Re: security (malware) issues in Linux bases OSes
On Sun, Feb 15, 2009 at 04:22:37PM -0300, Eduardo M KALINOWSKI wrote:
> T o n g wrote:
> > On Sun, 15 Feb 2009 13:25:35 -0500, H.S. wrote:
> >
> >
> >> In the last some weeks I recall reading in one of the mailing lists that
> >> it is just a matter of popularity that we are not seeing bad intentioned
> >> debs or rpms on the internet. If Debian/Ubuntu/Fedora were to become
> >> sufficiently popular, the claim is that it would be just as easy and
> >> popular to infect these OSes by making a user install something like
> >> NakedBrittany.deb as is now the case with Windows users.
> >>
> >
> > Don't know where you get it from, but seem to me the person who made such claims is a clueless Linux
> > newbie himself. Debian have package signature signing and checking years ago, even for non-official repos.
> >
>
> But neither of these help in case a stupid user receives an e-mail saying:
>
> Run 'sudo dpkg -i FreePornPics.deb to see <insert celebrity name here>'s
> secret sex tape'.
>
> (Or some variation thereof.)
A Debian user should not be expected to install just any .deb file. This
why this procedure should be relatively complicated (and it is, IIRC).
But you're missing the real fun: http://lwn.net/Articles/319072/
--
Tzafrir Cohen | tzafrir@jabber.org | VIM is
http://tzafrir.org.il | | a Mutt's
tzafrir@cohens.org.il | | best
ICQ# 16849754 | | friend
Reply to: