | about a year ago | (#43865677)

then I'd worry a lot. Rootkits for privilege escalation, SQL injection attacks against poorly-written 3rd-party and locally-developed databases, PHP, CMS & web framework vulnerabilities, etc, etc, etc.

For home use, I'm concerned about router vulnerabilities (Tomato helps but is not perfect) and MITM attacks (but there's nothing I can really do about them except keep my s/w up-to-date, while praying that vendors do the same).

RMS would say... (1)

Anonymous Coward | about a year ago | (#43865783)

RMS would say that you're sacrificing your freedom if you allow non-Free malware to run on your GNU/Linux PC computer.

Either that or "told you so."

Re:RMS would say... (1)

ebno-10db (1459097) | about a year ago | (#43866869)

RMS would say that you're sacrificing your freedom if you allow non-Free malware to run on your GNU/Linux PC computer.

+5 Funny

I got a virus for Linux once (5, Funny)

trime (733350) | about a year ago | (#43865793)

But I couldn't get the damn thing to compile!

Re:I got a virus for Linux once (0)

Anonymous Coward | about a year ago | (#43865965)

Noob!

Re: couldn't get it to compile (1)

Anonymous Coward | about a year ago | (#43866017)

You probably just forgot to read the README, or you forgot

$ sudo apt-get install build-essential

After installing build-essential, try this:

$ tar xaf virus.tar.bz2; cd ./virus/src/; ./configure; make; make install; /usr/sbin/virus

Note: The make install will probably ask for your password.

p.s. Did you get the version that removes your home directory, or did you get the forkbomb version?

Re: couldn't get it to compile (0)

Anonymous Coward | about a year ago | (#43866685)

You forgot the "make clean" because you don't want those build files strewn about.

Re: couldn't get it to compile (0)

Anonymous Coward | about a year ago | (#43866797)

Not necessary, since most virus packagers either make clean before building the tar file, or they include pre-built binaries to speed up the install, and they'll remove them in configure if the platform doesn't match.

Stupidity brings success and malware. (1)

MouseTheLuckyDog (2752443) | about a year ago | (#43865961)

Consider that about fifteen years ago the biggest watning to users were sticks and disk that would autorun and the single thing that users could do to make themselves a lot more secure was to disable autorun.

Now as I understand it Ubuntu comes with autorun capabilities.

Fact is that there are several things making linux less secure.

The first is that there are some people who in a hurry to catch up with Microsoft copy what Microsoft does including the bad engineering that leads to malware.
The second thing is that the more respectable linux has become the more it's drawn in morons^H^H^H^H^H^H^H WIndows programers, in an Eternal September mindset that leads to the badly engineered apps.

I would say that the safeest thing you could do is do any unsafe computing in a special; account that you don't mind being corrupted and boot off external drive for the stuff you want really secure and be careful of how you use that.

I trust Debian (0)

Anonymous Coward | about a year ago | (#43866029)

And now they have you right where they want you.

Your nub is showing (1)

Anonymous Coward | about a year ago | (#43866111)

"I'm not a novice at all; I install system updates almost daily"

Two sentences that shouldn't be anywhere close to each other.

Re:Your nub is showing (0)

Anonymous Coward | about a year ago | (#43866549)

not sure to understand your point...

Updates, backups, and Flash (3, Funny)

raymorris (2726007) | about a year ago | (#43866183)

Assuming you don't do silly things like run completely unknown commands, you're pretty safe. JavaScript and Flash is cross-platform, though. I've seen one Linux system where their Yahoo email account was compromised, probably by malicious JavaScript. It might have been phishing, though, or a combination. The main things I do for security are - run most updates provided by the distro and browser, have backups, don't run services I don't use, and I have a separate browser for Flash and Java. Most Flash is ads or pointless eyecandy so I don't miss not having Flash in my daily browser. Even YouTube doesn't need Flash these days, so I open the Flash browser maybe once per month, if that.

TEEX.com has some free online cybersecurity courses that may have good reminders for your and your family members regarding safe browsing habits and simple security practices.

Linux devs figured out the answer to this question (0)

Anonymous Coward | about a year ago | (#43866275)

...ages ago. Hence why they constantly scan for and patch vulnerabilities.

Unfortunately, there's no patch for the ultimate vulnerability. The end user.

GNU/Linux? (-1)

Anonymous Coward | about a year ago | (#43866285)

You mean Linux? What moron walks around saying "gee in yoo Linux"?

I remember when RMS got his panties all jammed the crack of his ass because everyone was calling it Linux. Sometimes I hate the industry because of all the jackasses and whimpering babies that are in it. Know what's funny about the tech industry?... it's an industry dominated by men who are really just a bunch of pussies.

But getting back on topic... I'm not worried about it any time soon. I'm sure we'll see more attempts at LINUX! malware in about two years.

Is GNU/Linux Malware a Real Threat? (1)

SnarfQuest (469614) | about a year ago | (#43866297)

Hold on for a minute, while I finish this code
...
...
...

Ok, now it is.

You only needed to ask. That's Open Source for you.

Your trust is misplaced. (0)

Anonymous Coward | about a year ago | (#43866311)

Admittedly Linux based operating systems can be very secure. However trusting the OS to be secure would be like trusting the locks on your house to lock themselves when you are gone. You should trust that you have properly configured the systems security settings to prevent issues, not trust the system itself, especially if other people are allowed to use the system.

Re:Your trust is misplaced. (1)

Rockoon (1252108) | about a year ago | (#43866703)

You should trust that you have properly configured the systems security settings to prevent issues

a) No, you should not trust that you have configured anything properly.
b) Doesn't solve the problem even if you could trust yourself.

The best security only comes when you dont trust anything, even yourself. It is only then that you can make proper decisions...

Almost daily updates? (2)

moonwatcher2001 (2710261) | about a year ago | (#43866701)

OP writes:
" I install system updates almost daily"

Seems to me.that any OS requiring multiple updates per week is a fail.

*DUCKS*

Webcams . . . (2)

Kimomaru (2579489) | about a year ago | (#43866743)

. . . should always be unplugged or covered up when not used, period. I love Debian myself, but as long as you have any kind of proprietary software on there, you don't really know what all of its behavior is and what it can be set up to do. Even if your system is totally free of this nonsense, that's not to say that an upgrade won't change that. That on/off light that webcams have - they're starting to go away; an iPad camera, I'm sure you're noticed, doesn't have one. You won't even know if your device is being turned on in the future.

Unplug that thing, just common sense.

My webcam used to do this (0)

Anonymous Coward | about a year ago | (#43866863)

Finally narrowed it down to the light coming on whenever something was running that used a microphone.

How to infect with non-root malware (0)

Anonymous Coward | about a year ago | (#43866999)

This article here explains how this can be done. It's a few years old already, but always interesting: http://www.geekzone.co.nz/foobar/6229

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...