Slashdot Mirror
WINE: A New Place for KLEZ to Play?
An anonymous submitter sends in this cautionary tale about Wine being maybe a little too good at emulating Windows. Update: 10/23 21:05 GMT by M : Better links: mirror 1, mirror 2.
← Back to Stories (view on slashdot.org)
Nice thing about WINE is: it can be shut OFF, then there is no environment to flourish in. ("/usr/local? Hell, I'm trying to find C:\windows\system")
JoeLinux
Only the things you don't use or want work well with Wine.
Haha, WINE must be very scary for bill if it even runs the virii that prosper on his software....
Now the world has gone to bed, Darkness won't engulf my head, I can see by infra-red, How I hate the night.
I know alot of software developers are anal retentive perfectionists, but this is going a little too far. What's next? EULA emulation?
?-|||-----x<*))))><
After seven posts!!?? Criminy people? how am I supposed to learn how windows sucks if you keep making IIS explode!?
Why emulate windows... it is a piece of crap in my opinion. Microsoft will probably buy them out now.. Microsft will buy anything that opposes them in lieu of putting up a fight. Take the X-box for example, why compete with Nintendo when they can buy all of thier 2nd and 3rd party developers... fuck you Microsoft, fuck you.
Microsoft all ready bought them!
- - - - - Fear not the reaper, but my shiny white teeth.
I don't think so. I think it's pretty amazing that this could occur within Wine. I'd be VERY pleased if I were a Wine developer.
Umm, anyone who marked that informative obviously
didn't bother to check the links. thanks guys!
Warning!! That is NOT the cache. DON'T CLICK IT!!!
It's a linux implementation of windows apis. IT really shouldn't be suceptable to virii like windows is. I would really like to know more about this (the article has already been slashdoted)
procrastination is a way of life aka i'll think up a sig later
The server is apparently running IIS under Wine.
I've just recently done a wineinstall to clean out my wine settings, and I don't have a Z:. Does that happen if you're running as root?
The only potential issue I can see is that your whole home directory is 'shared' between Linux and Wine by default.
Maybe I just read ~/ as /
"I can't give you a brain, so I'll give you a diploma" - The Great Oz (blatently stolen sig)
There was a story a year ago about sircam running on Wine.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
If you lie down with dogs, you'll get up with fleas...
Does anyone know if Norton Anti-Virus runs under Wine?
-- You can't idiot-proof anything, because they're always coming out with better idiots.
Hi folks!
The new version of WINE is available! It costs a mere $450 per seat, and after an extensive rewrite of the Windows ABI emulation exports NO functionality whatsoever!
BTW for optimum emulation, we recommend running WINE at nice -20.
COMING SOON - WINE SP1.
The all-new WINE Service Pack removes the ability to run MS-DOS programs, and stops you viewing any digital broadcast medium. This is to enhance your computing experience.
Way to go WINE!!!!
So, the question now is; Does WINE run Norton AV, McAfee, or InoculateIT?
All of the advantages, none of the . . . oops.
"If being a geek means being passionate about something, then I pity those who aren't geeks." - Pike65
Most people don't understand that just throwing more computing power at the daemon doesn't help. Apache does not come in a default configuration that is ready for heavy use production. The default config is pretty conservative, to prevent it from crashing the whole OS.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
Understand some people don't have enough bandwidth to handle a thorough /.'ing. Sooner or later, the site is goign to stop responding simply because you run out of effective bandwidth. Also understand not everyone can afford what they talk about.
Kinda obvious but easily forgotten. Being able to run windows apps is a two edged sword in many different respects. Access to good applications versus potentially reduced interest in linux development. Ability to run applications not built for linux versus inconsistant ability to run some of those same apps. And now of course, access to Windows apps versus the viruses that often go with them. The good comes along with the bad and there are plenty of unintended consequences to go around. Any engineer will tell you that there are tradeoffs for any design decision. WINE is no exception. Caveat emptor...
You're exactly right. It's that way with *any* web server. That's what I'm saying... you can't be much a "guru" of any kind if you can't tweak a web server/database server to take a serious load.
Wine is supposed to run Windows apps... a virus is a Windows app as any other... If the Wine user is running Outlook what else he can wait for? The vulnerabilities still there...
the obvious solution would be not to run WINE as root. The filesystem permissions should prevent excessive damage.
On the footer of *every single page* at linuxguru.net, we specifically request that slashdot not link our stories because we can't handle the load.
I now have two dead machines because they linked us anyways.
-James Blackwell
That wasn't what I was quite referring to. /.'ing no matter how good your server is. I could rig up a Quad PIII box to serve a site, but you're still not getting in if my only pipe is a 56K modem.
I meant physical bandwidth, like a T1. Chances are, if your pipe is small enough, the site is going to stop responding during a
Makes it seem kind of unnecessary to have obliterated their server -- could have posted the same "Don't click on that link!" and "The plural of 'virus' is 'viruses', buttmunch!" posts without it. ;-)
What I'm listening to now on Pandora...
Well, in all actuality, it's just burstable bandwidth for most sites... so what I'm wondering, is every Slashdotted site served off of somebody's cable modem at home? *Any* decent pipe should be able to handle a few thousand new users a second. If my server did this, you can be damn sure I'd be asking for a refund.
Amtrak is pretty good at emulating Windows too!
There are a lot of smart, knowledgeable people out there who don't want a $500+/month hosting or bandwidth+power bill.
Sujal
politics, food, music, life: FatMixx
If you're setting up a quad PIII web box to run over a 56k modem, then you sure as hell are clueless.
What you probably meant was places like hosting sites that limit you monthly.. once that 15/30/45 gigs runs out, zip, that's it.
Well, this article that I found here that discusses the limitations of Klez on WINE and how Sircam was able to run on WINE. All in all, it appears to be a limited threat.
Putting too much M$ in Linux makes bitter WINE.
IGB: More fun than eating oatmeal!
Understand some people don't have enough bandwidth to handle a thorough /.'ing. Sooner or later, the site is goign to stop responding simply because you run out of effective bandwidth. Also understand not everyone can afford what they talk about.
Why is it when a Linux related site gets slashdotted its a bandwidth issue and when its a Miscrosoft site...its Microsoft?
Well, I haven't seen the article, cause it's been slashdotted, but to all that talk about wine virii execution - look at this (the author of the screenshot is C-Pro).
Besides, I mean, just as with any other tool, you need caution. If you run wine as root with the whole tree as e: then sooner or later you're gonna regret it. The level achieved by wine emulation is amazing, so there are going to be security flaws if you don't know what you are doing, just as with any product with functionality as extensive as wine's
Join the elite! Post at score:2! Ghostwheel is online.
between being able to set up a server that can take a Slashdotting and being able to afford a setup that can take a Slashdotting there is quite a difference (esp. in your bank account after you get the bandwidth bill...)
-- the cake is a lie
Even so, you can still 'burst' the bandwidth past the point where it the network can handle it.
/.'d until its too late, and don't change their config until its too late.
Though I'm fairly sure the server is probably poorly/not correctly configured as well. Though a lot of times, I bet they don't know they are goign to get
Not that laziness is an excuse for this kinda event.
2 words: static webpages.
I know for a fact that if my ass was getting slashdotted, I'd be setting up static webpages faster than you can say "holy fucking shit where's my bandwidth?" I personally make a static archive of all my dynamic pages automatically just in case something like that happens. The problem lies in the fact that slashdot doesn't archive sites, nor do they give any type of notice before bringing the hordes of lamers from all over the internet to that site's front door. That's a "bad" thing.
I wonder if anyone's brought a lawsuit against slashdot(or their parent company, OSDN) for effectively destroying their servers.
ok, so i haven't seen the article. but this just goes to show that although running windows apps under linux using wine may be useful, what we are really wanting to do here is stop using that stuff anyway, by writing apps to replace them. isn't that why most of us run linux anyway, because we can't stand the alternative?
chris
Maybe somebody will explain emulation to me. We load/run linux/mac in order to find alternative so that we can run windows emulation on linux/mac. It is cool technology wise, but does it really make much since. It is like recursive user interfaces. Somebody should run linux on windows under wine. linux->wine/windows/->linux. It did this in bochs, it was kind of cool. Oh yea, to answer my question I guess it is cool to run windows software through emulation, thats all...
---- Berlin Brown http://www.newspiritcompany.
It's a security bug, a security hole, just like the ones in LookOut, and it ain't a Wine problem. This one belongs on bugtraq.
Whoa there cowboy! Wine is not an emulator (hence the name.) This is from their FAQ:
Is Wine an emulator?
Unfortunately, no. Wine provides low-level binary compatibility, but currently only for OSes running on Intel-compatible chips.
Well that is great, lets assume your servers...being a porn site listed on your sig are set to handle this sort of thing. That is great, and I will also assume that you have a burstable t1/ds3/oc connection. Great for you. Not everyone running a sites has this set up. Some people have one server, with a t1. Which is very easy to slashdot. Not a server farm, jacked to the nines(pun intended) with a burstable ds3.
Neck_of_the_Woods
#/usr/local/surf/glassy/overhead
Enjoy it while it lasts. Afterall, at this point, what are you gonna do?
Just hope and pray that they don't repost the same story tomorrow. It's been happening a fair bit lately.
I wonder if anyone's brought a lawsuit against slashdot(or their parent company, OSDN) for effectively destroying their servers.
/. giving sites a few hours' notice would be a good thing IMHO.
That'd be like a store suing a newspaper for giving them some good press and swamping them with customers. Though
Maybe the wonderful coders at OSDN should make a 'SlashCache' (static page) of a page that is mentioned on the front of an article instead of relying on the article submitter to link to a google cache. It would be automatic of course. And the static page would revert back to a direct link after volume drops.
Perspective is to Science what Interpretation is to Religion. Obama + Paul FTW
Someone can know what they're talking about, but still have a slow pipe. Someone can be an expert -- even at networking issues -- and find working with web servers (especially huge overkill-behemoths like Apache) to be uninteresting. Someone can have something worthwhile to say, and have no idea that they're about to be Slashdotted.
I think it's really funny that you think a "hardware guru" should know (and care) enough about web servers to take a slashdotting. You have an unusual concept of hardware.
The WINE project is becoming increasingly popular and useful to those who would continue to use proprietary, free, and unported opensource software available only for Microsoft Windows. I've tested it with a few games I had purchased while I still used Windows, and it surprised me. The WINE project, and the two popular forks in the project, WineX, and Codeweavers WINE, have come along quite nicely, albeit it slowly, over the last few years. I give a lot of credit to the many developers that have poured a lot of their time into the project, but, with the good, the bad must be accepted.
Recently a friend of mine, proficient in Linux, and not what you would call a 'newbie' to computing, received an email from a customer. The email was vague and included an attachment. In KMail, he decided to view the attachment, thinking it was simply an image. He clicks it, nothing happens, no viewer, no error, nothing but a few seconds of milling around, and then more nothing. Then, the wine notification pops up. By this time he had realized the file was a Windows executable, and that he'd just executed it with wine because of the MIME typing capabilities of KDE, and WINE's integration with the desktop.
If he were running windows, I would've slapped him upside the head, everyone with any sense at all would've expected an odd email with an attachment to be a ready and willing virus or worm. Of course, this was no different, this attachment contained the worm known as WORM_KLEZ.H. However, because of the sense of security from worms of this nature bestowed to Linux users, by the same type of ignorance in assumption that spreads them amongst Windows users, he never expected the attachment to be a virus or worm that would infect and operate as it normally does. Unfortunately, this is exactly what happened... click, boom, Klez goes nuts, etc., etc., etc.
The virus itself is simply a worm, it's what you'd call a 'dumb virus', in the sense that it isn't extremely complex, doesn't change itself around much, and basically works as fast as it can before it is easily obliterated by common virus scanning software. The basic idea is that it infects you, spreads itself by emailing from your computer to as many contacts as possible, then does its damage, if you want more detailed information, Trend Micro has plentiful information about Klez and other viruses and worms available on http://www.antivirus.com/.
Now, you may be wondering how it infected and actually 'worked', I know I certainly was. In this particular case, our cool customer known from here on out as 'John' for 'John Doe', had wine installed, and you see, the default configuration for most wine installs, shares your root linux directory as a drive visible to the applications running inside of it. If you know anything about the Klez worm, you'll remember that not only does it search for address books, etc, it will search for many other common file formats on the entire system, searching for email addresses, dropping PE_ELKERN.D, and various other silly virus/worm/intrusive type things.
