| View previous topic :: View next topic |
| Author |
Message |
Rhakios
Moderator
Joined: Thu Apr 07, 2005 12:18 am
Posts: 7484
Location: Midlands, UK
|
 Posted: Thu Feb 10, 2011 8:17 pm Post subject: Pathetic news story of the week |
 |
|
My nomination for pathetic news story of the week goes to The H, for this story.
It seems that we must all quake in our boots at the thought that Linux is vulnerable to USB drives carrying malware. All we need to do is, fail to keep our systems up to date, disable a couple of security mechanisms, and insert the specially crafted drive.
To be fair, the security specialist must have started work on this before the vulnerability in Evince was fixed and says he can get around the two mechanisms without disabling them manually beforehand. And he has so much confidence in his ability to do this, that he is happy to tell his audience about, but not actually demonstrate it.
I have no doubt that Linux is vulnerable in a number of ways, especially through methods designed to gull the careless user, but please, please, please, can we just have someone demonstrate something that works properly without resorting to "fixes" to get things going. Otherwise, this just reads like pathetic scaremongering.
_________________
Bye, Rhakios |
|
| Back to top |
|
 |
Bazza
LXF regular
Joined: Sat Mar 21, 2009 11:16 am
Posts: 1392
Location: Loughborough
|
| Posted: Thu Feb 10, 2011 9:22 pm Post subject: |
|
|
Hi Rhakios...
> And he has so much confidence in his ability to do this, that
> he is happy to tell his audience about, but not actually
> demonstrate it.
Yeah I noticed that too.
My Windies box caught a Virus/Worm/Whatever last night.
Didn`t bother me much, soon got rid of it...
_________________
73...
Bazza, G0LCU...
Team AMIGA... |
|
| Back to top |
|
|
LeeNukes
LXF regular
Joined: Sun Jun 21, 2009 9:11 pm
Posts: 954
Location: At the bar
|
| Posted: Thu Feb 10, 2011 9:47 pm Post subject: |
|
|
Still interesting, but as with most things, if someone has physical access to the system, consider it compromised.
_________________
Join GiffGaff and get £5 free credit |
|
| Back to top |
|
|
wyliecoyoteuk
LXF regular
Joined: Sun Apr 10, 2005 11:41 pm
Posts: 3369
Location: Birmingham, UK
|
| Posted: Thu Feb 10, 2011 10:02 pm Post subject: |
|
|
As always, if you have system which has oit been updated for 6 months, do this...and this... and click on this... you perhaps get Linux virus or malware.
Whereas windows systems get viruses just by being connected or browsing a web page. meh
I know Linux us NOT invulnerable but really...
_________________
The sig between the asterisks is so cool that only REALLY COOL people can even see it!
*************** ************ |
|
| Back to top |
|
|
nelz
Moderator
Joined: Mon Apr 04, 2005 12:52 pm
Posts: 8036
Location: Warrington, UK
|
| Posted: Thu Feb 10, 2011 10:29 pm Post subject: |
|
|
| LeeNukes wrote: | | Still interesting, but as with most things, if someone has physical access to the system, consider it compromised. |
You don't need physical access for this, just give out free USB sticks.
_________________
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein) |
|
| Back to top |
|
|
bobthebob1234
LXF regular
Joined: Thu Jan 03, 2008 9:38 pm
Posts: 1360
Location: A hole in a field
|
| Posted: Thu Feb 10, 2011 11:33 pm Post subject: |
|
|
or drop them around. Its amazing what curiosity will make people do.
_________________
For certain you have to be lost to find the places that can't be found. Elseways, everyone would know where it was |
|
| Back to top |
|
|
Dutch_Master
LXF regular
Joined: Tue Mar 27, 2007 2:49 am
Posts: 2359
|
| Posted: Fri Feb 11, 2011 1:01 am Post subject: |
|
|
And even then: how can you be sure that stick is found by someone who uses Linux, hasn't updated for ages, is stupid enough do follow the instructions w/o knowing what they are and keep the stick inserted when he finds it's infected...? I think you'd have a better chance winning the lottery  |
|
| Back to top |
|
|
Rhakios
Moderator
Joined: Thu Apr 07, 2005 12:18 am
Posts: 7484
Location: Midlands, UK
|
| Posted: Fri Feb 11, 2011 6:55 am Post subject: |
|
|
| bobthebob1234 wrote: | | or drop them around. Its amazing what curiosity will make people do. |
Really? 
