Re: [gentoo-user] Linux viruses
On 7/5/2013 11:12 PM, Dale wrote: I since did some googling and it seems I am right and he just thought I was some know nothing guy he could sell some service too. Anyway, has anything changed to make Linux more prone to viruses than it used to be? I read a percentage somewhere that said like 99% of viruses are windoze only. Is there a indisputable source of information on this? Linux is inherently more secure than Windows, but it isn't so much more secure that only 1% of all viruses can attack it. Virus developers don't have a financial incentive to develop Linux viruses (not enough Linux users, most Linux users knowledgeable about computers, and moral reasons). -- Timur Aydin
Re: [gentoo-user] Linux viruses
Am 12.07.2013 18:36, schrieb Timur Aydin: On 7/5/2013 11:12 PM, Dale wrote: I since did some googling and it seems I am right and he just thought I was some know nothing guy he could sell some service too. Anyway, has anything changed to make Linux more prone to viruses than it used to be? I read a percentage somewhere that said like 99% of viruses are windoze only. Is there a indisputable source of information on this? Linux is inherently more secure than Windows, but it isn't so much more secure that only 1% of all viruses can attack it. Virus developers don't have a financial incentive to develop Linux viruses (not enough Linux users, most Linux users knowledgeable about computers, and moral reasons). moral reasons... you just made my day
Re: [gentoo-user] Linux viruses
On Jul 12, 2013 4:32 PM, Volker Armin Hemmann volkerar...@googlemail.com wrote: Am 12.07.2013 18:36, schrieb Timur Aydin: On 7/5/2013 11:12 PM, Dale wrote: I since did some googling and it seems I am right and he just thought I was some know nothing guy he could sell some service too. Anyway, has anything changed to make Linux more prone to viruses than it used to be? I read a percentage somewhere that said like 99% of viruses are windoze only. Is there a indisputable source of information on this? Linux is inherently more secure than Windows, but it isn't so much more secure that only 1% of all viruses can attack it. Virus developers don't have a financial incentive to develop Linux viruses (not enough Linux users, most Linux users knowledgeable about computers, and moral reasons). moral reasons... you just made my day Yeah, that made me think back to a reddit AMA with a guy who ran a botnet and everyone kept asking him about morals.
Re: [gentoo-user] Linux viruses
If you use a open source system probably you want that the community help you with your security problems and you can help the community with bug finder. Linux is not perfect but it's the best system that the community can write. The community want you. Il giorno 10/lug/2013 06:13, Dale rdalek1...@gmail.com ha scritto: Walter Dnes wrote: On Tue, Jul 09, 2013 at 08:41:21PM -0500, Dale wrote OK. I do banking online. I also pay my bills online along with social sites as well. I use Lastpass so that I can have some really REALLY funky passwords. I think I am one of few that has not had his facebook hacked. Anyway, I run Gentoo which is known here. I use Firefox/Seamonkey as my web browser. So next question sort of takes us back to my point with the knucklehead in the store. Am I safer, much safer, using Linux over windoze? That answer would take into account the fact that most virus/nasty code is written for windoze and not Linux but also that Linux is just built with security in mind. I belive that I am much safer with Linux myself. You are safer overall. Just watch out for XSS (cross-site-scripting), java, Flash, and acrobat exploits. That's my thinking but wanted a second opinion. So far, I have never had anything hacked. That includes social sites, banking and other financial stuff, email and other password protected stuff. I keep everything updated and use browsers that are popular and updated frequently. I think Lastpass helps too. I have one good password and it remember the really hard ones. So far, it works well. Thanks for the second opinion. It ended up like I thought. ;-) Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
Re: [gentoo-user] Linux viruses
Davide De Prisco wrote: If you use a open source system probably you want that the community help you with your security problems and you can help the community with bug finder. Linux is not perfect but it's the best system that the community can write. The community want you. I do that already. I generally ask here first but if I find a bug, I report it. Sometimes finding the person to report it to can be interesting but I help where I can. I been using Linux for over a decade now. I'm not much but I do what I can. ;-) Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
Re: [gentoo-user] Linux viruses
On Mon, Jul 08, 2013 at 08:24:03AM -0500, Dale wrote Questions. Can a virus infect the OS when running on Linux through java/javascript/flash? There are two levels of infection... 1) One-off execution of bad stuff when you visit a web page. 2) A more permanent infection that survives restarting the web browser, and rebooting the machine. But that would need to be linux executable. Or would the infection at the least be limited to that user? Usually, unless they find a privilege escalation hole. Then again, it's the user-info (bank login and password, credit card number, etc) that's really profitable for organized crime. How is html5 going to affect this? Better or worse? If/when it results in the end of Flash, that's an improvement. The thing I worry about is that anything powerful enough can be (ab)used. -- Walter Dnes waltd...@waltdnes.org I don't run desktop environments; I run useful applications
Re: [gentoo-user] Linux viruses
Walter Dnes wrote: On Mon, Jul 08, 2013 at 08:24:03AM -0500, Dale wrote Questions. Can a virus infect the OS when running on Linux through java/javascript/flash? There are two levels of infection... 1) One-off execution of bad stuff when you visit a web page. 2) A more permanent infection that survives restarting the web browser, and rebooting the machine. But that would need to be linux executable. OK. I do banking online. I also pay my bills online along with social sites as well. I use Lastpass so that I can have some really REALLY funky passwords. I think I am one of few that has not had his facebook hacked. Anyway, I run Gentoo which is known here. I use Firefox/Seamonkey as my web browser. So next question sort of takes us back to my point with the knucklehead in the store. Am I safer, much safer, using Linux over windoze? That answer would take into account the fact that most virus/nasty code is written for windoze and not Linux but also that Linux is just built with security in mind. I belive that I am much safer with Linux myself. Just a rough example of what some passwords look like for me: 5u9YU7335cb29hPE I don't actually use that as a password so no need in some script kiddy trying it. LOL Or would the infection at the least be limited to that user? Usually, unless they find a privilege escalation hole. Then again, it's the user-info (bank login and password, credit card number, etc) that's really profitable for organized crime. I can certainly agree with that. I have a few people that use windoze and refuse to even think about ordering online, banking or anything that requires financial type info. If they are not going to keep their stuff up to date, may be a good idea. These are the same folks that don't update anti-virus and such too. :/ How is html5 going to affect this? Better or worse? If/when it results in the end of Flash, that's an improvement. The thing I worry about is that anything powerful enough can be (ab)used. I was hoping if they was going to all the trouble on creating this that it was going to do some sort of good and improve security. I don't mean just for Linux folks either. For the record, I use https everywhere and I think I have a similar thing for html5 too. I know I opted in for youtube. Thanks for the answers. I think you see where I am going with this. I still laugh when I think about what that guy said tho. Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
Re: [gentoo-user] Linux viruses
Paul Hartman wrote: On Mon, Jul 8, 2013 at 8:24 AM, Dale rdalek1...@gmail.com wrote: Questions. Can a virus infect the OS when running on Linux through java/javascript/flash? Or would the infection at the least be limited to that user? I think how they typically work, on any OS, is they exploit a bug in the browser (or a browser plug-in) to run code on your local machine, and then that code exploits the operating system in order to get root-level privileges. After it has that, the possibilities are endless... There's nothing special about Linux that would make that scenario play out any better than it does on Windows, but in reality the number of exploits found for Windows has been greater, and the number of Linux web browser users is far fewer, so it's pretty rare to see web pages that target Linux exploits (but I do read about them from time to time). I personally use Firefox with RequestPolicy, NoScript and Adblock Plus. That still won't protect me from a bug in Firefox itself. I suppose if I really wanted to be paranoid I would run it in a virtual machine (but, hey, those can be exploited, too). At some point, you have to just go with it and hope for the best. Either that or turn off the computer. :) That's my thinking to but also see my reply to Walter. I use Linux for several reasons and security is one of them. Linux is more security oriented and faster with fixes be it a browser or some other package. Gentoo works with upstream to get serious issues fixed pretty fast. How is html5 going to affect this? Better or worse? HTML5 is already here and you're probably already using it. :) The biggest benefit to using anything but Flash is the idea that the code is not in Adobe's hands and that the community would identify and fix bugs sooner. But that's not guaranteed to be the case. A web browser is perhaps the most complicated piece of software most of us will ever run on our computers, and there's a lot of room for mistakes to happen in those millions of lines of code. Anything can happen. . I have opted in for html5 on youtube. I think I also have a plugin that enables html5 as well when available. I have one for https as well. Given this NSA mess, may help a little anyway. O_O Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
Re: [gentoo-user] Linux viruses
Alan McKinnon wrote: On 08/07/2013 15:24, Dale wrote: Walter Dnes wrote: On Fri, Jul 05, 2013 at 05:21:25PM -0500, Dale wrote Well, no Wine here. So that won't happen. Actually, I don't have a copy of windoze here at all. Neither of my two rigs have ever had windoze installed on them at all. BTW, I have been known to open those attachments before. I usually open them with kwrite or something and try to see what is human readable in there. Most is machine language but there is usually a small portion that is human readable. They sent it and I'm nosy that way. lol The bad guys go after the low hanging fruit, i.e. the easiest targets. Years ago, it was Internet Explorer. This also included Outlook and Outlook Express, which were glorified IE frontends. There were many drive-by-downloads, thanks to Active-X (aka Active-Hacks). MS has gotten its act together on IE, so the bad guys are now going after other stuff. The other stuff is cross-platform stuff like Java and Javascript and Adobe Acrobat and Flash (known affectionately as Schlockwave Trash). So yes... it can happen here. I've been Java-free for years. I use Noscript and Flashblock on Firefox. I keep Opera around for those sites that don't work on Firefox. I also use mupdf instead of the bloated Acrobat Reader monstrosity. Questions. Can a virus infect the OS when running on Linux through java/javascript/flash? Yes. If you can get the payload to run, then that code will run and will do whatever the environment it is in will let it do. Or would the infection at the least be limited to that user? That's the normal case, but by no means the only one. If you have sudoers set up to run any command as root without using a password, well then How is html5 going to affect this? Better or worse? I think you need to gain a deeper understanding of how computer software works Dale. You are asking black/white questions, and the world just is not like that. It's all grey. These questions do not have simple answers. Windows well-deserved it's bad rep from many years ago - that came not from bad security or loopholes but more from the simple fact that early Windows had no security to speak of. It wasn't poor locks, there just wasn't a lock, not a door ... oh stuff it there wasn't even a wall to put the door in for many years! Things have vastly improved now and Windows in the hands of someone with clue rates about the same as (more-or-less conventional) Linux in the hands of someone with clue. Lastly, gaining root permissions is no longer the holy grail it used to be. Nowadays first prize is ability to send mail through your mail accounts, access your browsing history, and get into your password wallet. All of which by their very nature, MUST be accessible to the user's account. I'm getting there Alan. I'm always learning something. It's retaining it that is the issue. ;-) Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
