Ralf Mardorf writes: > On Tue, 2013-12-10 at 08:47 +0100, Gian Uberto Lauri wrote: > > Ralf Mardorf writes: > > > I know they hack servers, but was the Linux home PC of anybody on this > > > list ever hacked? > > > > How could you detect? Are you sure you have the skills to detect this? > > It's possible to e.g. monitor network traffic, but I'm not doing > it.
You are not doing it as thousands of people. While the sardines shoal is a defensive strategy, it offers an offensive opportunity to wrong doers. That's why software makers and software distribution makers should make their product with design choices that do not help wrong doers. > I > guess on my machine at least the amount of audio xruns would increase, > if something would be active in the background. Likely that audio apps > completely would crash, or at least there would be more jackd connection > issues. Or not, at least until someone else wants your cpu-power, and in that case you could find yourself left with no other option that "cutting the cables" and reinstall. > Now, not using real-time apps, just doing office work, I wouldn't notice > something evil. There's nothing from interest, no information, no money > nothing somebody could get by my machine. It only could be used to send > spam. And your machine is perhaps worth something more than just sending spam, did you read the stuxnet story? You could be on a complex path to hit an important target. > We can't take care about everything. Perhaps somebody on my street raids > somebody, but I won't spend the whole day watching out of the window, > I'm not the police. But you can make it harder for other people to do this. I know this under the "prudence and common sense" label rather than "patrolling the streets". > If I need a protection for my computer I would take care about it. I > still would use su and sudo, but perhaps use something like AppArmor and > other protections. Again, the sardines shoal is a defensive strategy that work well when there are a lot of low value targets. But if this lot of target offers a cheap enough option to be "captured", the sum of small margins can build up a sensible gain (like in supermarkets). > More likely the next GTK update will cause an issue, than a virus ;). That's the point. Current sudo default configuration is "bad". That 4does not means that the whole sudo program is bad (except that for Italian speakers it smells(*) :)). Does not add security but adds potential harms. Maybe I am a bit more paranoid than most, O.K. years (quite a few :)) ago I got my fun (when it was not illegal) and that made me a bit more aware of dangers. I am not suggesting to be paranoid. It's simply that Internet is not the neighborhood where you can leave your house door unlocked. -- /\ ___ Ubuntu: ancient /___/\_|_|\_|__|___Gian Uberto Lauri_____ African word //--\| | \| | Integralista GNUslamico meaning "I can \/ coltivatore diretto di software not install giĆ sistemista a tempo (altrui) perso... Debian" Warning: gnome-config-daemon considered more dangerous than GOTO -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/21158.63028.962015.30...@mail.eng.it