Re: OT: Linux Malware is possible? if it is :(

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wednesday 02 December 2009 16:04:58 Richard Heck wrote:
> On 12/02/2009 10:09 AM, Dave Ihnat wrote:
> > Secondly, once you (as the bad guy) get a user to run something for you,
> > you can start poking at the system itself.  In this case, you're looking
> > for a flaw in the system security itself--either misconfiguration, or
> > an actual hole in some program or service that a normal user can run
> > or use.
> 
> As has been pointed out, however, serious damage can be done even if the
> cracker never gets root privileges. One could install new extensions to
> Firefox, for example, that would give the cracker access to passwords.
> Or install programs into the user's home directory, run them from
> .bash_profile, or whatever, and send spam around the world just using
> "mail", the messages themselves being downloaded via wget. Etc, etc. All
> very dangerous.

Social engineering cannot be solved by technology. If one is stupid enough to 
accept a trojan and gets compromised, it is one's own fault. However, the main 
advantage of Linux in this situation is that *other* users are still pretty 
much safe, while in Windows compromising one user usually means compromising 
the whole machine, which opens a door to *all* users on that machine. And that 
is far worse --- if you share the machine with a fellow user who is dumb 
enough to fall for trojans, he is compromising *your* security if on Windows, 
while only his own if on Linux.

Best, :-)
Marko

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux