Slashdot Mirror
'Bashware' Attacks Exploit Windows 10's Subsystem for Linux (betanews.com)
Mark Wilson quote BetaNews: While many people welcomed the arrival of Windows Subsystem for Linux (WSL) in Windows 10, it has been found to be a potential security issue. A new technique known as a Bashware has been discovered by security researchers that makes it possible for malware to use the Linux shell to bypass security software.
While administrator access is needed to execute a Bashware attack, this is fairly easily obtained, and the technique can be used to disguise malicious operations from antivirus software and other security tools. Researchers from Check Point Research point out that the danger stems from the fact that "existing security solutions are still not adapted to monitor processes of Linux executables running on Windows."
While administrator access is needed to execute a Bashware attack, this is fairly easily obtained, and the technique can be used to disguise malicious operations from antivirus software and other security tools. Researchers from Check Point Research point out that the danger stems from the fact that "existing security solutions are still not adapted to monitor processes of Linux executables running on Windows."
No, it's not a non-issue, but it's a different kind of issue than most people realize. Remember the Alexis de Tocqueville Institution and the propaganda they pumped out last decade about how Linux and Open Source in general was a parasite on the tech industry, was enabling all sorts of illegal activities (such as terrorism - of course!), and attempted to publish a book claiming Linus Torvald's didn't really invent the Linux kernel? Microsoft was (and still is!) a major funder of this propaganda mill.
Think about the possible implications of a story like this: Could it generate calls to change the way the Linux kernel and programs that run under it are written? And now MS have their hooks sunk deeply into the kernel dev team. The SCO gambit (also funded by MS) failed, spectacularly. And the Astroturf de Tocqueville gambit failed, though not quite as spectacularly. And now we have MS "cooperating" in the development of Linux. And up pops a story that may justify an overhaul of Linux to make it controllable by MS Windows. Well, surprise, surprise! This "change of attitude" by MS is looking more and more like a subtler strategy to seize control of Linux rather than outright destroy it.