Just Imagine
|
| Author | Content |
|---|---|
| bigg Dec 01, 2009 4:50 PM EDT |
Just imagine how many stories there would be if it were news everytime a 'developer' decided to write malware for Windows. Linux must be secure if this is worthy of a story. |
| tracyanne Dec 01, 2009 5:27 PM EDT |
You will note, that once again it is a Trojan, a malware form that as far as I'm aware, it is agreed all Operating systems are susceptible to, as it depends on the security of the wetware that resides between the chair and the keyboard. |
| d0nk3y Dec 01, 2009 6:11 PM EDT |
Yeah - pfft. Bring it on! The more exposure the better Any holes will be fixed. End of story. And linux remains more secure. |
| phsolide Dec 01, 2009 6:15 PM EDT |
Actually, like in every other area, Unix had malware first. From Fred Cohen's first virus in 1984, to RTM's worm in '88, to fake /bin/login, Unix had it all first. So the real question is, "Why does Windows have such a huge malware problem?" Unix had decades of head start, and it doesn't have any such problem. The best the "Anti-Virus" companies can come up with is script-kiddies infecting already-hacked boxes with RST.b viruses, that come from dodgy malware. The release of yet another trojan won't make any difference whatsoever. Whatever immunity to infection the linux/unix file permissions, user IDs, group IDs, etc comprise is enough to prevent the pandemics that plague windows. Oh, also the lack of "executable documents" under Linux. That was a major mistake that MSFT and Apple made. |
| kingttx Dec 01, 2009 6:19 PM EDT |
It feels more like vaporware when I read the article. I'd feel a little better about the claims (for lack of a better term) if there were some third party Linux security guru that looked it over instead of simple raves and claims by its own author. It raises the question, though, if it adds the execute bit without the user specifically chmod'ing it. Someone please correct me if I'm wrong, but most distros have sane masks for the /home directories wherein, by default, no new files are executable unless the user chmod's the file. Like many have said before, you can trick users into running "rm -rf /" (I think there are some barriers in some distros now to prevent this, though). Will the script escalate privileges and/or touch system files without explicit permissions? Will it add its own execute bit? Does it propagate on its own? Does it do anything compelling beyond some fancy scripting? |
| Scott_Ruecker Dec 01, 2009 6:37 PM EDT |
Quoting:it depends on the security of the wetware that resides between the chair and the keyboard Exactly Tracy, hear hear! |
| gus3 Dec 01, 2009 6:50 PM EDT |
It isn't "malware" as most people think of it. It's a tool for demonstrating, in a non-malicious way, that the system has been compromised. Any color hat, who wants to test an attack can use this as the payload. I suggested he donate it to the SELinux project for their regression testing suite. |
| tracyanne Dec 01, 2009 7:17 PM EDT |
http://blogs.zdnet.com/security/?p=1689&tag=nl.e539 http://blogs.zdnet.com/security/?p=4748&tag=nl.e539 http://blogs.zdnet.com/security/?p=4996&tag=nl.e539 Not Linux, but interesting with regard to the subject |
| moopst Dec 01, 2009 10:54 PM EDT |
Sounds to me like the Honor System virus http://en.wikipedia.org/wiki/Honor_system_virus |
Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]
Becoming a member of LXer is easy and free. Join Us!