this post was submitted on 19 Nov 2023
704 points (90.6% liked)

linuxmemes

20880 readers
2 users here now

I use Arch btw


Sister communities:

Community rules

  1. Follow the site-wide rules and code of conduct
  2. Be civil
  3. Post Linux-related content
  4. No recent reposts

Please report posts and comments that break these rules!

founded 1 year ago
MODERATORS
 
top 50 comments
sorted by: hot top controversial new old
[–] [email protected] 130 points 11 months ago (4 children)

https://en.wikipedia.org/wiki/Linux_malware

I fucking hate the mentality that Linux is somehow completely safe.

Just because it isn't attacked as much because of the low adoption rate among users, doesn't mean it has no vulnerabilities.

[–] [email protected] 43 points 11 months ago* (last edited 11 months ago) (1 children)

With SteamOS and ChromeOS now having millions of users, Linux attacks will become more commonplace.

IIRC ChromeOS is either built on or can be configured to run applications like a Linux distro?

[–] [email protected] 20 points 11 months ago

Yes, so Linux better be ready, because those attacks will increase.

And sentiments like the one from OP don't help one bit.

[–] [email protected] 31 points 11 months ago (3 children)

Malware for desktop users is the low hanging fruit with little rewards. You just hear about it because it's so rediculous easy.

The real money is on servers, so that's were real money/work is invested to develop malware for much higher gains. How successful are they again?

[–] [email protected] 14 points 11 months ago* (last edited 11 months ago)

I think you're right. A single desktop, unless it is either someone in a position of power or access to trade secret files, is not a time effective attack vector.

A server on the other hand can access all of that stuff across an entire organization.

load more comments (2 replies)
[–] [email protected] 12 points 11 months ago

Not just that but whenever you hear that company xyz was hacked and their data leaked, what do you think was powering their servers? Most likely Linux. Sure, they usually have more things exposed to the internet, but users install way more apps so the attack surface is vastly bigger in home computers running Linux than servers.

load more comments (1 replies)
[–] [email protected] 110 points 11 months ago (3 children)

Wine appears in the output of ps aux.

Nervous not-an-emulator noises.

load more comments (3 replies)
[–] [email protected] 67 points 11 months ago (2 children)

Pro tip: Infect your Windows friends with malware, then get them to switch to Linux

/s

[–] [email protected] 43 points 11 months ago

#unethicallinuxevangelismtips

load more comments (1 replies)
[–] [email protected] 55 points 11 months ago (10 children)

Lol as if Linux is free of malware.

[–] [email protected] 61 points 11 months ago (6 children)

It was, 25 years ago. Same as Windows' security was absent at that time.

But people never update their prejudices, so all the jokes are from the last millenium.

If you want an OS that is really malware-free, you need to run temple os.

[–] [email protected] 34 points 11 months ago (1 children)

If you want an OS that is really malware-free, you need to run temple os.

Can't get malware if the OS is the malware. jk. RIP you crazy genius SOB.

[–] [email protected] 25 points 11 months ago (1 children)

It's also pretty hard to get malware without network capabilities

[–] [email protected] 19 points 11 months ago

I never said that Temple OS is usable ;)

[–] [email protected] 12 points 11 months ago

God wouldn't let you get malware on his chosen OS.

load more comments (4 replies)
[–] [email protected] 13 points 11 months ago

It isn't, but you're unlikely to encounter Linux specific malware.

load more comments (8 replies)
[–] [email protected] 51 points 11 months ago (2 children)

Security through obscurity is not security

[–] [email protected] 25 points 11 months ago

That's why I use NixOS. Double the obscurity, double the security!

[–] [email protected] 24 points 11 months ago

Say that too loudly, and you might upset the apple crowd lol

[–] [email protected] 34 points 11 months ago* (last edited 11 months ago) (4 children)

True story, Linux sees MIME types, so if Hot.Chick.Blows.Brother.mp4 is a virus, it shows up with a Windows (MZ) binary icon, not a media icon 😉... unlike Windows which only recognizes extensions 😒.