So far we have the first two parts of the Klez's basic operation, infection, and email address reaping. What is next? Let's say it together kids "PROP A GA TION" yay!!! Now, this is probably one of the most important parts of a worm's life cycle. If it doesn't propagate, it isn't really a worm or a virus. It's just a pointless, irritating program.
Propagation in wine, this was the part in this particular case that I found so amusing. The computer was running a secure MTA (Mail Transport Agent) and the fake Windows registry for WINE was configured to use the localhost as the SMTP server for internet applications. Otherwise, the Klez would not have known how to send itself. It is possible, that, the Klez worm defaults to 'localhost' for the SMTP server if it cannot find one in the registry, this I don't know and it doesn't seem to be covered in Trend Micro's technical description. Anyway, because of the MTA being localhost, the worm was able to queue all of its outgoing email quite quickly. I actually had the opportunity to remotely shell in as root and view `ps aux` output, showing the various smtpd instances sending this email, while I tried to help John find the spooled emails and remove them.
Now, a few things must be noted about this particular situation. KLEZ is not a high risk worm, so by no means was this a massive problem for this person. Also, the infection did not include files that were not Windows exectuables, so the native filesystem was left unharmed. The spooled emails were taken care of and the effects overall were minimal, if not simply classified as an 'annoyance.'
The reason this is such an important subject to cover, isn't this instance of infection, but, the possible vulnerability that using WINE in such an insecure (and default) way can provide. For example, a knowledgeable virus programmer could use this situation to make multi-platform viruses, that could detect files by their 'magic file type' similar to the way the tool 'file' does, and infect them through wine. I understand, that this is highly unlikely to occur any time soon, but, I think you can probably imagine many other ways that this opens doors for virus problems to the relatively virus-clean environment of Linux.
The main points I'd like to make are: WINE is obviously mature enough to handle the more advanced code that a virus usually contains. Even if only KLEZ for now, others will in the future, be compatible. The other is: I am willing to bet that 90% of you WINE users out there, can view drive Z, or something similar and get your root file system tree, and something like drive Y provides your home directory READ-WRITE. Please, don't do this, unless it is absolutely necessary, minimize the interaction between your WINE environment, and the real linux environment, specify a directory for wine shared files and keep them separate from your linux home files, etc. This will help to minimize the post-infection damage a virus can accomplish.
Finally, the most important 'bug' most distributions have, is allowing a Windows executable to be run with wine without an obvious chance for interception, by default. Sure, it comes up with a window, telling you that wine is running, and allowing you to disable the notice, however, it does NOT warn you about the application being executed in such a way that you could stop it before it was started. Even Java does this with code that is signed for permissions; it still asks you if you are sure you want to give it permissions.
As it goes, I was unable to easily obtain any previously written information on securing WINE properly, and I am no security expert. Some basic tips would include, configuring the program, read all of the options, don't let it set itself up completely for you.If anyone has any tips they would like to share, please do.
I can buy a more expensive x86 based system than Apple makes -- SONY and IBM are too good examples. If you want to be a cheap, go ahead. But its probably the reason you are not hittin' it often...if at all. Chicks dig a phat wallet not a fat ass.
(2) Less fun hardware to play with.
How would you know? If you never played with it because you are too cheap to own one. I play around with Mac hardware all the time. Overclocking, case mods, etc.
(3) Only Aqua on your desktop.
I also have Graphite, KDE and Gnome as choices on my desktop in Mac OS X. Do you even know what you are talking about?
(4) A single button mouse. Like you really used those other two.
My Kensington Turbo Mouse has 5 buttons along with a scroll wheel on it. Where do you get this one-button mouse only idea? Guess you never used Mac OS X before.
(5) To pay for the next bug fix. Just like Windows
I get free updates when they are available. Where do you get this idea? Have you ever used Mac OS X?
Not tell me again why I would want a Mac?
You can actually get something done and run UNIX at the same time?
Strange women lying in ponds distributing swords is no basis for a system of government.
