Re: Anti-malware for my personal Debian workstation?
Hi,
11 avr. 2020 à 19:48 de scdbackup@gmx.net:
> l0f4r0@tuta.io wrote:
>
>> I don't really
>> think Linux is intrinsically more secure than Windows nowadays (a
>> vulnerability remains as such) but I really think Linux ecosystem is.
>>
> This might be a merciful misperception. To my theory, free virus producers
> are just much better programmers than those of MS-Windows malware.
>
> "When you do things right, people won’t be sure you’ve done anything
> at all." - Futurama
>
Could you explain that please?
12 avr. 2020 à 00:01 de joe@jretrading.com:
> (Most) Linux users are horrified by the thought of surfing the Web with
> root privileges, most Windows users are not even aware that their
> computers can be run at one of two privilege levels (many more with the
> business/professional versions).
>
Yes, and if they are aware of that, they tend to think more is better.
Least privilege in security is a leading principle but for the average person it's just seen as useless/unfair restrictions. People may feel less powerful and don't understand why they don't have full permissions.
12 avr. 2020 à 08:52 de andreimpopescu@gmail.com:
> On Sb, 11 apr 20, 19:06:59, > l0f4r0@tuta.io> wrote:
>
>> * Most softwares are downloaded through official preconfigured
>> repositories. Users are less prone to download malware on suspicions
>> websites
>>
> There are sufficient tutorials advising to download random scripts and
> run with root privileges.
>
>> * Updates are easier as well because tracked/centralized through
>> repositories themselves for the most part. On Windows you need to
>> check Windows Update + Windows Store + each application individually
>>
> Would be the same on Debian if you chose to install additional software
> with some other package manager and debs downloaded from whatever
> website.
>
Yes, of course, you're right. That is why I used "most" 2 times ;)
Indeed, users are free to go off-piste.
>> * Open source is more common on Linux (community-based) than Windows
>> (money-based) so theoretically anyone competent enough could view the
>> source by oneself and spot a malovelent behavior (/!\ in practice this
>> is not so easy, see what happened with OpenSSL / HeartBleed)
>>
> You probably mean Linus's law[2]. Unfortunately the reverse is true as
> well: without sufficient eyeballs there will be many bugs.
>
Thanks, I didn't know about this designation.
12 avr. 2020 à 18:25 de celejar@gmail.com:
> On Sun, 12 Apr 2020 17:41:54 +0200
> <> tomas@tuxteam.de> > wrote:
>
>> Trust is a complex beast. At its bottom it can't be completely
>> rational, but usually you trust a community because you somehow
>> think you understand how it works and you trust the information
>> chain linking you to that community.
>>
> Exactly. So if I trust the Sandstorm community (for example - I know
> nothing about them), then I'm not sure that there's any particularly
> great risk in installing their product via "curl | bash", and if I
> don't trust them, I shouldn't install their product via any other
> mechanism either.
>
Yes, this is the basics.
But you can encounter dangerous situations later that can easily jeopardize your initial trust, e.g: owner's change.
A black hat can register some expired/deleted legitimate resources (website, account) and start serving malware instead while current users are not aware...
Tomas has mentioned another variant with event-stream where a volonteer (but ultimately malevolent) person simply asked to take over the maintenance.
So I would say that trust is a perpetual exercise.
Best regards,
l0f4r0
Reply to: