Slashdot Mirror
Ask Slashdot: Is GNU/Linux Malware a Real Threat?
New submitter m.alessandrini writes "I've been using Debian for a long time, and I'm not a novice at all; I install system updates almost daily, I avoid risky behaviors on Internet, and like all Linux users I always felt safe. Yesterday my webcam suddenly turned on, and turned off after several minutes. I'm pretty sure it was nothing serious, but I started thinking about malware. At work I use noscript and other tools, but at home I have a more relaxed browser to be used by other family members, too. Here I'm not talking about rootkits or privilege escalation (I trust Debian), I think more of normal user compromise. For example, these days much malware come from malicious scripts in sites, even in advertising banners inside trusted sites, and this is more 'cross-platform' than normal viruses. So, what about non-root user malware? How much could this be real? And how can you diagnose it?"
Your webcam turned on, then off, and you didn't ask it to? I think you need to figure out what happened first.
It would help if the manufacturers would preinfect their software so we could stop worry about "if" we are infected and move towards just accepting it.
*Disclaimer: I in no way work for, represent, or contract for Sony. (Sorry Sony lawyers made me add the preceding text.)
You're using Debian and didn't look to see what's using the /dev/ entry?
It was just Skynet checking out what you were up to. Or maybe the ATF. Or Russian Mafia. Or...
As for security, ~5 years ago read someone's account of watching while someone on the internet installed a root kit on his Linux box in a matter of minutes.
Presumably some platforms/applications are less likely to be compromised than others, but the safest assumption is that everything is compromised, or would be if the experts wanted it.
Sheesh, evil *and* a jerk. -- Jade
That's not an O.S. issue. If anything it is an app issue.
When I ran Linux on my laptop for work I always ran some form of AV. I really wasn't concerned about my own machine being compromised. The scenario that bothered me was the potential for a client to send me an infected file which could get forwarded to another customer. Do to the nature of our business, at the time, that would've been rather embarrassing.
Solving Unix problems since 1989...
Getting struck by lightning is real. Worrying about/preparing for it very much is silly. Draw your own conclusions about how this applies to malware on a Linux machine that's kept up-to-date and the user avoids risky behaviors.
For lightning, make a will, and you're covered. For Linux, make backups, and you're covered.
So you get GF / Wife vids of doing who knows what posted to the internet and you can now claim plausible deniability - smart move!
Do not copy and paste commands into your terminal that you do not understand.
The vast majority of compromised Linux systems that I've dealt with have not been because of any malware or crazy hacking, they've been because people copied and pasted commands that gave attackers free access to their computer. I've seen fairly computer literate people open their systems right up because they had a bug, searched Google, and entered the first command they saw into their terminal.
Don't do it. Don't let your parents, friends, or whoever relies on you for tech support think that this is okay behavior. It's just as bad as launching random exe's in Windows.
So, what about non-root user malware?
There's your answer. And non-root user malware can become root-user malware by just adding a cron entry for itself to download the latest 'sploit code and having it run the exploit before you get a chance to reboot to finish a kernel update (or just in the hours before you run your daily updates).
We already know browsers are buggy. Mitigate your risk by running ad blocking software for your browser.
Yes. As strange as it is, a headline question can sometimes be answered with yes.
Linux was safer when it has both less market share and almost no users who download and run random things. As long as you have lots stupid people, they will be targeted.
There may also be major security issues in the code base (not just the user base), as well as the general design. I think there are major problems there, but even without those, there is clearly a threat here, because people do stupid things, and Linux isn't safe from that. Its actually pretty bad at defending itself from stupid users, since it empowers users to do stuff. Don't claim there is great VM and sand-boxing support to solve this: we are talking about stupid people here: it won't be safe at all unless running random crap is sand boxed safely by default, and people arn't desensitized to allowing applications to access random crap (Android, darn you with your apps that must access everything to target ads).
Now if you asked if Genode was safe, well, maybe that is closer. More secure design, and basically no stupid users: that is safer!
http://xkcd.com/1200/
Yesterday my webcam suddenly turned on, and turned off after several minutes.
