Linux Format forums Forum Index Linux Format forums
Help, discussion, magazine feedback and more
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Pathetic news story of the week
Goto page 1, 2  Next
 
Post new topic   Reply to topic    Linux Format forums Forum Index -> Discussion
View previous topic :: View next topic  
Author Message
Rhakios
Moderator


Joined: Thu Apr 07, 2005 12:18 am
Posts: 7633
Location: Midlands, UK

PostPosted: Thu Feb 10, 2011 8:17 pm    Post subject: Pathetic news story of the week Reply with quote

My nomination for pathetic news story of the week goes to The H, for this story.

It seems that we must all quake in our boots at the thought that Linux is vulnerable to USB drives carrying malware. All we need to do is, fail to keep our systems up to date, disable a couple of security mechanisms, and insert the specially crafted drive.

To be fair, the security specialist must have started work on this before the vulnerability in Evince was fixed and says he can get around the two mechanisms without disabling them manually beforehand. And he has so much confidence in his ability to do this, that he is happy to tell his audience about, but not actually demonstrate it.

I have no doubt that Linux is vulnerable in a number of ways, especially through methods designed to gull the careless user, but please, please, please, can we just have someone demonstrate something that works properly without resorting to "fixes" to get things going. Otherwise, this just reads like pathetic scaremongering.
_________________
Bye, Rhakios
Back to top
View user's profile Send private message
Bazza
LXF regular


Joined: Sat Mar 21, 2009 11:16 am
Posts: 1476
Location: Loughborough

PostPosted: Thu Feb 10, 2011 9:22 pm    Post subject: Reply with quote

Hi Rhakios...

> And he has so much confidence in his ability to do this, that
> he is happy to tell his audience about, but not actually
> demonstrate it.

Yeah I noticed that too.

My Windies box caught a Virus/Worm/Whatever last night.

Didn`t bother me much, soon got rid of it...
_________________
73...

Bazza, G0LCU...

Team AMIGA...
Back to top
View user's profile Send private message
LeeNukes
LXF regular


Joined: Sun Jun 21, 2009 9:11 pm
Posts: 954
Location: At the bar

PostPosted: Thu Feb 10, 2011 9:47 pm    Post subject: Reply with quote

Still interesting, but as with most things, if someone has physical access to the system, consider it compromised.
_________________
Join GiffGaff and get 5 free credit
Back to top
View user's profile Send private message
wyliecoyoteuk
LXF regular


Joined: Sun Apr 10, 2005 11:41 pm
Posts: 3452
Location: Birmingham, UK

PostPosted: Thu Feb 10, 2011 10:02 pm    Post subject: Reply with quote

As always, if you have system which has oit been updated for 6 months, do this...and this... and click on this... you perhaps get Linux virus or malware.

Whereas windows systems get viruses just by being connected or browsing a web page. meh

I know Linux us NOT invulnerable but really...
_________________
The sig between the asterisks is so cool that only REALLY COOL people can even see it!

*************** ************
Back to top
View user's profile Send private message
nelz
Site admin


Joined: Mon Apr 04, 2005 12:52 pm
Posts: 8464
Location: Warrington, UK

PostPosted: Thu Feb 10, 2011 10:29 pm    Post subject: Reply with quote

LeeNukes wrote:
Still interesting, but as with most things, if someone has physical access to the system, consider it compromised.


You don't need physical access for this, just give out free USB sticks.
_________________
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
Back to top
View user's profile Send private message
bobthebob1234
LXF regular


Joined: Thu Jan 03, 2008 9:38 pm
Posts: 1369
Location: A hole in a field

PostPosted: Thu Feb 10, 2011 11:33 pm    Post subject: Reply with quote

or drop them around. Its amazing what curiosity will make people do.
_________________
For certain you have to be lost to find the places that can't be found. Elseways, everyone would know where it was
Back to top
View user's profile Send private message
Dutch_Master
LXF regular


Joined: Tue Mar 27, 2007 2:49 am
Posts: 2435

PostPosted: Fri Feb 11, 2011 1:01 am    Post subject: Reply with quote

And even then: how can you be sure that stick is found by someone who uses Linux, hasn't updated for ages, is stupid enough do follow the instructions w/o knowing what they are and keep the stick inserted when he finds it's infected...? I think you'd have a better chance winning the lottery Wink
Back to top
View user's profile Send private message
Rhakios
Moderator


Joined: Thu Apr 07, 2005 12:18 am
Posts: 7633
Location: Midlands, UK

PostPosted: Fri Feb 11, 2011 6:55 am    Post subject: Reply with quote

bobthebob1234 wrote:
or drop them around. Its amazing what curiosity will make people do.