Re: [gentoo-user] Linux viruses
On Tue, Jul 09, 2013 at 08:41:21PM -0500, Dale wrote OK. I do banking online. I also pay my bills online along with social sites as well. I use Lastpass so that I can have some really REALLY funky passwords. I think I am one of few that has not had his facebook hacked. Anyway, I run Gentoo which is known here. I use Firefox/Seamonkey as my web browser. So next question sort of takes us back to my point with the knucklehead in the store. Am I safer, much safer, using Linux over windoze? That answer would take into account the fact that most virus/nasty code is written for windoze and not Linux but also that Linux is just built with security in mind. I belive that I am much safer with Linux myself. You are safer overall. Just watch out for XSS (cross-site-scripting), java, Flash, and acrobat exploits. -- Walter Dnes waltd...@waltdnes.org I don't run desktop environments; I run useful applications
Re: [gentoo-user] Linux viruses
Walter Dnes wrote: On Tue, Jul 09, 2013 at 08:41:21PM -0500, Dale wrote OK. I do banking online. I also pay my bills online along with social sites as well. I use Lastpass so that I can have some really REALLY funky passwords. I think I am one of few that has not had his facebook hacked. Anyway, I run Gentoo which is known here. I use Firefox/Seamonkey as my web browser. So next question sort of takes us back to my point with the knucklehead in the store. Am I safer, much safer, using Linux over windoze? That answer would take into account the fact that most virus/nasty code is written for windoze and not Linux but also that Linux is just built with security in mind. I belive that I am much safer with Linux myself. You are safer overall. Just watch out for XSS (cross-site-scripting), java, Flash, and acrobat exploits. That's my thinking but wanted a second opinion. So far, I have never had anything hacked. That includes social sites, banking and other financial stuff, email and other password protected stuff. I keep everything updated and use browsers that are popular and updated frequently. I think Lastpass helps too. I have one good password and it remember the really hard ones. So far, it works well. Thanks for the second opinion. It ended up like I thought. ;-) Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
Re: [gentoo-user] Linux viruses
Walter Dnes wrote: On Fri, Jul 05, 2013 at 05:21:25PM -0500, Dale wrote Well, no Wine here. So that won't happen. Actually, I don't have a copy of windoze here at all. Neither of my two rigs have ever had windoze installed on them at all. BTW, I have been known to open those attachments before. I usually open them with kwrite or something and try to see what is human readable in there. Most is machine language but there is usually a small portion that is human readable. They sent it and I'm nosy that way. lol The bad guys go after the low hanging fruit, i.e. the easiest targets. Years ago, it was Internet Explorer. This also included Outlook and Outlook Express, which were glorified IE frontends. There were many drive-by-downloads, thanks to Active-X (aka Active-Hacks). MS has gotten its act together on IE, so the bad guys are now going after other stuff. The other stuff is cross-platform stuff like Java and Javascript and Adobe Acrobat and Flash (known affectionately as Schlockwave Trash). So yes... it can happen here. I've been Java-free for years. I use Noscript and Flashblock on Firefox. I keep Opera around for those sites that don't work on Firefox. I also use mupdf instead of the bloated Acrobat Reader monstrosity. Questions. Can a virus infect the OS when running on Linux through java/javascript/flash? Or would the infection at the least be limited to that user? How is html5 going to affect this? Better or worse? Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
Re: [gentoo-user] Linux viruses
On Mon, Jul 8, 2013 at 8:24 AM, Dale rdalek1...@gmail.com wrote: Questions. Can a virus infect the OS when running on Linux through java/javascript/flash? Or would the infection at the least be limited to that user? I think how they typically work, on any OS, is they exploit a bug in the browser (or a browser plug-in) to run code on your local machine, and then that code exploits the operating system in order to get root-level privileges. After it has that, the possibilities are endless... There's nothing special about Linux that would make that scenario play out any better than it does on Windows, but in reality the number of exploits found for Windows has been greater, and the number of Linux web browser users is far fewer, so it's pretty rare to see web pages that target Linux exploits (but I do read about them from time to time). I personally use Firefox with RequestPolicy, NoScript and Adblock Plus. That still won't protect me from a bug in Firefox itself. I suppose if I really wanted to be paranoid I would run it in a virtual machine (but, hey, those can be exploited, too). At some point, you have to just go with it and hope for the best. Either that or turn off the computer. :) How is html5 going to affect this? Better or worse? HTML5 is already here and you're probably already using it. :) The biggest benefit to using anything but Flash is the idea that the code is not in Adobe's hands and that the community would identify and fix bugs sooner. But that's not guaranteed to be the case. A web browser is perhaps the most complicated piece of software most of us will ever run on our computers, and there's a lot of room for mistakes to happen in those millions of lines of code. Anything can happen.