Hey, sorry about that. I was trying to get the girl next door that's leeching off your wifi. She's so cute! But when I turned on the webcam, I knew I had the wrong person. Also, dude, put some pants on. Nobody wants to see that.
Oh, and that stuff about Linux having malware? I'm sure you have nothing to worry about. The Year of the Linux Desktop hasn't come yet (though they say it'll be this summer for sure!), so you're safe. All the malware me and my friends at the Evil League of Evil make for Linux is designed to worm its way into web servers, ftp, etc., to spread malware to Windows boxes. We aren't interested in your personal life. You're a nerd, running Linux. We haven't found a single case of one of you having a life yet. Hell, you don't even have a decent car, man.
oh oh, gotta go, the webcam is up and... oooooh my....
#fuckbeta #iamslashdot #dicemustdie
As long as you have people on Ubuntu forums posting "sudo apt-get " as the solution to everything without explaining what they do, and as long as you have people willing to copy/paste the commands without understanding what they are doing, then malware is a threat.
The same groupthink plagues the Arch Linux forums. Blindly copy/pasting commands that someone else put on a wiki does not make you elite, it makes you an idiot.
The same issue exists in adding repositories from untrusted sources. What's the point of running an enterprise-class operating system if the first thing you do is add a third party repo from Russia and update the kernel with something ending -kmod?
The critical mass of idiot users still reside in Windows, where things like UAC and walled gardens exist to protect them somewhat. At least there, you have to know the administrator password to do real damage. Ubuntu and all the new user-friendly distros are content to put every new account in /etc/sudoers and allow you to use your own password to gain root access. Any operating system is prone to malware so long as people are willing to bend security practices.
then I'd worry a lot. Rootkits for privilege escalation, SQL injection attacks against poorly-written 3rd-party and locally-developed databases, PHP, CMS & web framework vulnerabilities, etc, etc, etc.
For home use, I'm concerned about router vulnerabilities (Tomato helps but is not perfect) and MITM attacks (but there's nothing I can really do about them except keep my s/w up-to-date, while praying that vendors do the same).
"I don't know, therefore Aliens" Wafflebox1
Linux is much easier to exploit than Windows. All of its internals are well understood, and there are more things one can do with shell access.
2003 is calling. They want their FUD back.
"I don't know, therefore Aliens" Wafflebox1
RMS would say that you're sacrificing your freedom if you allow non-Free malware to run on your GNU/Linux PC computer.
Either that or "told you so."
But I couldn't get the damn thing to compile!
Has anyone seen mike hunt?
Yeah, right next to Uranus.
Just take a look at the numbers. See how many Microsoft Windows only malware "products" come out each day, and then compare that to other platforms. Make your own decision as to how "real" the threat is.
You don't need many malware products if the user base don't take it seriously. It wasn't Debian, but since you mention "other platforms" - the single biggest malware epidemic in modern times was Mac Flashback, infecting as much as 1% of the OS-X user base (beating Windows Conficker for the honor, at 0.7% of user base infected).
Consider that about fifteen years ago the biggest watning to users were sticks and disk that would autorun and the single thing that users could do to make themselves a lot more secure was to disable autorun.
Now as I understand it Ubuntu comes with autorun capabilities.
Fact is that there are several things making linux less secure.
The first is that there are some people who in a hurry to catch up with Microsoft copy what Microsoft does including the bad engineering that leads to malware.
The second thing is that the more respectable linux has become the more it's drawn in morons^H^H^H^H^H^H^H WIndows programers, in an Eternal September mindset that leads to the badly engineered apps.
I would say that the safeest thing you could do is do any unsafe computing in a special; account that you don't mind being corrupted and boot off external drive for the stuff you want really secure and be careful of how you use that.
You probably just forgot to read the README, or you forgot
After installing build-essential, try this:
Note: The make install will probably ask for your password.
p.s. Did you get the version that removes your home directory, or did you get the forkbomb version?
And now they have you right where they want you.
"I'm not a novice at all; I install system updates almost daily"
Two sentences that shouldn't be anywhere close to each other.
Assuming you don't do silly things like run completely unknown commands, you're pretty safe. JavaScript and Flash is cross-platform, though. I've seen one Linux system where their Yahoo email account was compromised, probably by malicious JavaScript. It might have been phishing, though, or a combination. The main things I do for security are - run most updates provided by the distro and browser, have backups, don't run services I don't use, and I have a separate browser for Flash and Java. Most Flash is ads or pointless eyecandy so I don't miss not having Flash in my daily browser. Even YouTube doesn't need Flash these days, so I open the Flash browser maybe once per month, if that.
TEEX.com has some free online cybersecurity courses that may have good reminders for your and your family members regarding safe browsing habits and simple security practices.
...ages ago. Hence why they constantly scan for and patch vulnerabilities.
Unfortunately, there's no patch for the ultimate vulnerability. The end user.
Hold on for a minute, while I finish this code
...
...
...
Ok, now it is.
You only needed to ask. That's Open Source for you.
Who would win this election: Andrew Weiner vs Andrew Weiner's weiner.
Admittedly Linux based operating systems can be very secure. However trusting the OS to be secure would be like trusting the locks on your house to lock themselves when you are gone. You should trust that you have properly configured the systems security settings to prevent issues, not trust the system itself, especially if other people are allowed to use the system.
Speaking of Flashback, it also targeted the Java plug-in on Linux and nailed a few of them too. Disable your Java, Linuxtards.
I actually believe in general, from a strictly technical standpoint, that Linux is much easier to exploit than Windows. All of its internals are well understood, and there are more things one can do with shell access.
Yes, but Windows keeps getting hit more often AND seemingly with more ease, without as good an understanding of how its internals work AND a less-powerful shell.
Say what you will about Windows being more popular and having a more savvy userbase. If, by your logic, Linux should be easier to exploit than Windows due to its internals being well-understood, then what does it say about Windows when it repeatedly gets exploited by people effectively firing at it blindly?
2003 is calling? Don't forget to warn them about Vista and Windows 8!
If an infected application can affect other applications, it is an OS issue. Your infected web browser should not be able to read your GPG keys, but right now most GNU/Linux distros do nothing to stop that from happening.
Palm trees and 8
Not necessarily FUD. The original Google Android phone (the HTC G1) with stock firmware echoed all key presses on the home screen to a console running as root. Needless to say, made rooting the phone exceedingly simple. Start a telnet server, download a client from the app store, connect to localhost. See this for details.
Otherwise, your point is spot on.
You are being MICROattacked, from various angles, in a SOFT manner.
linux is more a target for hackers, not malware because of all the hobby web servers out there that aren't secured properly. it's been proven beyond reasonable doubt that linux can be infected but without intervention from the user either directly (clicking/installing something while logged in as root) or by deliberately disabling default security measures, viruses can't automatically propagate, which defeats the purpose of infection in the first place.
if you're worried about non-root malware, maybe do a fresh install of debian and then after you get yourself set up as a non-root user (preferences and stuff) make a copy of your home directory to a backup location, set write permissions to root only, and then make a little script that you can run in single user mode either if you think you're compromised or maybe even every 6 months just for good measure, that deletes home directory config files (not documents), copies config files from the backup and changes write permissions back to non-root.
on the other hand, if it doesn't really cause any problems (performance or intrusive behavior) maybe don't bother with it. occasionally when i cold boot i have to unplug and plugin my usb keyboard or mouse, and for some reason i have to unmount a usb stick twice. it might be a software/config problem or it might be my mobo. when it really bothers me i might google how to fix it.
You forgot the "make clean" because you don't want those build files strewn about.
OP writes:
" I install system updates almost daily"
Seems to me.that any OS requiring multiple updates per week is a fail.
*DUCKS*
That is what SELinux and AppArmor are for. They might not be 100% (as there were some kernel exploits that could be used to bypass those), but with proper policies in place, something getting UID 0 would be pretty limited in what it can accomplish.
OS X also has a similar mechanism in place.
Linux also has a bunch of different distributions. A bug that causes SSL keys to be very weak in Ubuntu is not going to affect RedHat systems.
This doesn't mean Linux is worry-free, but it is more secure than people think. To cite an anecdotal example, the proof is in the pudding -- look at all the amateurish Apache servers and LAMP stacks out there. If Linux had major issues in general, there would be major screaming on almost every forum how insecure the OS is.
. . . should always be unplugged or covered up when not used, period. I love Debian myself, but as long as you have any kind of proprietary software on there, you don't really know what all of its behavior is and what it can be set up to do. Even if your system is totally free of this nonsense, that's not to say that an upgrade won't change that. That on/off light that webcams have - they're starting to go away; an iPad camera, I'm sure you're noticed, doesn't have one. You won't even know if your device is being turned on in the future.
Unplug that thing, just common sense.
that was me
Not necessary, since most virus packagers either make clean before building the tar file, or they include pre-built binaries to speed up the install, and they'll remove them in configure if the platform doesn't match.
Finally narrowed it down to the light coming on whenever something was running that used a microphone.
I was just look to see what's going on at your place . . .
"I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
This article here explains how this can be done. It's a few years old already, but always interesting: http://www.geekzone.co.nz/foobar/6229
1% of 10% is smaller than .7% of 90%.
1% of 10% is smaller than .7% of 90%.
Yes, it is. But if you discuss infection risk for users and infectability of a platform, percentage of user base is the right measure.
To avoid internet malware infections:
1. Install a virtual machine manager on your host. :-)
2. Install a virtual machine image of favorite operating system.
3. Do ALL your web browsing and such on the virtual machine.
4. Snapshot your VM regularly.
5. When VM becomes infected, restore to last good snapshot.
6. NEVER use host OS for web browsing.
7. Sleep better at night, knowing that all your enemies are sandboxed in the VM...
Time to run OpenBSD on your laptop?
Tomorrow is another day...
Two questions:
On my system, I've got noscript configured to deny all by default and all the other users (with log-ins) are configured the same way be default. If they want to change things, they can do so for those sites where it's a must to have scripts but they've already learned to be very careful about that and ask if they don't know for sure.
Mod me up/Mod me down: I wont frown as I've no crown
That's easy on Linux. Much easier than on Windows because everything is just a file, there's no registry or anything like that, and no copy protection. In some of the very first Linix distros, that's pretty much how the installer worked - it treasured a "backup" of a default system. Just copy the files and install the bootloader, basically.
I created a system that backs up your Linux system to a virtual machine, so the backup can be booted directy, or be restored by copying it to a hard drive. Even cooler, Linux can act as an external drive enclosure, so the empty machine can be plugged into the backup and booted from the backup file directly, wirh the hardware believing it's booting from a local drive...
No, it isn't. Unless it's a fortune pudding for mathematicians.
The Tao of math: The numbers you can count are not the real numbers.
Take me java away? I bite the next *tard who even tinks about it. Hell ready gave up every other sin (no sex, no smoke, no eat) I aint given up java
That should work better.
I'm starting to think GNU is the problem with "GNU/Linux" these days.
Nope. The make install calls sudo for you. (See the part wher I said make install will "probably" ask for your password. It won't do so if you've sudo'd recently from the same terminal window.)
And the virus is installed as suid root, so there's no need to sudo for it.
You mean Linux? What moron walks around saying "gee in yoo Linux"?
In practice, I've taken "GNU/Linux" to mean any Linux-based operating environment that is more similar to Fedora or Debian than to Android. What clearer term for Linux-that-is-not-Android do you recommend?
yes indeed lets look at the number of potential targets in windows world and linux land
if you were looking to make the most of your shenanigans what would you target, thousands of linux users, or billions of windows users?
just how secure would linux be if it were as popular as windows? Security though obscurity is 2/3's the linux malware defense.
