Linux users are always one bad app from being completely scammed
Wayland and Flatpak actually somewhat protects you though, as long as you know to NOT give it the permissions to read all of /home
A single .sh file with exec permission that asks for sudo will easily download appimage keyloggers and then set a cron job to run it every X time to keep it alive and sends it all to whatever remote location. Or whatever else you let the appimage do.
95% of regular users will double click that, and then write their pass in the popup without blinking twice and that will work in most Linux systems.
Most viruses don’t target Linux, sure, but that’s wishful thinking. Always be creful with what you run.
Linux has viruses. Always protect yourself…
Just have backups and know what you’re downloading.
Everyone should think about threats to their data. Cloud backup and laptops better be encrypted, services with open ports be shielded. Linux viruses do exist, especially for android and routers. But also whatever system has an outdated dokuwiki open in the wild is a welcome addition to a botnet. The value of a botnet is in number of infected systems and you don’t need root access to mine monero or take part in a ddos on a machine. Linux security is sincerely undervalued. Selinux, the grsec kernel patches, chrootjail, tripwire… do exist, but are a hassle to setup and maintain. The new container options are nice (docker or flatpack) having your webbrowser contained is not a bad idea.
Update your router, your desktop is spoiled for updates. I stop my 1 am ramblings here.
ClamAV in the corner, visibly annoyed
Its powerful but sadly not realtime
Oh, not true anymore:
https://docs.clamav.net/manual/Usage/Scanning.html#on-access-scanning
That’s great news thanks for telling
A few years ago I found a text (probably as image) where somebody ‘tried’ to run a virus on linux. It went something like this:
Wanted to install a virus on Ubuntu, but it was only available as an aur package. Tried converting. Didn’t work … Tried
make virus, but didn’t work. Upgraded cmake, tried again, but some libraries were missing.Tried installing libraries, but they were very outdated and I couldn’t find proper versions.
Checked the source to see what the libs were doing and replaced them.
and so on.
Does someone know what I’m talking about and possibly has the source?
This!
Not sure how to actually post an image, but this I think is one.
Gripping the bitcoin wallet and paying $5 out of pity is my favorite part :)
Image in post or comment:
You can add alt text in the square brackets, but many apps won’t show it.
This then renders as
Yes. No.
As someone who may obtain games and shows/movies through less than rights holder approved methods, ClamAV is a necessity.
Not just for the pirate though. If you share any files between nix and win OS’s. I wouldn’t want to share any computer std with those I care for, friend, family or business.
There are also cool tools like
chkrootkitandrkhunterthat might come in handy.
if you’re not at least running clamav you’re gonna regret it!
I just switched to linux and totally forgot about this. Do I really not need one? 99% of what I do is steam gaming anyway so I’m not too worried, worst case I just format and reinstall, but still…
better be safe than sorry so get Clamav and scan your system frequently
Not having inter-distro binary compatibility is a blessing in disguise.
Y’all just have too many dependencies
Different glibc version says hello.
libc is a dependency
Reject C and go back to assembly I guess
Oh, you can write C without the standard library. That’s how I first learned it.
It is, isn’t it.
I was just wondering, would immutable distros be even less affected than Unix systems in general?
is that the goal with immutable distros? i thought they were primarily used for rollbacks.
depends.
is your bios writable?
do programs stay written to memory after cycle?
There is no security benefit with immutable Linux
Can you elaborate? Wouldn’t malware need to install something which would not happen on an immutable?
Immutable distros can usually be set to mutable with the correct privileged command.
It’s essentially security by obscurity. But I disagree with “no benefit”. An infection miss through dumb luck is still a miss, after all.
Does anyone have an idea what would happen if one runs a Windows virus with Wine ?
Some interesting answers.
EDIT: even better.
Can only access Wine’s directory not your actual Linux files
Nope. With a stock wine prefix it can access anything you have the permission to access. Your FS root is mapped to the
Z:\drive by default.That’s just not true in many cases. It can usually access your home directory.
And the viruses that write themselves to the boot sectors of the hard drive?
They simply can’t because its designed to do that on windows not on Linux because they are different. Plus use ClamAV and you should be good. (I am not an expert in this)
Microsoft Defender 😊
… Sucks.
That was 5 years ago, it’s actually pretty decent now…
Btw, I was just trolling…
It keeps trying to tell me that FileZilla is a Trojan.
Probably because FileZilla requires special access to personal files and WD probably knows It’ll try to send them elsewhere
The things that trigger antivirus software aren’t just hashes anymore, it’s the behavior of the software on your machine… That’s why I said it’s better now…
Weird how that doesn’t happen for other FTP or file transfer apps.
Oh, wait… I just remembered… users have reported that Filezilla does by itself install malware/bundleware, unless you’re very careful to untick some boxes during the installation… IT IS malicious that they install other stuff on your machine and it’s hard for you to find what exactly they installed…
See the Negative reviews on Alternativeto
The detection happens with the update download, which does not have any bundled software. It also detects the installer that specifically does not have the option for installing bundled software.
i dont know I still dont trust microsoft
SElinux is what you want