Re: [gentoo-user] Linux viruses
On 08/07/2013 15:24, Dale wrote: Walter Dnes wrote: On Fri, Jul 05, 2013 at 05:21:25PM -0500, Dale wrote Well, no Wine here. So that won't happen. Actually, I don't have a copy of windoze here at all. Neither of my two rigs have ever had windoze installed on them at all. BTW, I have been known to open those attachments before. I usually open them with kwrite or something and try to see what is human readable in there. Most is machine language but there is usually a small portion that is human readable. They sent it and I'm nosy that way. lol The bad guys go after the low hanging fruit, i.e. the easiest targets. Years ago, it was Internet Explorer. This also included Outlook and Outlook Express, which were glorified IE frontends. There were many drive-by-downloads, thanks to Active-X (aka Active-Hacks). MS has gotten its act together on IE, so the bad guys are now going after other stuff. The other stuff is cross-platform stuff like Java and Javascript and Adobe Acrobat and Flash (known affectionately as Schlockwave Trash). So yes... it can happen here. I've been Java-free for years. I use Noscript and Flashblock on Firefox. I keep Opera around for those sites that don't work on Firefox. I also use mupdf instead of the bloated Acrobat Reader monstrosity. Questions. Can a virus infect the OS when running on Linux through java/javascript/flash? Yes. If you can get the payload to run, then that code will run and will do whatever the environment it is in will let it do. Or would the infection at the least be limited to that user? That's the normal case, but by no means the only one. If you have sudoers set up to run any command as root without using a password, well then How is html5 going to affect this? Better or worse? I think you need to gain a deeper understanding of how computer software works Dale. You are asking black/white questions, and the world just is not like that. It's all grey. These questions do not have simple answers. Windows well-deserved it's bad rep from many years ago - that came not from bad security or loopholes but more from the simple fact that early Windows had no security to speak of. It wasn't poor locks, there just wasn't a lock, not a door ... oh stuff it there wasn't even a wall to put the door in for many years! Things have vastly improved now and Windows in the hands of someone with clue rates about the same as (more-or-less conventional) Linux in the hands of someone with clue. Lastly, gaining root permissions is no longer the holy grail it used to be. Nowadays first prize is ability to send mail through your mail accounts, access your browsing history, and get into your password wallet. All of which by their very nature, MUST be accessible to the user's account. -- Alan McKinnon alan.mckin...@gmail.com
Re: [gentoo-user] Linux viruses
On Fri, Jul 05, 2013 at 05:21:25PM -0500, Dale wrote Well, no Wine here. So that won't happen. Actually, I don't have a copy of windoze here at all. Neither of my two rigs have ever had windoze installed on them at all. BTW, I have been known to open those attachments before. I usually open them with kwrite or something and try to see what is human readable in there. Most is machine language but there is usually a small portion that is human readable. They sent it and I'm nosy that way. lol The bad guys go after the low hanging fruit, i.e. the easiest targets. Years ago, it was Internet Explorer. This also included Outlook and Outlook Express, which were glorified IE frontends. There were many drive-by-downloads, thanks to Active-X (aka Active-Hacks). MS has gotten its act together on IE, so the bad guys are now going after other stuff. The other stuff is cross-platform stuff like Java and Javascript and Adobe Acrobat and Flash (known affectionately as Schlockwave Trash). So yes... it can happen here. I've been Java-free for years. I use Noscript and Flashblock on Firefox. I keep Opera around for those sites that don't work on Firefox. I also use mupdf instead of the bloated Acrobat Reader monstrosity. -- Walter Dnes waltd...@waltdnes.org I don't run desktop environments; I run useful applications
Re: [gentoo-user] Linux viruses
On 2013-07-06 8:12 AM, Bruce Hill da...@happypenguincomputers.com wrote: NB: I only sell the best A/V software on the market, which hasn't missed a virus in the wild since it's inception. Not to start a flamewar on which is the best AV, but I'm curious which one this is?
Re: [gentoo-user] Linux viruses
On 07/07/13 20:07, Tanstaafl wrote: On 2013-07-06 8:12 AM, Bruce Hill da...@happypenguincomputers.com wrote: NB: I only sell the best A/V software on the market, which hasn't missed a virus in the wild since it's inception. Not to start a flamewar on which is the best AV, but I'm curious which one this is? I'm curious why would anybody need one? -- Stop talking and start compiling. Linux user #557897
Re: [gentoo-user] Linux viruses
On 2013-07-07 12:19 PM, the the.gu...@mail.ru wrote: On 07/07/13 20:07, Tanstaafl wrote: On 2013-07-06 8:12 AM, Bruce Hill da...@happypenguincomputers.com wrote: NB: I only sell the best A/V software on the market, which hasn't missed a virus in the wild since it's inception. Not to start a flamewar on which is the best AV, but I'm curious which one this is? I'm curious why would anybody need one? Obviously you aren't responsible for managing lots of Windows Workstations operated by average Windows users.
Re: [gentoo-user] Linux viruses
On Sunday 07 Jul 2013 17:19:13 the wrote: On 07/07/13 20:07, Tanstaafl wrote: On 2013-07-06 8:12 AM, Bruce Hill da...@happypenguincomputers.com wrote: NB: I only sell the best A/V software on the market, which hasn't missed a virus in the wild since it's inception. Not to start a flamewar on which is the best AV, but I'm curious which one this is? I'm curious why would anybody need one? Because one may need to: 1. Scan MSWindows drives and infected machines. 2. Avoid forwarding viruses and malware in general, to MSWindows users. 3. Check MSWindows executables. 4. Other uses that MSWindows devs/users may know of. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Linux viruses