_________________
Bye, Rhakios |
|
| Back to top |
|
|
Ram
LXF regular
Joined: Thu Apr 07, 2005 10:44 pm
Posts: 1570
Location: Guisborough
|
| Posted: Fri Feb 11, 2011 10:33 am Post subject: |
|
|
| Rhakios wrote: | | bobthebob1234 wrote: | | or drop them around. Its amazing what curiosity will make people do. |
Really? |
Curiosity killed the cat, but I'm not pressing that in work time.
_________________
Ubuntu LXDE 12.04 running on AMD Phenom II*4; ASUS Crosshair III Formula MB; 4 GB Ram.....
|
|
| Back to top |
|
|
nelz
Moderator
Joined: Mon Apr 04, 2005 12:52 pm
Posts: 8036
Location: Warrington, UK
|
| Posted: Fri Feb 11, 2011 10:38 am Post subject: |
|
|
| Dutch_Master wrote: | | And even then: how can you be sure that stick is found by someone who uses Linux, hasn't updated for ages, is stupid enough do follow the instructions w/o knowing what they are and keep the stick inserted when he finds it's infected...? |
Dual infected sticks, work on Windows and Linux.
The fix in evince is quite recent.
Never underestimate stupidity.
There are no instructions to follow, all they have to do is view the stick contents in Nautilus.
See third point.
Actually, you don't necessarily need to keep the stick inserted, if the malware's first step is to copy itself to your hard drive.
_________________
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein) |
|
| Back to top |
|
|
Bazza
LXF regular
Joined: Sat Mar 21, 2009 11:16 am
Posts: 1392
Location: Loughborough
|
| Posted: Fri Feb 11, 2011 12:20 pm Post subject: |
|
|
Hi nelz...
> Never underestimate stupidity.
Guilty as charged m`lud.
_________________
73...
Bazza, G0LCU...
Team AMIGA... |
|
| Back to top |
|
|
Rhakios
Moderator
Joined: Thu Apr 07, 2005 12:18 am
Posts: 7484
Location: Midlands, UK
|
| Posted: Fri Feb 11, 2011 6:04 pm Post subject: |
|
|
| nelz wrote: |
Dual infected sticks, work on Windows and Linux.
|
Good to see you have a plan.
| Quote: |
There are no instructions to follow, all they have to do is view the stick contents in Nautilus.
|
Yes there are, you have disable two security features first. The method of getting around them hasn't been demonstrated.
_________________
Bye, Rhakios |
|
| Back to top |
|
|
nelz
Moderator
Joined: Mon Apr 04, 2005 12:52 pm
Posts: 8036
Location: Warrington, UK
|
| Posted: Sat Feb 12, 2011 9:23 am Post subject: |
|
|
Weren't those security features enabled quite recently? Meaning anything not up to date is vulnerable.
_________________
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein) |
|
| Back to top |
|
|
Rhakios
Moderator
Joined: Thu Apr 07, 2005 12:18 am
Posts: 7484
Location: Midlands, UK
|
| Posted: Sat Feb 12, 2011 11:18 am Post subject: |
|
|
| nelz wrote: | | Weren't those security features enabled quite recently? Meaning anything not up to date is vulnerable. |
I don't know about ASLR, but AppArmor has been around for quite a while now. For openSUSE users, some years, not so sure about other distros.
_________________
Bye, Rhakios |
|
| Back to top |
|
|
nelz
Moderator
Joined: Mon Apr 04, 2005 12:52 pm
Posts: 8036
Location: Warrington, UK
|
| Posted: Sat Feb 12, 2011 12:56 pm Post subject: |
|
|
Ah yes, I'd forgotten that it needed AppArmor turning off.
_________________
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein) |
|
| Back to top |
|
|
| View previous topic :: View next topic |
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
