From: Vahis on
http://www.omgubuntu.co.uk/2009/12/malware-found-in-screensaver-for-ubuntu.html

Vahis
--
"Sunrise 9:17am (EET), sunset 3:09pm (EET) at Espoo, Finland (5:52 hours daylight)"
http://waxborg.servepics.com
Linux 2.6.25.20-0.5-default #1 SMP 2009-08-14 01:48:11 +0200 x86_64
6:36pm up 41 days 23:37, 15 users, load average: 1.04, 0.54, 0.37
From: SM on
2009-12-11, Vahis skribis:
> http://www.omgubuntu.co.uk/2009/12/malware-found-in-screensaver-for-ubuntu.html

Installing software Windows-style yields Windows-style results.

--
kasmra
:wq
From: MarcB on
SM wrote:

> 2009-12-11, Vahis skribis:
>> http://www.omgubuntu.co.uk/2009/12/malware-found-in-screensaver-for-
ubuntu.html
>
> Installing software Windows-style yields Windows-style results.
>
So this leads to the conclusion that linux is not very much safer than
windows. If in windows people only install SW from trusted sources,
there is no malware or virus problem either.
Linux virusses or malware cannot access the system itself without root
permissions, but they have access to the home directory where
user data is stored, and this user data may contain usefull info
for criminals to enable them to do identity theft things.

I dumped windows for some time now, but if I read this, it seems
that the only additional linux security perimeter is the trusted repo's
from the distro itself, and more things like SELINUX which is too
complex to configure for average PC users.
--
MarcB
From: SM on
2009-12-12, MarcB skribis:
> SM wrote:
>
>> 2009-12-11, Vahis skribis:
>>> http://www.omgubuntu.co.uk/2009/12/malware-found-in-screensaver-for-
> ubuntu.html
>>
>> Installing software Windows-style yields Windows-style results.
>>
> So this leads to the conclusion that linux is not very much safer than
> windows. If in windows people only install SW from trusted sources,
> there is no malware or virus problem either.

To a much lesser extent, I'd imagine. OTOH, such scenario is not likely
to exist.

> Linux virusses or malware cannot access the system itself without root
> permissions, but they have access to the home directory where
> user data is stored, and this user data may contain usefull info
> for criminals to enable them to do identity theft things.
>
> I dumped windows for some time now, but if I read this, it seems
> that the only additional linux security perimeter is the trusted repo's
> from the distro itself, and more things like SELINUX which is too
> complex to configure for average PC users.

Despite Linux being inherently more secure than Windows, as you point
out, the main problem still exists between the chair and the keyboard.
Installing random .debs (cool-screensaver.deb???) from the Web, running
havoc as root and other similar Linux newcomer mistakes eventually mess
up one's system, whichever the OS. Kind of a worn out fact, but still
valid.

--
kasmra
:wq
From: J.O. Aho on
MarcB wrote:
> SM wrote:
>
>> 2009-12-11, Vahis skribis:
>>> http://www.omgubuntu.co.uk/2009/12/malware-found-in-screensaver-for-
> ubuntu.html
>> Installing software Windows-style yields Windows-style results.
>>
> So this leads to the conclusion that linux is not very much safer than
> windows. If in windows people only install SW from trusted sources,
> there is no malware or virus problem either.

Microsoft has released versions of their OS with viruses presintalled on the
install CD, so no, I wouldn't say that it would be as safe as use as Linux (if
we would disregard all the other problems with microsofts products).


> Linux virusses or malware cannot access the system itself without root
> permissions, but they have access to the home directory where
> user data is stored, and this user data may contain usefull info
> for criminals to enable them to do identity theft things.

Usually you can only access one users data this way, compared to accessing all
users data in a microsoft system. Far better that they get just one bank login
in than both.


> I dumped windows for some time now, but if I read this, it seems
> that the only additional linux security perimeter is the trusted repo's
> from the distro itself, and more things like SELINUX which is too
> complex to configure for average PC users.

You never know what a 3rd party has done with software, regardless of the OS
you use, at least in the Linux world you have a high number of applications
that has been checked for your to be free of trojans, how many third party
applications does microsoft or Apple check for you?
Don't forget that even a default GNU/Linux is securer to use than what you get
from microsoft, of course if you have the time to configure SELinux, then you
get something that is more secure than microsoft can offer.


--

//Aho