Re: is there any Windows virus that affect linux?

To: debian-user@lists.debian.org
Subject: Re: is there any Windows virus that affect linux?
From: <tomas@tuxteam.de>
Date: Tue, 12 Dec 2017 11:00:18 +0100
Message-id: <[🔎] 20171212100018.GD11973@tuxteam.de>
In-reply-to: <[🔎] 1513071607.611256.1202195408.6EE5AF7A@webmail.messagingengine.com>
References: <1300352151.2727070.1513036230786.ref@mail.yahoo.com> <[🔎] 1300352151.2727070.1513036230786@mail.yahoo.com> <[🔎] slrnp2ufqk.2m2.dan@xps-linux.djph.net> <[🔎] 1513071607.611256.1202195408.6EE5AF7A@webmail.messagingengine.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Dec 12, 2017 at 04:40:07AM -0500, Anil Duggirala wrote:
> Ill ask another question here. Is having dual boot Windows 10 (or 7 or
> 8) and Linux a security risk? Will malicious Windows programs gain
> access to Linux files (files in the Linux partition?)? Does GPT help
> here? 

Think for yourself a bit: technically it is perfectly possible. The
Linux partition is accessible from windows and, given some sort of
library for "understanding" the file system (probably ext4), files
can be modified this way. Vice-versa, the windows partition will be
accessible from Linux.

So in both cases, and given enough access rights, software can modify
the respective "other side". Only perhaps full-disk encryption (and
using different keys on both sides, and being particularly suspicious
when you get asked for the "wrong" key) might help you here. Except...
there's the unencrypted boot partition (cf. "evil maid attack").

There is an history of such "mixed target" attacks: Stuxnet[1] comes
to mind, whose ultimate target was (quite probably) the Siemens S7
SCADA at the uranium enrichment plant in Natanz/Iran, but as a stepping
stone it first infected the Windows machines used as operator front
ends connected to the S7.

It takes some dedication to even understand what Stuxnet was doing
there, mind you.

That said, this kinds of attacks are so complex that (as in the
case of Stuxnet) it possibly takes the resources of a nation-state
(or, in this case, probably two) to set something up like that.
OTOH things are pretty fluid these days, so I wouldn't count on
that staying the same for a long time.

So to sum up -- you'll have to read up on many things to even
understand an answer to your question. My current answer would
be (to some high, but unspecified degree of probability) "No",
but that might change whithin the next couple o'years.

Cheers

[1] https://en.wikipedia.org/wiki/Stuxnet
- -- tomás
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlovqLIACgkQBcgs9XrR2kYs2wCePta+m261wwRGfqr2wY1Lr9GV
fdwAniuQ7tyLwiZ4WQ7KVkxf8ySea+x1
=zrZZ
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: is there any Windows virus that affect linux?
  - From: Anil Duggirala <anilduggirala@fastmail.fm>
- Re: is there any Windows virus that affect linux?
  - From: "x9p" <debian@x9p.org>

References:
- is there any Windows virus that affect linux?
  - From: Long Wind <longwind2@yahoo.com>
- Re: is there any Windows virus that affect linux?
  - From: Dan Purgert <dan@djph.net>
- Re: is there any Windows virus that affect linux?
  - From: Anil Duggirala <anilduggirala@fastmail.fm>

Prev by Date: Re: is there any Windows virus that affect linux?
Next by Date: Re: is there any Windows virus that affect linux?
Previous by thread: Re: is there any Windows virus that affect linux?
Next by thread: Re: is there any Windows virus that affect linux?
Index(es):
- Date
- Thread