[–] [email protected] 48 points 11 months ago* (last edited 11 months ago) (4 children)

Microsoft, in their infinite wisdom, also decided that file extensions should be hidden by default. So you won't even see that you downloaded TaylorSwift_1989_TaylorsVersion.exe instead of TaylorSwift_1989_TaylorsVersion.mp3 unless you changed that setting ahead of time.

[–] [email protected] 23 points 11 months ago

Or worse, Numb_LinkinPark.mp3.exe just shows up as Numb_LinkinPark.mp3, making it look like it's DEFINITELY a legit MP3!

[–] [email protected] 19 points 11 months ago (1 children)

Wait.. Real?? I guess its always been a part of the first round of changes I've always made to Windows. Crazy how much I've normalized fighting the software I use.

Anyway, that's wild. What a just bad and unsafe decision.

[–] [email protected] 9 points 11 months ago

See, this is mostly because of 2 things. One, when changing filenames, users make the stupid mistake of changing the extension as well (having no extension that is), which of course, in Windows, it means the file won't be recognized as a media file. Two, blind you from the truth - you don't want users that can think, that's not what our bysiness is about 😏. Also the reason behind why Windows has less and less options and people that want to change something have to revert to registery hacks to do so.

[–] [email protected] 15 points 11 months ago

It's even worse, since exe files can have custom icons, the malware will have a mp3 player icon in their exe file, making it totes confusing.

load more comments (1 replies)
[–] [email protected] 15 points 11 months ago (1 children)

That's not a Linux thing. It's just whatever desktop shell you chose to use and various shells behave in various ways. The reason this might be safer in most Linux distros is that you're discouraged from executing things under a privileged user which means that malware can't make significant changest to your system easily. If you do the same in windows, you'd be just as safe.

load more comments (1 replies)
load more comments (2 replies)
[–] [email protected] 31 points 11 months ago (1 children)

You guys are quick to forget that Wine (Wine Is Not an Emulator) is, in fact, not an emulator. Most windows ransomware will successfully encrypt your files if ran with wine.

[–] [email protected] 10 points 11 months ago (1 children)

That is why I always try to avoid installing Wine natively

load more comments (1 replies)
[–] [email protected] 30 points 11 months ago (4 children)

If you're feeling even more paranoid, go with something even more obscure like Plan 9 from Bell Labs. It's Unix-like but differs so much from it that a Unix or Linux type malware would do nothing to it.

[–] [email protected] 14 points 11 months ago (3 children)

I always want to try Plan 9 or one of its successors but actually never do. So many interesting concepts but nothing really to apply them to.

load more comments (3 replies)
load more comments (3 replies)
[–] [email protected] 22 points 11 months ago (1 children)

but then the little Wine window appears

[–] [email protected] 14 points 11 months ago

the wine prefix is being updated, please wait...

[–] [email protected] 20 points 11 months ago (1 children)

False sense of security. You accidentally downloaded a virus that doesn't work on your system... What kind of habits and hygiene are you rolling with on a day to day basis?

load more comments (1 replies)
[–] [email protected] 15 points 11 months ago (4 children)

If you use Linux because of this you are just a kid following the hype

load more comments (4 replies)
[–] [email protected] 14 points 11 months ago (1 children)

Downloading a virus has as much effect on Windows as it does on Linux and any other operating system: None.

Unless it exploits a security vulnerability with something that automatically touches the file. Like a virus scanner.

load more comments (1 replies)
[–] [email protected] 13 points 11 months ago

Next you're going to say https://www.cisecurity.org/benchmark/red_hat_linux exists for fearmongering.

[–] [email protected] 13 points 11 months ago

WINE

Also...Get a whitelisting antivirus on windows.

[–] [email protected] 9 points 11 months ago (1 children)

so, I had a pendrive that a friend borrowed once. later on another friend used it and said it had virus. I simply couldn't know since I was on GNU/Linux.

though later on I cleaned it with dd.

load more comments (1 replies)
load more comments
view more: next ›