Is it really such a big surprise that something based on Bill's produce quickly turns into vinegar? Storing it somewhere cool (Linux) isn't sufficient to make a good wine, you know.
"I have opinions of my own, strong opinions, but I don't always agree with them." -- George H. W. Bush
Yes, but does it run in a new Sharp's Glass Computer?
Boooooooo!
Check populicio.us
Well, you better get on it bud. Because by the tone of your post it seems you espouse that if you even think about something then you should also, by definition, be able to do it - and more importantly, afford it.
Bandwidth costs money. It has more to do with economics than with vaunted technical skills like yours.
Okay, I know i'm feeding the trolls, but on at least three of your counts, you're just plain wrong:
Only Aqua on the desktop - I suppose that you're comparing it to all the choices availibe for Linux, but the thing is, with fink packages, you can run X with which ever window-manager and desktop environment you want, either rootless alongside Aqua, or in its own full screen. So if you happen to be a big AfterStep fan, for instance, you can run it fullscreen and only be a hotkey away from the Aqua desktop.
A single button mouse - Having owned my Powerbook for a few months now, most of the time when I use the single button trackpad (and keyboard modifiers), I don't notice that I'm missing much (even using Gnome apps that I used to run on my Linux box), but when I do need a 3 button mouse, I just plug my old USB mouse in, and it, uh, works.
To pay for the next bug fix - Bugfixes and security updates come free, and fast via software update. So do "point" OS revisions like 10.2.1. You do have to pay for major OS revisions (like 10.2), but that's an entirely different thing than a "bugfix"
Wine can't do anything the normal user couldn't
do. Now, a user might not want to mailbomb all of his friends,etc, but the virus still runs with the user's rights. It's not going to delete his whole hard drive (unless he has the rights to) and it's not going to infect system binaries. So At least there's a little bit of protection compared to normal Windows.
----- obSig
Maybe I'm being paraniod here, but it looks like Linux Global Partners is buying up lots of Linux technology. And given that Xandros doesn't follow the "free as in beer" model, I've got to wonder how this bodes for the future of Linux. I mean, the projects are still under GPL, but that doesn't mean it will be released for free. Clearly they are in this to turn a profit.
I guess the free ride has to end at some point.
Ten posts into the thread and "all right" has already been misspelled as "alright", "viruses/viri" has already been misspelled as "virii", and "already" has already been misspelled as "all ready".
Must not learn how to use guns, obtain a license for one, buy one, find a clocktower on a map, ascend it, wait twenty minutes until my breathing returns to normal, and start shooting people.:)
Is this a sigs-optional kind of place? 'Cause I am totally down with that if you know what I mean.
WINE is not an emulator.
Not an emulator my ass. It is emulating a bunch of win32 API functions; while it might be called an implementation of the win32 API or somesuch, that implementation is emulating the primary implementation. If there is a bug in Windows' version, and wine supports it the way it should be, it is a bug because programs don't run.
The goal with WINE is to run windows apps, and that requires emulation, not just an implementation.
Apparently I'm going to have to. I thought
:)
having a polite request in the footer was
enough for slashdot not to link.
But yes. You can bet that when everything
settles down, I'm going to put in a check for
referrers for slashdot.org.
I've said it before, and I'll say it again:
Klez crawls network shares. So if you saved a few bucks by setting up samba servers, you'd better be running antivirus on them.
If you've got an ftp site that Windows users are uploading files to, you'd better be running antivirus on them.
Sure, the virus won't run on Linux, but it'll still spread as soon as someone on a Windows box uses one of these files.
That is all.
God I love those recursive acronyms! WINE Is Not an Emulator
The probability that someone is watching you is directly proportional to the stupidity of your actions.
The antivirus industry will love this. Who knows, they may even contribute to WINE. You see, so many Linux users have this false sense of security, assuming that since Linux hasn't been significantly targeted by virus writers that, Linux is virus proof. Big mistake, as demonstrated by this story.
;)
Now, Linux users will catch and spread a long list of old Windows favorites making the demand for commercial antivirus software go up again. This John Doe caught Klez a rather non descript worm. Imaging Anna Korunikova in the inboxes of most Linux geeks.
