The Artima Developer Community
Articles | News | Weblogs | Books | Forums
Artima Forums | Articles | Weblogs | Java Answers | News
Sponsored Link

Web Buzz Forum
Not getting your Linux box infected

0 replies on 1 page.

Welcome Guest
  Sign In

Go back to the topic listing  Back to Topic List Click to reply to this topic  Reply to this Topic Click to search messages in this forum  Search Forum Click for a threaded view of the topic  Threaded View   
Previous Topic   Next Topic
Flat View: This topic has 0 replies on 1 page
Stuart Langridge

Posts: 2006
Nickname: aquarius
Registered: Sep, 2003

Stuart Langridge is a web, JavaScript, and Python hacker, and sometimes all three at once.
Not getting your Linux box infected Posted: Feb 17, 2005 9:36 AM
Reply to this message Reply

This post originated from an RSS feed registered with Web Buzz by Stuart Langridge.
Original Post: Not getting your Linux box infected
Feed Title: as days pass by
Feed URL: http://feeds.feedburner.com/kryogenix
Feed Description: scratched tallies on the prison wall 		Latest Web Buzz Posts
Latest Web Buzz Posts by Stuart Langridge
Latest Posts From as days pass by

Advertisement

rds slags off people who are running hula without checking it :

Also, for anyone wondering how easy it would be for some malcious idiot to infect a Linux box, ask how many people are now running Hula. Now, how many audited that code first? Now, how many had to run it as root to even get it to run? Now, how many people put it onto their box merely because it was released. Now, how many people, before installing it, knew what the fuck it even does? Remember: Linux is airtight, nothin’ll get in on one of those boxes, you don’t need to be careful, because you’re totally covered. Running a untested, unaudited network server as root? Spy/mal/adware? Bitch, please, it’s cool. We’ve got some no-exec patches compiled in and everything.

Probably right for dim people. Me, on the other hand, I ran it on my laptop, and it had no network connection while I was doing it. And then I stopped it before opening the network again. Perhaps it installed some spyware. I think it’s unlikely, frankly, because I trust Novell and I trust Nat Friedman, but perhaps Novell are interested in really really annoying their core community and installed some spyware on my machine. Then yep, I’ve been owned. On the other hand, as I have said before , bad programs don’t need to be root. How much safer would I be if I was running the software as my user account? It could still infect my apps; still hide itself all over the place. .gnome/AutoStart, an extension in Firefox, my .bashrc, my .bash_profile, my .xsession, my .xinitrc. In my Gnome configuration as an applet. Being root would allow it to install a few more places, but, like, whatever, man. Root stuff is less bad if I lose it than all the stuff that I can write as a user, because I can reconstitute all root-owned things with a quick blast from the Debian archives. That is, assuming that Debian haven’t decided to add spyware to my machine, just like Novell perhaps have. How are GPG keys going to affect that? How can we be snide about the problems of running Hula, from Novell, and not be equally snide about the problems of running Debian software?

Read: Not getting your Linux box infected

Topic: A Twelve Step Program For Identifying and Eliminating Organizational Change || kuro5hin.org Previous Topic   Next Topic Topic: JRex Features
Sponsored Links


Google
  Web Artima.com   

Copyright © 1996-2019 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use