Ask Slashdot: Is GNU/Linux Malware a Real Threat?

New submitter m.alessandrini writes "I've been using Debian for a long time, and I'm not a novice at all; I install system updates almost daily, I avoid risky behaviors on Internet, and like all Linux users I always felt safe. Yesterday my webcam suddenly turned on, and turned off after several minutes. I'm pretty sure it was nothing serious, but I started thinking about malware. At work I use noscript and other tools, but at home I have a more relaxed browser to be used by other family members, too. Here I'm not talking about rootkits or privilege escalation (I trust Debian), I think more of normal user compromise. For example, these days much malware come from malicious scripts in sites, even in advertising banners inside trusted sites, and this is more 'cross-platform' than normal viruses. So, what about non-root user malware? How much could this be real? And how can you diagnose it?"

Obligatory xkcd

http://xkcd.com/1200/

If I ran servers...

[Nutria]

then I'd worry a lot. Rootkits for privilege escalation, SQL injection attacks against poorly-written 3rd-party and locally-developed databases, PHP, CMS & web framework vulnerabilities, etc, etc, etc.

For home use, I'm concerned about router vulnerabilities (Tomato helps but is not perfect) and MITM attacks (but there's nothing I can really do about them except keep my s/w up-to-date, while praying that vendors do the same).

Re:Define "real"

[VortexCortex]

Getting struck by lightning is real. Worrying about/preparing for it very much is silly. Draw your own conclusions about how this applies to malware on a Linux machine that's kept up-to-date and the user avoids risky behaviors.

For lightning, make a will, and you're covered. For Linux, make backups, and you're covered.

My home has a lightning rod. So do all the tall buildings downtown. I have UPS and surge protectors, and even surge arresting breakers in my home's electric service panel. It's not just worrying over lightning, it's also worrying over accidental electrocution (all circuits are GFCI protected in some form, which has saved my bacon more than once); The power spikes and drops in this city are pretty bad. Every time it rains or the wind blows a bit we get little power hiccups. My home has been struck by lightning 3 times in the past 20 years. My neighbors behind me have had a tall pine tree struck, and the neighbors across the street showed up at my doorstep at 3am one morning after a particularly loud thunder clap -- The large china-berry tree in their front yard was struck and it fell over on their house.

Just like with Malware and any OS, there is far more you can do to prevent against lightning or electrical damage. I've never lost a system to power issues, and I have many. In addition to backups I use VMs -- Oops, virused a VM image, restore from snapshot -- It's like a backup, but smarter.

Re:someone's spying on you

[fast+turtle]

The only problem is, flash already has the right to access the damn camera/mic (default setting). You Have to deny it

Re:Linux's Biggest Threat is Human Engineering

[tconnors]

From your link it seems the actual danger is in copy/pasting and then hitting enter BEFORE looking at what it is you typed. If you select something to copy, then paste and notice the pasted output is significantly difference to what you selected, alarm bells should ring very quickly (unless the difference is really subtle of course).

Hint: copied text can contain embedded newlines. And the first line of text will be some obfuscated form of stty -echo, if you have read the posted source, so you won't even know.

Then again, this seems mostly hypothetical. Does anyone actually have an example of something like this being used in a nefarious way on a Linux site?

Well, it's impossible to prove something doesn't exist, and since this whole slashdot story originated because someone's computer did something unexpected, perhaps the OP is an example of where this was used?