Better see about Norton Command Line Scanner or perhaps...
rpm -e wine-*
this reminds me of the time i crapped in my pants and then fell in it.
This is relatively tame.
...and this is one of the few times where my sig doesn't apply.
As much as I hate saying this, I fear it's going to get a lot worse. As/If Linux gains popularity on all systems, including desktops, you can expect there are going to be a lot of disgruntled windows people out there who will become unemployed because they can't grow with technology. I'm expecting to see a lot of linux software start getting messed with and drastic increase of linux trojans and viruses.
don't believe me?
Look at how much software has been backdoored lately- bitchx, ssh, and sendmail. That's a BIG FUCKING DEAL. As we continue, expect the crosshairs to be levelled towards us. There's gonna be a conspiracy. I'm not making any accusations, but keep in mind that the opensource movement is putting pressure on a group of companies that aren't exactly known for their ethical behavior.
of course I know I'm probably just a paranoid nut, but hey, that's a good thing to be in our field..
Looking for Book Reviews? Check out Literary Escapism.
hey, it even comes bundled with "Connect to the Internet" software from Earthlink!
wine doesnt start the routine windows boot files, win.ini etc... so once offed the virus wont return unless the user starts it again.
Dude, calm down. I am sure you don't have to worry about hitting off with the chicks, but I am sure all your ass-buddies love your cute little mac. .
Or i'll wash your hands off with soap.
A more effective way of infection would be for dual-boot systems (don't most linux users have a windows partition for playing games?). A linux-aware worm/virus that is run on Windows could access the linux partition (it would have to include filesystem code, but that shouldn't add too much code) and infect any executable there without being bothered by linux security at all. Next time you boot linux, your infected bash runs with full root priviliges. Similarly (but less likely), a windows-aware virus/worm running on linux could try to infect windows-partitions, thereby bypassing any windows-based virusscanner.
They'll fall for "I love you...", big time as well.
Prolly Melissa too.
I'd mod you up funny as that except I've already posted in this thread
Oh what the heck, all of Windows software.
.
- First they ignore you, then they laugh at you, then ???, then profit.
This is really interesting. It does show how with minor effort you could prevent this.
See the Pictures of the Flood of '08
Has anyone tried to repeat this stupidity? The article sounds sketchy to me.
I've got a 5-gallon carboy in the closet with 12-day old merlot in secondary fermenation. It took me two bloody hours to santize all of my siphoning gear just to make sure i wouldn't skunk on me . . . and now you're saying I have to worry about KLEZ in my wine??
Christ, this homebrew thing just isn't worth it.
trustedworlds.net - gaming, security, and the gunk that lives in between
--please excuse this side topic, but it is tangential to running windows on under next to whatever linux. Anyone here ever use this voodoo linux? I was looking at their site the other night, thought "hmm,medium cool sounding" just wondered if there were any hand's on comments about it.
This isn't just limited to WINE, it can hit real Linux mail programs too if anyone ever writes a Linux/ELF virus attachment. Repeat after me, kids:
Executable MIME types have no place in a mail program!
None, never, no way. Mail program doesn't matter. OS doesn't matter. No mail program should ever, under any circumstances, execute anything attached to an e-mail message, period full stop. You should only execute things from people you trust, and one attribute of e-mail is that you don't even know if the From address is the real sender so how can you trust the message?
looks like John was running linux for everyday tasks as his root account.... should we feel sorry? Hey, just as an example, i'll give you all my root account password so you can rape my computer all you want. sound good?
WTPOUAWYHTTOTWPA
What's the point of using acronyms when you have to type out the whole phrase anyways?
Yet another reason to use w3m.
Man, Klex takes on a whole new meaning when it's a kde program.
In my case, for example, consider this: having done this for a few years now, I can set up one Linux or BSD based machine as a great web server capable of fully loading a T-1 or larger data pipe. Static pages, images, streaming software, dynamic pages, the whole nine yards. Could probably do a passable job setting up a set of machines to act as a transparent site even if it took setting up a small cluster of machines to handle the load (images on one machine, data on another, apps, etc. on the main web server, email somewhere else, etc.). I won't say that I could do it with half my brain tied behind my back, no sleep in a couple of days, one hand in a cast, or some big brag, but it's just not that difficult once you have done it a few times and hung around the security conscious folks enough to learn what it takes to secure a machine or set of machines from malicious outsiders. [Give me a couple decent developers and together we'd could make any site you wanted really scream in just a few days].
With my average or better web server setup skills, does this mean I am using my own server setup? No, and I don't plan to any time soon, because none of my skills can prevent a wonderfully configured site from getting /.'ed because the bottleneck isn't usually in the machine, but the size of the data pipe connected to it.
Consider this as well: I usually locate my sites at one of a few good web hosting companies that have good co-location points and massive datas pipe to/from their server farm(s). So the server and the data pipe can handle it, if I want. However, for most sites I set up, I don't want or need the risk of getting a surprise high dollar bandwidth bill because /. or similar is suddenly pointing at my site and hogging all of the hosting company's bandwidth? No. Do I want have or want to spend the money to set up my own data center? No.
Why not? Because IMHO one of the best things about the 'net is that it gives many people who would not otherwise be "heard" a place to give voice to whatever message they deem important. One of the worst things about the net is that some people confuse tech savvy with message, just as the previous poster did.
Do I have something worthwhile to say? Occasionally. Should you respect what I or another writer has to say, when it is worthwhile, no matter what bandwidth they have available to them? I hope so, and for myself I would rather listen to and support the person with one wise voice pushing text messages on a slow data pipe than spend my time and money on a thousand fools pushing worthless content on a fat one.
...Open Source isn't the only answer -- but it's almost always a better value than the alternatives...
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
If your mother was in the same room as the picture, I'm not surprised you're so upset. So is one of them you? If so, what're you doing on Friday night?
haha, I read everyone's responses and I know what they are talking about, I got hit by it a few times last semester (yes, my biological calendar runs on semesters, not report card periods, fiscal years or whatever). Good show old boy.
Klez does not contain "advanced" code, it contains code that Wine is emulating/loading, the complexity (or not) of its algorthims is irrelevant. Does this guy think binaries come with sections labelled CODE_ADV or something ?
Excerpt:
[snip]Code Red did what any "virus" presented with a large homogeneous population would do: it infected more than 359.000 computers in just the first day.[snip]
It is only a matter of time before a more virulent worm appears. The only way to decrease its impact is to diversify the OS population. Because it is an alternate implementation of the Win32 API and runs on top of a completely different OS, Wine does not have the same flaws and thus can provide this needed diversity.
Anyone who clicked that link didn't bother to engage their brain today. Since when do Google links not say [google.com] after them, or contain other website addresses in the middle?
Links to Google caches point to IP addresses, not the google.com domain, so they never say google.com. And they always have the URL of said cached site in the middle.
== Jez ==
Do you miss Firefox? Try Pale Moon.
This has been addressed before. (My suggestion: email the site administrator an hour or so before the article is posted to give them time to prepare for the pounding.)
Disclaimer: The opinions expressed are not necessarily my own, as I've not yet had my medication today.
to
...
Of course it could still mess up some of your Windows-/Wine-related stuff. But I don't see how it could obtain addresses to spread itself to, unless of course you have Windows Address Book, Outlook, or something installed with Wine.
chroot /home/junk wine
Wine being maybe a little too good at emulating Windows.
You're kidding, right??
mod the parent down... the article is NOT about running outlook under Wine. It's about running the work from KMail.
there is no environment to flourish in. ("/usr/local? Hell, I'm trying to find C:\windows\system")
/mnt/win, or /usr/local/winefs or /opt/fake-windows.
Except for the worm, or any other program, there is a C:\Windows\System, no matter if c:\ is actually
my
Guys, its a joke. Someone emulated it just as an excerise.. Its not really a danger to Linux. :)
Has anyone tried using bochs?
...but when I get a windows executable as an attachment in KMail and I click on it, it pops up a warning dialog with the following:
"Open attachment 'notepad.exe' with 'WINE'?
Note that opening an attachment may compromise your system's security!"
Now if this guy clicked on the Open button after all that, he's a bit of a fool, eh?
(Open is not even the default button, so he couldn't even have just hit enter.)