Really? Very Happy
_________________
Bye, Rhakios
Back to top
View user's profile Send private message
Ram
LXF regular


Joined: Thu Apr 07, 2005 10:44 pm
Posts: 1672
Location: Guisborough

PostPosted: Fri Feb 11, 2011 10:33 am    Post subject: Reply with quote

Rhakios wrote:
bobthebob1234 wrote:
or drop them around. Its amazing what curiosity will make people do.


Really? Very Happy


Curiosity killed the cat, but I'm not pressing that in work time.
_________________

lubuntu LXDE 13.10 running on AMD Phenom II*4; ASUS Crosshair III Formula MB; 4 GB Ram.....
Back to top
View user's profile Send private message MSN Messenger
nelz
Site admin


Joined: Mon Apr 04, 2005 12:52 pm
Posts: 8464
Location: Warrington, UK

PostPosted: Fri Feb 11, 2011 10:38 am    Post subject: Reply with quote

Dutch_Master wrote:
And even then: how can you be sure that stick is found by someone who uses Linux, hasn't updated for ages, is stupid enough do follow the instructions w/o knowing what they are and keep the stick inserted when he finds it's infected...?


Dual infected sticks, work on Windows and Linux.

The fix in evince is quite recent.

Never underestimate stupidity.

There are no instructions to follow, all they have to do is view the stick contents in Nautilus.

See third point.

Actually, you don't necessarily need to keep the stick inserted, if the malware's first step is to copy itself to your hard drive.
_________________
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
Back to top
View user's profile Send private message
Bazza
LXF regular


Joined: Sat Mar 21, 2009 11:16 am
Posts: 1476
Location: Loughborough

PostPosted: Fri Feb 11, 2011 12:20 pm    Post subject: Reply with quote

Hi nelz...

> Never underestimate stupidity.

Guilty as charged m`lud.
_________________
73...

Bazza, G0LCU...

Team AMIGA...
Back to top
View user's profile Send private message
Rhakios
Moderator


Joined: Thu Apr 07, 2005 12:18 am
Posts: 7633
Location: Midlands, UK

PostPosted: Fri Feb 11, 2011 6:04 pm    Post subject: Reply with quote

nelz wrote:

Dual infected sticks, work on Windows and Linux.


Good to see you have a plan. Wink

Quote:

There are no instructions to follow, all they have to do is view the stick contents in Nautilus.


Yes there are, you have disable two security features first. The method of getting around them hasn't been demonstrated.
_________________
Bye, Rhakios
Back to top
View user's profile Send private message
nelz
Site admin


Joined: Mon Apr 04, 2005 12:52 pm
Posts: 8464
Location: Warrington, UK

PostPosted: Sat Feb 12, 2011 9:23 am    Post subject: Reply with quote

Weren't those security features enabled quite recently? Meaning anything not up to date is vulnerable.
_________________
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
Back to top
View user's profile Send private message
Rhakios
Moderator


Joined: Thu Apr 07, 2005 12:18 am
Posts: 7633
Location: Midlands, UK

PostPosted: Sat Feb 12, 2011 11:18 am    Post subject: Reply with quote

nelz wrote:
Weren't those security features enabled quite recently? Meaning anything not up to date is vulnerable.


I don't know about ASLR, but AppArmor has been around for quite a while now. For openSUSE users, some years, not so sure about other distros.
_________________
Bye, Rhakios
Back to top
View user's profile Send private message
nelz
Site admin


Joined: Mon Apr 04, 2005 12:52 pm
Posts: 8464
Location: Warrington, UK

PostPosted: Sat Feb 12, 2011 12:56 pm    Post subject: Reply with quote

Ah yes, I'd forgotten that it needed AppArmor turning off.
_________________
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
Back to top
View user's profile Send private message
View previous topic :: View next topic  
Display posts from previous:   
Post new topic   Reply to topic    Linux Format forums Forum Index -> Discussion All times are GMT
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Linux Format forums topic RSS feed 


Powered by phpBB © 2001, 2005 phpBB Group


Copyright 2011 Future Publishing, all rights reserved.


Web hosting by UKFast