RE: Scary article in Wall Street Journal today

To: "Paul E Condon" <pecondon@mesanetworks.net>, <debian-user@lists.debian.org>
Subject: RE: Scary article in Wall Street Journal today
From: "James Wu" <JWu@eyereturn.com>
Date: Thu, 18 Feb 2010 17:14:52 -0500
Message-id: <[🔎] FFFA2CACDB4D5C44A24B0930113812180114BA45@ersbs2.eyeReturn.local>
In-reply-to: <[🔎] 20100218215840.GC2228@big.lan.gnu>

Just want to reiterate that just because we're running Linux doesn't
mean we're immune to these types of attacks. I remember reading a while
ago how there was a trojan that was discovered on one of the files
hosted at www.gnome-look.org masquerading itself as a screensaver. Users
would download them, switch to root to install and voila, infected
machine.

James 

-----Original Message-----
From: Paul E Condon [mailto:pecondon@mesanetworks.net] 
Sent: February 18, 2010 4:59 PM
To: debian-user@lists.debian.org
Subject: Re: Scary article in Wall Street Journal today

On 20100218_132513, Mark wrote:
> >
> > >On Thu, 18 Feb 2010 12:25:04 -0700, Paul E Condon wrote:
> >
> > > Today in Wall Street Journal (pg 3 in US edition), there is an 
> > > article about hacker break-ins to computers via the internet. 
> > > Mentioned as the method of break-in are spyware called ZeuS, and 
> > > Firefox browser, but no mention of what OS are aflicted.
> >
> >
> As someone still learning about Debian/Linux, is it a correct 
> statement to say that these spyware/malware/virus .exe type files that

> try to install on a given machine, are virtually useless against 
> Debian systems unless the user logs in as root to allow installation?

> At a minimum, wouldn't synaptic/aptitude request the root password
before proceeding?
> 
> Mark

I'm the OP on this thread, so by no means an authority of Debian
security, but ...

Synaptic/aptitude already run with root privileges in order to be able
to install the executable programs that are downloaded from Debian
repositories.  So root password requirement is not a realistic response
to whatever is being done.

I'm aware of various security measures that *are* realistic defense
against various attacks. These measures involve cryptographics and
certificates and keyrings. I have learned to be somewhat complacent
about web security, but there was something about this article that got
me wondering if I shouldn't revisit the issue of security on Debian.
Now, it looks to me like same-old-same-old. If so, the worry morphs into
a worry about an onslaught of newbies moving to Debian and flooding this
list with silly newbie questions (like mine of not so long ago). But
that really isn't a worry, because, same-old-same-old, Windows users
appear to be invincibly ignorant.

Thanks to all for useful links.
-- 
Paul E Condon           
pecondon@mesanetworks.net

--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org
Archive: [🔎] 20100218215840.GC2228@big.lan.gnu">http://lists.debian.org/[🔎] 20100218215840.GC2228@big.lan.gnu

Reply to:

References:
- Re: Scary article in Wall Street Journal today
  - From: Paul E Condon <pecondon@mesanetworks.net>

Prev by Date: Re: Scary article in Wall Street Journal today
Next by Date: Re: portable Debian
Previous by thread: Re: Scary article in Wall Street Journal today
Next by thread: Re: Scary article in Wall Street Journal today
Index(es):
- Date
- Thread