Reading the replies some mentioned flash, Flash for Windows defaults to Webcam on, so thought I'd
check my Flash for Mint as I wasn't sure if I had set the settings. Mint is my start in Linux and used infrequently.
Things led to preferences, Network Proxy pref's showing that 127.0.0.1 as being ignored, hit the help button
and get a standard Mint manual of which "network proxy" isn't found.
http://i39.tinypic.com/2z5uf80.jpg
No help, I see if it means what I think it means and put "127.0.0.1. slashdot.org" in my HOSTS file,
saved, rebooted then logged into slashdot.org
http://i41.tinypic.com/2s99gr8.jpg
Crap the only thing being blocked are sites placed into my router. I've been wide open the entire time while thinking
some 19400+ sites I have blocked in my HOSTS file, haven't been.
No, I don't trust Mint anymore after today, I've no clue what other surprises are "built in".
If it's FUD, explain WHY it's FUD. To a lot of people this sounds fairly reasonable and logical - the internals are open and accessible, hence flaws should also more easily visible compared to a closed system. Honestly it can also seem logical enough to me to question why it's FUD to think otherwise.
If you're suggesting that its openness also means rapid fixes, there's enough anecdotal evidence to suggest this doesn't always happen in practice.
What moron walks around saying "gee in yoo Linux"?
The kind that doesn't know how to pronounce g'noo?
It is the most assuring way. If you simply cannot afford to have a particular machine compromised over a network, then don't use it over a network. I treat a machine that is capable of public connectivity with some skepticism and really am forced to take a kind of a demilitarized zone attitude towards it. Ideally, I personally would use a workstation (for development etc.) that were not connected to the internet at all, and then some other machine as a "su cassa es mi cassa" type area. I would also warn anyone who used the "public phone", including kids, to use it in the same gist. That is no matter what precautions you care to take, there is always a risk of leaking information from such a POE. So why worry yourself about it? Clearly we don't want to make things easier for our potential snoops, but if you can never be certain, why take all the trouble. A standard install with a few tweaks here and there is all the time I'd prefer to give up and keep stuff I really worry about completely off the net.
To a lot of people this sounds fairly reasonable and logical - the internals are open and accessible, hence flaws should also more easily visible compared to a closed system.
It does seem logical, but the fact that sooooo many flaws have been found in Windows, Flash, Acrobat Reader, etc, etc belie the hypothesis that source code makes it easier to find exploitable bugs.
"I don't know, therefore Aliens" Wafflebox1
Here I'm not talking about rootkits or privilege escalation (I trust Debian), I think more of normal user compromise.
Privilege escalation is a very real threat, even in Linux, and particularly when an attacker has user-level computer access already.
As with the OS X userbase, the Linux userbase is fairly blaise with regards to the possibility of being compromised.
So far, the platform has been relatively safe, however as it gains popularity on the desktop expect more end-user focused malware (vs. the traditional sort of rootkit) to be developed. Given the vulnerabilities these days are mostly found in flash, java, javascript, etc, and your DATA is just as valuable (if not more) than root on your machine (and is available from your user account), I'd say that it is inevitable that sooner or later we'll see a cross-platform or Linux / OS X exclusive exploit get significant penetration.
Given that very few OS X or Linux users actually run any form of malware protection - IF something breaks out in a serious manner, it's likely to be a pandemic.
I run: Windows, OS X, Linux, FreeBSD. Just because you have a hammer, doesn't mean everything is a nail.
2003 is calling? Don't forget to warn them about Vista and Windows 8!
They've had plenty of forewarning by 2003.
Inheritance is the sincerest form of nepotism.
You accidentally tapped a hotkey combination you were unaware existed.
I've written some myself, disguised as a 'Facebook hack tool', in order to figure out the identity, and subsequently blackmail, a guy who was harassing a friend of mine over social networks. It was a simple keylogger that reported back to a remote server every minute, which was enough to grab all his passwords for both his personal and harassment accounts. Anyway, after archiving and destroying his entire Internet presence and threatening to reveal all of his secret perversions to his friends and family, he soon backed down. Felt damned heroic, too.
