Just Imagine

Story: Developer Ponders Release of Linux MalwareTotal Replies: 8
Author Content
bigg

Dec 01, 2009
4:50 PM EDT
Just imagine how many stories there would be if it were news everytime a 'developer' decided to write malware for Windows.

Linux must be secure if this is worthy of a story.
tracyanne

Dec 01, 2009
5:27 PM EDT
You will note, that once again it is a Trojan, a malware form that as far as I'm aware, it is agreed all Operating systems are susceptible to, as it depends on the security of the wetware that resides between the chair and the keyboard.
d0nk3y

Dec 01, 2009
6:11 PM EDT
Yeah - pfft. Bring it on! The more exposure the better

Any holes will be fixed. End of story. And linux remains more secure.
phsolide

Dec 01, 2009
6:15 PM EDT
Actually, like in every other area, Unix had malware first. From Fred Cohen's first virus in 1984, to RTM's worm in '88, to fake /bin/login, Unix had it all first.

So the real question is, "Why does Windows have such a huge malware problem?" Unix had decades of head start, and it doesn't have any such problem. The best the "Anti-Virus" companies can come up with is script-kiddies infecting already-hacked boxes with RST.b viruses, that come from dodgy malware.

The release of yet another trojan won't make any difference whatsoever. Whatever immunity to infection the linux/unix file permissions, user IDs, group IDs, etc comprise is enough to prevent the pandemics that plague windows. Oh, also the lack of "executable documents" under Linux. That was a major mistake that MSFT and Apple made.
kingttx

Dec 01, 2009
6:19 PM EDT
It feels more like vaporware when I read the article. I'd feel a little better about the claims (for lack of a better term) if there were some third party Linux security guru that looked it over instead of simple raves and claims by its own author.

It raises the question, though, if it adds the execute bit without the user specifically chmod'ing it. Someone please correct me if I'm wrong, but most distros have sane masks for the /home directories wherein, by default, no new files are executable unless the user chmod's the file. Like many have said before, you can trick users into running "rm -rf /" (I think there are some barriers in some distros now to prevent this, though). Will the script escalate privileges and/or touch system files without explicit permissions? Will it add its own execute bit? Does it propagate on its own? Does it do anything compelling beyond some fancy scripting?
Scott_Ruecker

Dec 01, 2009
6:37 PM EDT
Quoting:it depends on the security of the wetware that resides between the chair and the keyboard


Exactly Tracy, hear hear!
gus3

Dec 01, 2009
6:50 PM EDT
It isn't "malware" as most people think of it. It's a tool for demonstrating, in a non-malicious way, that the system has been compromised. Any color hat, who wants to test an attack can use this as the payload.

I suggested he donate it to the SELinux project for their regression testing suite.
tracyanne

Dec 01, 2009
7:17 PM EDT
http://blogs.zdnet.com/security/?p=1689&tag=nl.e539

http://blogs.zdnet.com/security/?p=4748&tag=nl.e539

http://blogs.zdnet.com/security/?p=4996&tag=nl.e539

Not Linux, but interesting with regard to the subject
moopst

Dec 01, 2009
10:54 PM EDT
Sounds to me like the Honor System virus http://en.wikipedia.org/wiki/Honor_system_virus

Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]

Becoming a member of LXer is easy and free. Join Us!