12 replies to this topic

[V.T. Eric Layton]

It seems sometimes that security firms are just hɘll bent on making Linux vulnerable. In a recent article from Computer World, F-Secure is harping about some minor, mostly obscure backdoor trojan attempt at some silly website in South America. The BIG headline that they focus on is the alleged cross-platform potential; particularly regarding Linux. OOOOOH!   Yet, none of the articles explain how exactly this exploit would affect Linux systems, nor do they note that without ROOT privileges the exploit would be nothing more than a fart in a paper bag on most Linux systems.

It's sad when even the tech media has slid down the trade-integrity-for-ad-revenue slippery slope that general media has.

Linux vulnerability found in Web exploit


New Web exploit targets multiple platforms


Multi-platform Backdoor Lurks in Colombian Transport Site

[securitybreach]

Yeah I had the same thoughts after reading those articles over the last week or so...

Definitely FUD!!!!

[amenditman]

They are not journalistic professionals, the tech media is selling a product.

Face it, fear sells. Even when people read this shart over and over again and it never comes to pass the way it is presented, they still go back for more the next time.

Friggin sheep!

[V.T. Eric Layton]

And you don't think the general media are selling a product?

Baaa-aaaaa!

[sunrat]

So I need to:
-Ignore the untrusted certificate warning
-Have Java installed
-Give the malware root privileges
None of which I'm likely to do. Yep, lame.
Still, I might change that bulk cocaine order to a Bolivian supplier just in case.

[ichase]

Well let them write (or type) until their hearts content.  I don't see the likes of the DoD, FAA, Google, Amazon, The U.S. Postal Service etc etc getting rid of their Linux servers anytime soon.

All you have to do is look at who or what company is using Linux to ensure their servers and networks are secure.

[amenditman]

V.T. Eric Layton, on 17 July 2012 - 08:27 PM, said:

And you don't think the general media are selling a product?

Baaa-aaaaa!

No, No, No! You missed my point.
The tech media took a lot longer to fall down the same slit trench the "real" media has been in for eons.

Between the loss of an un-biased media, political correctness, and special interest lobbying/corruption, this country has seen much better days.

Hopefully we can turn this around, soon.

[V.T. Eric Layton]

@ Roger... Bolivia, huh?

@ Ian... good points!

@ Bob... AH! I sees what yous mean now.

[LilBambi]

Yep, would have to really get users to do what they know they should not do. Experienced users will know not to do that. And this also supposes a permissions based system with the user as a standard user and root being a separate and distinct account.

In most cases that would be the case. Have they changed those distros that were trying to make life easier by having the user be root so that is not the case any longer? Or are those distro gone now (I hope).

Also, not all users are experienced. Some are new Linux Explorers and may not realize what's happening. So, although, in theory, I totally agree with what you all are saying, there are still going to be some users who are not wise enough to just say no.

I think that is who they were writing for. Course it leaves the rest of us annoyed that they think we are that stupid ... but ...

[V.T. Eric Layton]

Your point about inexperienced users not learning to "just say no", is a good point in favor or Ubuntu's (and Ubuntu-based distros) use of sudo without an actual root account. For me personally, though, I don't like not having an enabled root account. It saved my ascii a few times by having an enabled root when I was running Ubuntu back in '06. Of course, nowadays, I can save my Ubuntu w/o and enabled root by using the magical chroot from a thumb drive distro. Root is god. Chroot is BIG GOD!

[securitybreach]

V.T. Eric Layton, on 19 July 2012 - 05:21 PM, said:

Root is god. Chroot is BIG GOD!

Indeed   

[goretsky]

Hello,

Speaking as someone who works in the industry (but as a competitor to F-Secure, and Microsoft, too, for that matter), I can tell you that we blog about things when we come across something that is novel, either because of it's scope (millions of PC's affected, millions of dollars stolen, etc.) or because it does something interesting, technology-wise.  In this case, I think the F-Secure blogger came across a rarely-seen multi-platform attack and decided to blog about it because that was the interesting part, not because of scale in terms of affected users.

Anti-malware companies regularly blog about low-volume threats because they may be interesting for technical reasons (making use of a new exploit, interesting social engineering aspects, etc.) , or have a high-impact in other areas (e.g., targeting a specific market sector, industrial espionage, hactivism, etc.).

I think F-Secure did a good job of coverage on the threat.  Not all threats are going to be for Microsoft Windows and as other operating systems gain traction on the desktop and in the server rack, you're probably going to be reading about attacks on them.

Regards,

Aryeh Goretsky

[LilBambi]

@Eric I like a real root user that I can su to as needed and then back out again to normal user. SUDO has it's own security issues imho. But it's better than running as root.

@Aryeh, I hear ya and agree. I have gotten to the point where I wish they would stipulate what OS the vulnerability is in. Because not everyone uses Windows.