Hey now, does anyone besides me remember past posts, regarding DOJ/FBI's own malware, CIPAV? It was a capable malware that knew the difference between Windows, Mac, & Linux (BTW-did anyone ever solve the legal dillema of scrubbing a customer pc and finding it? Do we remove it as we are paid to & obstruct justice or leave it and do a partial job?) Next, I recall a recent find, within about a year, an equally capable malware, found by F-Secure, in Bogota, which reconfigured itself, prior to attacking either of the three. Obviously, linux malware infestation by governments and otherwise is certainly possible!
"And how can you diagnose it?" This is the crux of it, to me. If you were compromised, how would you know? Assuming you do trust Debian-provided software, and you haven't (intentionally) installed any non-Debian-provided software, how can you check that Debian-provided software is indeed all that is running on your system right now? There actually is a product that does this. Verifying the currently executing software in memory, plus checking for kernel rootkits and backdoors, is basically what the Second Look memory forensics software is designed to accomplish. I know many aren't willing or able to pay for commercial Linux security tools, but there really isn't any open source project that does this right now. You can use debsums to verify files on disk, and maybe try elfcmp to verify what's running...
Nah - go for eCom Station - *nobody* uses that shit anymore, and you can dust off those ancient OS/2 skills!
Quo usque tandem abutere, Nimbus, patientia nostra?
Does it support uefi?
Tomorrow is another day...
I've been running a Linux LiveCD, booted toram, no AV or anything, just basics like NoScript, to see how many attacks/infections would come in. Two years now and there have been none.
It seems a widespread belief in the security field that security through obscurity (http://technet.microsoft.com/en-us/magazine/2008.06.obscurity.aspx, http://en.wikipedia.org/wiki/Security_through_obscurity) is not a good security measure (it is better than nothing, but it isn't on par with real security measures).
In this sense, the openness of GNU/Linux makes it easier for people to understand and secure systems while Windows' closed-sourceness makes it harder.
It could be argued that openness means easiness to crack into, but that is not really important because you don't need to understand exactly how a system works to crack into it (I am not well versed in cracking, but I know that some reputed crackers use techniques such as randomly changing bits in the input one at a time until an application crashes and go from there). That means that open or not, crackers can exploit a system. But, an open system is easier for security professionals to review and therefore to fix (that does require intricate knowledge of how the system works).
In that sense, openness means better security. In the most extreme case, you could review all parts of Linux and therefore run only code you trust yourself. In the case of Windows, you have to trust Microsoft (in itself, that is not a problem as you need to have a network of trust, the problem is that you are FORCED to trust them).
Linux/Android passed Windows in marketshare last year, and will pass it in installed base next year.
just how secure would linux be if it were as popular as windows?
More than 99.9% of all infected IP addresses surveyed were Windows. Clearly Linux/Android are already proven to be more secure.
Just bear in mind that there are maybe 20 kernel binaries for Windows (XP, Vista, 7, 8, each with their own service packs), which represent ALL of the windows installs, whereas we have thousands of binaries for linux at a certain moment (each distro with at least 1 kernel update/month from maintainers, but maybe not everyone applies it at the same time).
So again, why would anyone target linux?
Um... you might want to actually check the facts. The Linux kernel has had dozens more security vulnerabilities than the NT kernel has ever had. WHere windows breaks down is the idiots who run as root, and other broken software like java/flash/firefox/ie. And even when internal Windows security bugs gain wide spread press, its *AFTER* microsoft has already released a patch for *MONTHS* (e.g. Conficker)
In fact Linux kernel vulnerabilities are so common that all android phones are rooted using them. Millions of them shipped with kernel bugs. Brilliant.
So again, why would anyone target linux?
That question should be rephrased to HOW would anyone target Linux, not why. The why is obvious - it has a huge installed base, often protects high-value data and is commonly used on servers (eg, highly available for botnets).
As to the how? You've just given one reason why it's so hard. Diversity is strength, and monocultures should be avoided.
If Linux had major issues in general, there would be major screaming on almost every forum how insecure the OS is.
LOL.. the hundreds of thousands of rooted Linux servers serving malware infested advertisement to Windows users is "proof is in the pudding".
Go and do some research on NT vs Linux kernel bugs. The Linux kernel bugs are so common.. people are using them to root android phones. Millions of phones shipped with kernel bugs.. such awesome security.
You mean something like "tripwire"? apt-get install tripwire. Mind you its configuration is non-trivial to say the least.
You're right, I must resolve someday to extend my knowledge and study how they work.
Thanks
Michele
I love the smugness of *nix users who think that it's only Windoze users who can be compromised.
I have a rather large botnet made out of their computers. It's extermely well written code so it uses very little of their system resources and, in their smugness, they'll never even notice it's there.
Amazing how easy it is to explot a browser to download and run the install too.
There are common code segments across large parts of that ecosystem. eg: what fraction are running any kernel between version 2.6.37 and 3.8.8? (http://arstechnica.com/security/2013/05/critical-linux-vulnerability-imperils-users-even-after-silent-fix/ ; top google link for 'may kernel exploit')
There are many different combinations of the same software options, with a few extra patches; I don't believe there are nearly 'thousands' of unique code bases, and even then there has to be very large exposed code segments common to many of them. (eg: What if a remote code exploitation flaw was discovered in Apache? )
Having said that, the variability in file paths, memory locations, patches, versions available, or even what windowing system libraries are would make any potential issue much more limited in scope compared to over 1/3 of all computers on the net affected by either a xp, or windows 7 flaw.
Mount home and tmp as non executable link
AccountKiller
however viruses require "active" cooperation of the user. you don't have good attack possibilities to infect servers. Windows servers are not a huge part of botnets, it's the windows workstations (and a lot of them are using illegal copies so they're not properly updated). Targeting linux workstations would be "easier" in that regard however desktop usage of linux is still not high enough (and the users tend to be more computer literate) to be feasible. add the diversity to it and you'll realize you have much better chance of success (and larger possible profit) targeting windows or android...
Actually, I have seen something similar recently on a kubuntu 12.04 machine. The web cam just went on on its own. If I remember correctly, it went off as soon as I killed skype. I am not sure whether this makes it more or less concerning, but my guess is that skype is involved.
This machine is fully patched and uses pretty strict firewall rules. Of course, this his my wife's machine, and my guess is that her browsing habits are not very safe. She me told that the cam went on and off on its own several times before...
Isn't Android already pre-infected? They already send all your info to Google.
That assumes that he uses only those ancient Presentation Manager apps, and not to run DOS or win16 apps. As long as that's what he does, your suggestion is valid. Somehow, OBSD doesn't sound like a good idea for a laptop - make it PC-BSD, and have PF on it.
Are the viruses/malware infecting the kernel or userland? If they are infecting the kernel, they are simply Linux viruses. If they are infecting only the shell and upper layers of the OS, we'll happily call it GNU malware. As in malware that infects GNU, not as malware that respects your 4 freedoms.
You just need to edit /etc/hosts. That'll fix it
about the drugs you are using
Android IS Linux.
1960's "what we could really do with is some sort of tracking/bugging device for all citizens, one for the home and one they carry round with them"
"No way, it'll never be accepted by the public"
2000's "I can has a phone with 2 cameras?!"
You didn't cite anything, so you haven't proven your "facts."
But even if Linux did have "dozens more" published vulnerabilities than NT, that's a very small margin as a percentage.
On top of that, you're assuming that that proves anything. We all know the NT kernel has many unknown, unpublished vulnerabilities. Some of them may never be published because they may only be discovered by blackhats. On the other hand, Linux's source can be examined by anyone and patched in a matter of hours by major distros, compared to days or weeks or months by Microsoft.
"Those who consume the bulk of goods are those who make them. We must never forget this secret of our prosperity."
...and it's trying Linux again...
"Those who consume the bulk of goods are those who make them. We must never forget this secret of our prosperity."