Alan McKinnon wrote: > On 08/07/2013 15:24, Dale wrote: >> Walter Dnes wrote: >>> On Fri, Jul 05, 2013 at 05:21:25PM -0500, Dale wrote >>> >>>> Well, no Wine here. So that won't happen. Actually, I don't have a >>>> copy of windoze here at all. Neither of my two rigs have ever had >>>> windoze installed on them at all. >>>> >>>> BTW, I have been known to open those attachments before. I usually open >>>> them with kwrite or something and try to see what is human readable in >>>> there. Most is machine language but there is usually a small portion >>>> that is human readable. They sent it and I'm nosy that way. lol >>> The bad guys go after the "low hanging fruit", i.e. the easiest >>> targets. Years ago, it was Internet Explorer. This also included >>> Outlook and Outlook Express, which were glorified IE frontends. There >>> were many "drive-by-downloads", thanks to Active-X (aka "Active-Hacks"). >>> >>> MS has gotten its act together on IE, so the bad guys are now going >>> after other stuff. The "other stuff" is cross-platform stuff like Java >>> and Javascript and Adobe Acrobat and Flash (known affectionately as >>> "Schlockwave Trash"). So yes... it can happen here. >>> >>> I've been Java-free for years. I use Noscript and Flashblock on >>> Firefox. I keep Opera around for those sites that don't work on >>> Firefox. I also use mupdf instead of the bloated Acrobat Reader >>> monstrosity. >>> >> >> Questions. Can a virus infect the OS when running on Linux through >> java/javascript/flash? > Yes. If you can get the payload to run, then that code will run and will > do whatever the environment it is in will let it do. > >> Or would the infection at the least be limited >> to that user? > That's the normal case, but by no means the only one. > > If you have sudoers set up to run any command as root without using a > password, well then.... > >> How is html5 going to affect this? Better or worse? > > I think you need to gain a deeper understanding of how computer software > works Dale. You are asking black/white questions, and the world just is > not like that. It's all grey. > > These questions do not have simple answers. Windows well-deserved it's > bad rep from many years ago - that came not from bad security or > loopholes but more from the simple fact that early Windows had no > security to speak of. It wasn't poor locks, there just wasn't a lock, > not a door ... oh stuff it there wasn't even a wall to put the door in > for many years! > > Things have vastly improved now and Windows in the hands of someone with > clue rates about the same as (more-or-less conventional) Linux in the > hands of someone with clue. > > Lastly, gaining root permissions is no longer the holy grail it used to > be. Nowadays first prize is ability to send mail through your mail > accounts, access your browsing history, and get into your password > wallet. All of which by their very nature, MUST be accessible to the > user's account. > >
I'm getting there Alan. I'm always learning something. It's retaining it that is the issue. ;-) Dale :-) :-) -- I am only responsible for what I said ... Not for what you understood or how you interpreted my words!