Once again. we need a moderator boot camp
or something. Offtopic? gimme a break.
This is a case of "transgenics" the host organism, Linux was made open to infection by the integration of windows capability into its system.
If you want to know how exactly klez works, there's a very detailed analysis here:
/ klez.xml
http://www.virusbtn.com/resources/viruses/indepth
Score:-1, Funny
Limiting wine risks is a hard thing. this is the best solution i have found until now. install wine like winex does. ( that is, in its own directory structure ) but instead of having /usr/bin/wine{x} to
run wine{x} you will run ~/bin/wine{x}
( add PATH=$PATH:~/bin to .bash_profile in
your home directory )
if your name is Mark ( like me ) create a
new user and a new group with the name
Mark_wine.
then change the owner and owner group of
~/bin/wine{x} to Mark_wine
after that sed userID ~/bin/wine{x}
you might want to make sure ~/bin/wine{x} does
not have too many permisions.
chmod u-a g-w o-a ~/bin/wine{x} will take care
of this.
then change the owner and owner group of all
your wine stuff.
if wine
chown Mark_wine:Mark_wine -Rf ~/.wine
if winex
chown Mark_wine:Mark_wine -Rf ~/.transgaming
chown Mark_wine:Mark_wine -Rf
the user Mark will now be able to run windows apps
but the windows apps can NOT harm the user Mark.
( windows programms can still fight with each
other though. )
If anyone has better..
tell me.
You guys have no mercy, do you? Didn't you see LinuxGuru's pitiful, plaintive footer on their web site:
"Please do NOT link us slashdot. We do not have the bandwidth."
Have a heart!
jpt
It is a stupid troll.. same nr of virusses? It is more like 10000:1.
this article proofs the validity of an old saying:
You just shouldn't believe everything that is published on the web!
You may believe me, this 'article' on linuxguru.net _is_ a Hoax!
Please see yourself - I am sure after reading it all you will agree to me:
They wrote: (...)Finally, the most important 'bug' most distributions have,
is allowing a Windows executable to be run with wine without
an obvious chance for interception, by default. Sure, it
comes up with a window, telling you that wine is running,
and allowing you to disable the notice, however, it does
NOT warn you about the application being executed in such
a way that you could stop it before it was started.
(...)
This has always been, is and will ever be *wrong*!
The contrary is true: An explicit warning dialog is shown and the user must click on [Open] there - which is *not* the default button.
e.g. If the user clicks on an attachment called ek_1.exe the dialog will look like this:
"Open attachment 'ek_1.exe' with 'WINE'?
Note that opening an attachment may compromise your system's security!"
Please have a look: screenshot_1
So there is *no* automatic execution of the windows binary, and the user is told exactly what would happen if she clicks the [Open] button, the warning dialog (showing a yellow exclamation sign) is eays to understand:- It explains _what_ will be loaded/executed and
- it explains _how_ this would be done: by running WINE.
So it is clear that the statements made in this linuxguru.net article are absolutely wrong.IMHO this is a Hoax published shortly before the release of KDE 3.1
- perhaps in order to apply some FUD technics to potential KDE users.
Karl-Heinz Zimmer
--
"Why do we have to hide from the police, Daddy?"
"Because we use vi, son. They use emacs." Dave Fischer, 1995/06/19
Oh come on!
As an ex-Mac user of 9 years, I can honestly see your B.S. from a mile away. VMWare (not to mention VirtualPC for Windows) will let you run Linux or anything else except the Mac safely in your Windows PC. And I have no use for the Mac OS any more, anyway.
And if you want a "pure" UNIX, try one of the FREE flavors of BSD -- did I mention those "pure" UNIXes were FREE? I used Mac OS X since it was called NeXTStep 3.1 (up through Mac OS X 10.1), so I can tell you that Mac OS X is FAR from pure in the UNIX world.
I never thought I'd see a Mac user touting the value of a Mac as being its UNIX "purity". Oh, how the world is CHANGING...
At any given moment, an arrow must be either where it is or where it is
not. But obviously it cannot be where it is not. And if it is where
it is, that is equivalent to saying that it is at rest.
-- Zeno's paradox of the moving (still?) arrow
- this post brought to you by the Automated Last Post Generator...