On Sun, Jul 07, 2013 at 12:07:51PM -0400, Tanstaafl wrote: On 2013-07-06 8:12 AM, Bruce Hill da...@happypenguincomputers.com wrote: NB: I only sell the best A/V software on the market, which hasn't missed a virus in the wild since it's inception. Not to start a flamewar on which is the best AV, but I'm curious which one this is? http://www.eset.com/us/home/whyeset/compare/ -- Happy Penguin Computers ') 126 Fenco Drive ( \ Tupelo, MS 38801 ^^ supp...@happypenguincomputers.com 662-269-2706 662-205-6424 http://happypenguincomputers.com/ A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? Don't top-post: http://en.wikipedia.org/wiki/Top_post#Top-posting
Re: [gentoo-user] Linux viruses
On Sun, Jul 07, 2013 at 01:15:35PM -0400, Tanstaafl wrote: On 2013-07-07 12:19 PM, the the.gu...@mail.ru wrote: On 07/07/13 20:07, Tanstaafl wrote: On 2013-07-06 8:12 AM, Bruce Hill da...@happypenguincomputers.com wrote: NB: I only sell the best A/V software on the market, which hasn't missed a virus in the wild since it's inception. Not to start a flamewar on which is the best AV, but I'm curious which one this is? I'm curious why would anybody need one? Obviously you aren't responsible for managing lots of Windows Workstations operated by average Windows users. ack -- Happy Penguin Computers ') 126 Fenco Drive ( \ Tupelo, MS 38801 ^^ supp...@happypenguincomputers.com 662-269-2706 662-205-6424 http://happypenguincomputers.com/ A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? Don't top-post: http://en.wikipedia.org/wiki/Top_post#Top-posting
Re: [gentoo-user] Linux viruses
On Jul 8, 2013 1:05 AM, Bruce Hill da...@happypenguincomputers.com wrote: On Sun, Jul 07, 2013 at 12:07:51PM -0400, Tanstaafl wrote: On 2013-07-06 8:12 AM, Bruce Hill da...@happypenguincomputers.com wrote: NB: I only sell the best A/V software on the market, which hasn't missed a virus in the wild since it's inception. Not to start a flamewar on which is the best AV, but I'm curious which one this is? http://www.eset.com/us/home/whyeset/compare/ Oh. My. Goodness! ESET! I *love* that piece of gold :-) In fact, I'm still having the glow from the satisfaction of successfully convincing the management to replace the previous p.o.s. that goes by the name of SEP, with this wonderful antivirus. The first week, ESET unearthed more than 1'000 threats (throughout the company) that SEP had turned a blind eye to. It's really a mystery how SEP ever got crowned with any Good attributes. Granted, the Business version has much more options than one can shake a stick at, but for control-happy BOFHs, ESET is a godsend, a breath of fresh air compared to the CPU-guzzling ineffective p.o.s. called SEP. (sorry for the tangential offtopicness, I'm just so very glad to see a fellow ESET-believer ;-) ). Rgds, --
Re: [gentoo-user] Linux viruses
On Sun, Jul 7, 2013 at 1:36 PM, Pandu Poluan pa...@poluan.info wrote: On Jul 8, 2013 1:05 AM, Bruce Hill da...@happypenguincomputers.com wrote: On Sun, Jul 07, 2013 at 12:07:51PM -0400, Tanstaafl wrote: On 2013-07-06 8:12 AM, Bruce Hill da...@happypenguincomputers.com wrote: NB: I only sell the best A/V software on the market, which hasn't missed a virus in the wild since it's inception. Not to start a flamewar on which is the best AV, but I'm curious which one this is? http://www.eset.com/us/home/whyeset/compare/ Oh. My. Goodness! ESET! I *love* that piece of gold :-) In fact, I'm still having the glow from the satisfaction of successfully convincing the management to replace the previous p.o.s. that goes by the name of SEP, with this wonderful antivirus. The first week, ESET unearthed more than 1'000 threats (throughout the company) that SEP had turned a blind eye to. It's really a mystery how SEP ever got crowned with any Good attributes. Granted, the Business version has much more options than one can shake a stick at, but for control-happy BOFHs, ESET is a godsend, a breath of fresh air compared to the CPU-guzzling ineffective p.o.s. called SEP. (sorry for the tangential offtopicness, I'm just so very glad to see a fellow ESET-believer ;-) ). Rgds, -- I love it as well, I even used their Linux-gateway scanner to scan network traffic. I know there are other free ways to do that, but ESET had impressed me enough by then. -- Alecks Gates
Re: [gentoo-user] Linux viruses
On Mon, Jul 08, 2013 at 01:36:38AM +0700, Pandu Poluan wrote: Oh. My. Goodness! ESET! I *love* that piece of gold :-) In fact, I'm still having the glow from the satisfaction of successfully convincing the management to replace the previous p.o.s. that goes by the name of SEP, with this wonderful antivirus. The first week, ESET unearthed more than 1'000 threats (throughout the company) that SEP had turned a blind eye to. It's really a mystery how SEP ever got crowned with any Good attributes. Granted, the Business version has much more options than one can shake a stick at, but for control-happy BOFHs, ESET is a godsend, a breath of fresh air compared to the CPU-guzzling ineffective p.o.s. called SEP. (sorry for the tangential offtopicness, I'm just so very glad to see a fellow ESET-believer ;-) ). A good Linux friend who works with IBM Netherlands as a Linux/FOSS expert told me of ESET in 2003. He was my Slackware mentor (my distro before Gentoo). He implemented ESET on the Windows clients of one of his accounts, Green Peace. I have only had one customer since 2003 get infected using ESET, and that was because he turned it off. It has such a small footprint, and does a great job. It's got a lot of other nice tools in the Smart Security suite, such as the ability to track your stolen laptop if you set it up. But enough on this Gentoo list... -- Happy Penguin Computers ') 126 Fenco Drive ( \ Tupelo, MS 38801 ^^ supp...@happypenguincomputers.com 662-269-2706 662-205-6424 http://happypenguincomputers.com/ A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? Don't top-post: http://en.wikipedia.org/wiki/Top_post#Top-posting
Re: [gentoo-user] Linux viruses
On 2013-07-07 2:04 PM, Bruce Hill da...@happypenguincomputers.com wrote: On Sun, Jul 07, 2013 at 12:07:51PM -0400, Tanstaafl wrote: On 2013-07-06 8:12 AM, Bruce Hill da...@happypenguincomputers.com wrote: NB: I only sell the best A/V software on the market, which hasn't missed a virus in the wild since it's inception. Not to start a flamewar on which is the best AV, but I'm curious which one this is? http://www.eset.com/us/home/whyeset/compare/ Thought so... Been using the Enterprise version since about 2002 (NOD32 version 2) and couldn't be happier.
Re: [gentoo-user] Linux viruses
On 07/06/13 02:21, Dale wrote: William Kenworthy wrote: On 06/07/13 04:12, Dale wrote: I had a interesting adventure the other day. A friend of mine's son is getting ready to go to college. Budget is tight so we went to find a used laptop for him. I went into the local puter shop and the techie guy there had a interesting statement that makes me think I'm not recommending them for computer service to anyone else. While we was chatting, he said that Linux is just as prone to getting a virus as windoze and so is a Mac. I think my laughing let him know I wasn't buying his comment. I since did some googling and it seems I am right and he just thought I was some know nothing guy he could sell some service too. Anyway, has anything changed to make Linux more prone to viruses than it used to be? I read a percentage somewhere that said like 99% of viruses are windoze only. Is there a indisputable source of information on this? Thanks. Dale :-) :-) food for thought - some years back a member of the local lug picked up that something was listening on a port that he didn't think should be in use. Turned out to be an infected windows binary running under wine ... I presume he had been using wine and this was left running, rather than self starting. BillK Well, no Wine here. So that won't happen. Actually, I don't have a copy of windoze here at all. Neither of my two rigs have ever had windoze installed on them at all. BTW, I have been known to open those attachments before. I usually open them with kwrite or something and try to see what is human readable in there. Most is machine language but there is usually a small portion that is human readable. They sent it and I'm nosy that way. lol Perhaps it's easier to use strings? -- Stop talking and start compiling. Linux user #557897
Re: [gentoo-user] Linux viruses
On 06/07/2013 00:21, Dale wrote: I'm still trying to figure out what he thought he would accomplish tho. I can't get my head wrapped around that yet. That's easy to answer. The fellow probably doesn't know much. If you want a brilliant example, just go read a wide bunch of threads on the Gentoo Forums. You will find some gems in there, you'll also find a level of cluelessness that is hard to wrap your brains around, and the noise to signal ratio is out the roof. Fellows working in stores (often at low wages) are not any different. Technically, he's not wrong - any OS is just as susceptible to viruses as any other, you just have to get over the first hurdle which is getting code to run. The overall design of Windows has historically made this somewhat easy, and the overall design of Windows users made it easier still. Using Occam's Razor, I'd guess the fellow behind the counter is not too different from fellows behind counters everywhere, and he's running on one of these motivations: 1. He will punt what earns him more money (he's in sales after all) 2. He will defend the thing he sells (usually by talking down the competition) 3. Just repeats some line he heard somewhere and doesn't really understand the topic (but is convinced he does) -- Alan McKinnon alan.mckin...@gmail.com
Re: [gentoo-user] Linux viruses
On Friday 05 Jul 2013 22:46:10 Paul Hartman wrote: ... but the person sitting at the keyboard is usually capable of screwing it up more than any virus. :) Hah! Tell me about it. :-( -- Peter
Re: [gentoo-user] Linux viruses
On Saturday 06 Jul 2013 07:57:38 the wrote: On 07/06/13 02:21, Dale wrote: William Kenworthy wrote: On 06/07/13 04:12, Dale wrote: While we was chatting, he said that Linux is just as prone to getting a virus as windoze and so is a Mac. I think my laughing let him know I wasn't buying his comment. Well this is just FUD. Linux and BSDs are much much less prone to virus infection due to their architecture and default authentication restrictions. Also your average Linux user, well at least your average Linux desktop user is more clued up than the MSWindows equivalent. With the advent of Linux to mobile devices (Android) this statement is no longer true. food for thought - some years back a member of the local lug picked up that something was listening on a port that he didn't think should be in use. Turned out to be an infected windows binary running under wine ... I presume he had been using wine and this was left running, rather than self starting. BillK Well, no Wine here. So that won't happen. Actually, I don't have a copy of windoze here at all. Neither of my two rigs have ever had windoze installed on them at all. I'm sure some poster in 2003/04 posted in this same list about a MSWindows malware running in Wine. That's indication of good code as far as I'm concerned, because most MSWindows programs that I tried would fall over themselves in Wine! LOL! BTW, I have been known to open those attachments before. I usually open them with kwrite or something and try to see what is human readable in there. Most is machine language but there is usually a small portion that is human readable. They sent it and I'm nosy that way. lol Perhaps it's easier to use strings? hexdump -C suspect_payload You may have to unzip it first, because a lot of malware is zipped to escape detection from some simpler anti-virus checkers. You can also use dd and pipe it to an antivirus to see if it finds anything known. All OS are susceptible to malware, but not all malware are viruses. At least one virus has existed for Linux (in the 90s or early 00s), but it was patched overnight if I remember right. Other than that I don't know of any programs which can be replicated on Linux machines. I think this is because despite Lennart's efforts no two linux OS are exactly the same. So, as the virus is trying to replicate itself it will fall down at the next box it tries to infect. However, rogue add-ons in browsers, increasingly sophisticated JavaScripts, and HTML 5 with all its cross-domain/cross-site-request potential could wreck at least some of your data and steal your information, just as easily as the adjacent MSWindows box. Oh, before I forget, did I mention Java? Linux running on mobile devices is a different category because there is great uniformity of the OS across devices. This is a big target for any malware writers and state actors who value their coding time: http://techcrunch.com/2013/07/04/android-security-hole/ -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Linux viruses
On Jul 6, 2013 11:13 AM, Peter Humphrey pe...@humphrey.ukfsn.org wrote: On Friday 05 Jul 2013 22:46:10 Paul Hartman wrote: ... but the person sitting at the keyboard is usually capable of screwing it up more than any virus. :) Hah! Tell me about it. :-( -- Peter What I did recently: format an USB drive. I was happily typing mkfs.vfat /dev/sda1. ... why was this so fast? And why wasn't the usb device blinking? FU! This was sda, so goodbye windows7 boot partiton... luky me
Re: [gentoo-user] Linux viruses
I was present for a discussion about which is the most secure OS. I don't remember the forum but the consensus was that the most secure OS is the one you know. Anyone can wreck a system but not everyone has the ability to maintain a system. I'm not arguing that you can run Windows as tight as Linux (no SELinux, tripwire costs $, etc). What I'm saying is if someone doesn't know Windows they'll do more harm than good. (same Linux). You can probably grep through a virus definition db and find an OS field. Probably ClamAV is your best bet here (but any may work). There's also a 50+ gig torrent of all known viruses you can look for. You could also figure out how to query vulns for the OS they're on (mitre or NIST) - probably hard. Reversing - as mentioned above, get a hex editor, and use strings. The other option is that it could have debug symbols still. Indicator lights is a piss poor way to see anything about what might be running. It's like looking at the hdd light to see how much your computer is processing. Ps - the software you're talking about is Windows. On Jul 6, 2013 5:22 AM, Mick michaelkintz...@gmail.com wrote: On Saturday 06 Jul 2013 07:57:38 the wrote: On 07/06/13 02:21, Dale wrote: William Kenworthy wrote: On 06/07/13 04:12, Dale wrote: While we was chatting, he said that Linux is just as prone to getting a virus as windoze and so is a Mac. I think my laughing let him know I wasn't buying his comment. Well this is just FUD. Linux and BSDs are much much less prone to virus infection due to their architecture and default authentication restrictions. Also your average Linux user, well at least your average Linux desktop user is more clued up than the MSWindows equivalent. With the advent of Linux to mobile devices (Android) this statement is no longer true. food for thought - some years back a member of the local lug picked up that something was listening on a port that he didn't think should be in use. Turned out to be an infected windows binary running under wine ... I presume he had been using wine and this was left running, rather than self starting. BillK Well, no Wine here. So that won't happen. Actually, I don't have a copy of windoze here at all. Neither of my two rigs have ever had windoze installed on them at all. I'm sure some poster in 2003/04 posted in this same list about a MSWindows malware running in Wine. That's indication of good code as far as I'm concerned, because most MSWindows programs that I tried would fall over themselves in Wine! LOL! BTW, I have been known to open those attachments before. I usually open them with kwrite or something and try to see what is human readable in there. Most is machine language but there is usually a small portion that is human readable. They sent it and I'm nosy that way. lol Perhaps it's easier to use strings? hexdump -C suspect_payload You may have to unzip it first, because a lot of malware is zipped to escape detection from some simpler anti-virus checkers. You can also use dd and pipe it to an antivirus to see if it finds anything known. All OS are susceptible to malware, but not all malware are viruses. At least one virus has existed for Linux (in the 90s or early 00s), but it was patched overnight if I remember right. Other than that I don't know of any programs which can be replicated on Linux machines. I think this is because despite Lennart's efforts no two linux OS are exactly the same. So, as the virus is trying to replicate itself it will fall down at the next box it tries to infect. However, rogue add-ons in browsers, increasingly sophisticated JavaScripts, and HTML 5 with all its cross-domain/cross-site-request potential could wreck at least some of your data and steal your information, just as easily as the adjacent MSWindows box. Oh, before I forget, did I mention Java? Linux running on mobile devices is a different category because there is great uniformity of the OS across devices. This is a big target for any malware writers and state actors who value their coding time: http://techcrunch.com/2013/07/04/android-security-hole/ -- Regards, Mick
Re: [gentoo-user] Linux viruses
On Sat, Jul 06, 2013 at 10:50:40AM +0200, Alan McKinnon wrote: Technically, he's not wrong - any OS is just as susceptible to viruses as any other, you just have to get over the first hurdle which is getting code to run. The overall design of Windows has historically made this somewhat easy, and the overall design of Windows users made it easier still. Using Occam's Razor, I'd guess the fellow behind the counter is not too different from fellows behind counters everywhere, and he's running on one of these motivations: 1. He will punt what earns him more money (he's in sales after all) 2. He will defend the thing he sells (usually by talking down the competition) 3. Just repeats some line he heard somewhere and doesn't really understand the topic (but is convinced he does) Ack! I built my first PC in 1984, and have worked on a couple since. I could write a book on all the FUD I've heard since then. People come into my computer shop and tell me what they told them all the time. The bottom line of WHY they tell them such things is all ignorance. Without the business model that Bill Gates created, there would be no computer repair shop industry such as we have now. Big Ears Billy is my frend. ;-) Mickey$oft has purposed to create millions of ignorant computer users who will buy any piece of garbage software they can click and install with their index finger. Prime example: http://www.speedtest.net/ Running a Windoze OS you'll find at least 3 pieces of software advertised before the real test loads on your computer. That's on a Windoze box which doesn't allow cookies or tracking software of any kind. On a Gentoo box, running Firefox 22.0, NONE of those software offers loaded at all. Since 2003 the only customer of mine who got a virus/trojan/worm/etc is the ONE college student who turned off the software his Mom bought from me when it kept him from going to a certain website. He now has a password on the A/V software known only to me, and hasn't had a problem since. NB: I only sell the best A/V software on the market, which hasn't missed a virus in the wild since it's inception. Many people, like the boy Dale talked to, make their living off virii. Mine is made off of referrals. They make more money than I, but I sleep better. -- Happy Penguin Computers ') 126 Fenco Drive ( \ Tupelo, MS 38801 ^^ supp...@happypenguincomputers.com 662-269-2706 662-491-8613 http://happypenguincomputers.com/ A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? Don't top-post: http://en.wikipedia.org/wiki/Top_post#Top-posting
Re: [gentoo-user] Linux viruses
On Sat, Jul 06, 2013 at 10:12:27AM +0100, Peter Humphrey wrote: On Friday 05 Jul 2013 22:46:10 Paul Hartman wrote: ... but the person sitting at the keyboard is usually capable of screwing it up more than any virus. :) Hah! Tell me about it. :-( Ack -- Happy Penguin Computers ') 126 Fenco Drive ( \ Tupelo, MS 38801 ^^ supp...@happypenguincomputers.com 662-269-2706 662-205-6424 http://happypenguincomputers.com/ A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? Don't top-post: http://en.wikipedia.org/wiki/Top_post#Top-posting
Re: [gentoo-user] Linux viruses
Ahahahah... Il giorno 05/lug/2013 22:13, Dale rdalek1...@gmail.com ha scritto: I had a interesting adventure the other day. A friend of mine's son is getting ready to go to college. Budget is tight so we went to find a used laptop for him. I went into the local puter shop and the techie guy there had a interesting statement that makes me think I'm not recommending them for computer service to anyone else. While we was chatting, he said that Linux is just as prone to getting a virus as windoze and so is a Mac. I think my laughing let him know I wasn't buying his comment. I since did some googling and it seems I am right and he just thought I was some know nothing guy he could sell some service too. Anyway, has anything changed to make Linux more prone to viruses than it used to be? I read a percentage somewhere that said like 99% of viruses are windoze only. Is there a indisputable source of information on this? Thanks. Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
Re: [gentoo-user] Linux viruses
On Fri, Jul 5, 2013 at 3:12 PM, Dale rdalek1...@gmail.com wrote: I had a interesting adventure the other day. A friend of mine's son is getting ready to go to college. Budget is tight so we went to find a used laptop for him. I went into the local puter shop and the techie guy there had a interesting statement that makes me think I'm not recommending them for computer service to anyone else. While we was chatting, he said that Linux is just as prone to getting a virus as windoze and so is a Mac. I think my laughing let him know I wasn't buying his comment. I since did some googling and it seems I am right and he just thought I was some know nothing guy he could sell some service too. Anyway, has anything changed to make Linux more prone to viruses than it used to be? I read a percentage somewhere that said like 99% of viruses are windoze only. Is there a indisputable source of information on this? There have absolutely been viruses and various root exploits for Linux systems, but to say it is even 1% as many as Windows would probably be a massive overstatement. Not that Linux or Mac are necessarily inherently more secure than Windows, but Windows (and software that runs on Windows) is by far the biggest target for bad guys, and the most used by careless users. On any operating system, proper maintenance with regard to security updates, and smart behavior (don't run that EXE attachment the Nigerian prince just sent you) will keep you safe. For people who don't do that, Linux is typically set up more securely than Windows, by default... but the person sitting at the keyboard is usually capable of screwing it up more than any virus. :)
Re: [gentoo-user] Linux viruses
On 06/07/13 04:12, Dale wrote: I had a interesting adventure the other day. A friend of mine's son is getting ready to go to college. Budget is tight so we went to find a used laptop for him. I went into the local puter shop and the techie guy there had a interesting statement that makes me think I'm not recommending them for computer service to anyone else. While we was chatting, he said that Linux is just as prone to getting a virus as windoze and so is a Mac. I think my laughing let him know I wasn't buying his comment. I since did some googling and it seems I am right and he just thought I was some know nothing guy he could sell some service too. Anyway, has anything changed to make Linux more prone to viruses than it used to be? I read a percentage somewhere that said like 99% of viruses are windoze only. Is there a indisputable source of information on this? Thanks. Dale :-) :-) food for thought - some years back a member of the local lug picked up that something was listening on a port that he didn't think should be in use. Turned out to be an infected windows binary running under wine ... I presume he had been using wine and this was left running, rather than self starting. BillK
Re: [gentoo-user] Linux viruses
William Kenworthy wrote: On 06/07/13 04:12, Dale wrote: I had a interesting adventure the other day. A friend of mine's son is getting ready to go to college. Budget is tight so we went to find a used laptop for him. I went into the local puter shop and the techie guy there had a interesting statement that makes me think I'm not recommending them for computer service to anyone else. While we was chatting, he said that Linux is just as prone to getting a virus as windoze and so is a Mac. I think my laughing let him know I wasn't buying his comment. I since did some googling and it seems I am right and he just thought I was some know nothing guy he could sell some service too. Anyway, has anything changed to make Linux more prone to viruses than it used to be? I read a percentage somewhere that said like 99% of viruses are windoze only. Is there a indisputable source of information on this? Thanks. Dale :-) :-) food for thought - some years back a member of the local lug picked up that something was listening on a port that he didn't think should be in use. Turned out to be an infected windows binary running under wine ... I presume he had been using wine and this was left running, rather than self starting. BillK Well, no Wine here. So that won't happen. Actually, I don't have a copy of windoze here at all. Neither of my two rigs have ever had windoze installed on them at all. BTW, I have been known to open those attachments before. I usually open them with kwrite or something and try to see what is human readable in there. Most is machine language but there is usually a small portion that is human readable. They sent it and I'm nosy that way. lol I'm still trying to figure out what he thought he would accomplish tho. I can't get my head wrapped around that yet. Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
