Malware Found Hidden In Screensaver On Gnome-Look

AndGodSed writes "OMG! UBUNTU! Reports the following: 'Malware has been found hidden inside an innocuous 'waterfall' screensaver .deb file made available on popular artwork sharing site Gnome-Look.org. The .deb file installs a script with elevated privileges designed to perform a DDoS attack as well as keep itself updated via downloads. The dodgy screensaver in question has since been removed from gnome-look, and this incident was a very basic, if potentially successful, attempt.'" A similar report at Digitizor.com says that similar malware was also found in a theme called Ninja Black. For those affected, both sites also provide instruction on cleansing your system.

Re:Not more safe

You're a sodding fscktard. Distros do not pick up public binaries and bundle them unless they're from $BIG_COMPANY like Nvidia. All distros use the projects' source and have dedicated maintainers for each package. You have no idea what you are talking about.

So going by your 11 year old logic, the Internal cannot function. After all, it's 90+% held together with unix and linux systems, mostly open source applications too. So why oh why are they not an anarchy of spam and DoS bots, and 99+% of the crap coming from the tiny windows servers that do little more than handle parked pages for the old backhander form MS sales execs?

When you reach puberty, have real contact with the opposite sex (assuming you're not a gay apple fangay), you'll understand elementary system architecture.

Re:Not more safe

[sexconker]

Absolutely FALSE! The numbers would be closer, but not equal. By definition, you cannot know all the vulnerabilities in "secret source" software, because they are simply not disclosed. This number is surely more than zero. Therefore, all other things being equal. open source will always prevail because the "secret" vulnerabilities will be fixed on OSS, while they still exist in secret source software.

Absolute HOKUM! The numbers would be nearly identical. The protection of software being open source requires that you:

Trust the creator
Trust the host (to make sure it is unaltered)

Closed source software requires that you:
Trust the creator
Trust the host (often the creator)

The fact that you CAN read every line of code does not make the software safer. The fact that SOMEONE MAY does not make the software safer. The fact that someone DID does not make the software safer unless you trust that person for some reason.

The ONLY thing that makes the software safer is YOU reading and understanding every single line of code.

Closed source software is usually PAID for, with specific stipulations on what it can and can't do (feature-wise and security-wise). Money talks louder than "freedom", and unfortunately it always will.

Now, begin the closed source vs open source stability/support/security/update process data point cherry picking!

Here's my data point: Everything sucks and I'm disgusted that people put up with it - paid or not. (No, I'm not gonna do anything to fix it - I can idly bitch all I want!)

Re:Repositories!

[smoker2]

Why don't you shut the fuck up. You are determined to make linux out to be the most insecure OS for some fanatical reason, I'm guessing you've been pwned on windows and want to share the love. Here's a clue, most linux users don't download and run software they find on random internet sites. According to people like you and your cronies, people generally have to compile any software they want to run. But yet now we are vulnerable to idiot windows-user-itis. Like I said, Fuck off and die, all you ever seem to do is spout shit on any topic, and it is really getting tiresome. One of these days somebody's going to catch up with you in real life and kick your whining ass. (at which point you'll be running to the authorities complaining that you're only 14 and people are being mean to you).

Re:Not more safe

[sqlrob]

Right, that fix that Debian did to OpenSSL for uninitialized memory use worked out real well.