Again a typical news article just recent....
Linux Malware: Are We There Yet?
http://www.linuxtoday.com/infrastructure/2011102600239SCDTSW
Oct 26, 2011, 16 :03 UTC (2 Talkback[s]) (3559 reads)
(Other stories by Matt Hartley)
[ Thanks to James Maguire for this link. ]
"One of the biggest misconceptions coming from newer Linux users is
that by getting away from Microsoft Windows, they're now free to run
their PCs without a care in the world. While it's true that the Linux
desktop isn't nearly as big of a target as the Windows desktop, it's
foolish to think that security isn't a concern at all.
"As a matter of fact, there are ample malware issues that Linux
users need to be aware of. The difference is that unlike Windows, most
issues come from rootkits and phishing attempts."
gerald philly pa usa
ONLY posting to help you with Linux security awareness. This article is
from professionals at prestigious 'LinuxToday.Com" ....I have never
believed Linux was immune to malware from day one. There is an old
computer security joke: "What is the best way to protect your computer ?
Answer: Pull the plug out of the wall" .
NOTE: You NEVER operate ANY computer without antivirus protection -
period! (Includes mobile computers, used to own pdamobilecafe.com) This
is the beginning of wisdom in computer operation for EVERY user.
-------- Original Message --------
Subject: Re: [LINUX_Newbies] New features in 11.04
Date: Fri, 28 Oct 2011 20:42:10 -0400
From: g.linuxducks <[email protected]>
To: [email protected]
If I didn't know better from your posts in this group I would have
assumed you were a computer security dummy.
QUOTEd
<<<AV software in Linux is a redundancy, IMO. You will get people saying
otherwise, but there is little conviction in them or their argument.>>>
Way back when with Linux and malware it might be called FUD
http://en.wikipedia.org/wiki/Fud
Today virtually straight across the board in all security circles
(obviously) and publications (news sources, blogs, articles, etc. )
admittedly malware is a concern with Linux now and obviously Apple/Mac
others. I know that for two reasons. I do windows amateur forensics and
now involved in Linux and as well I read a zillion RSS News Feeds by
Professionals and Experts practically daily. I have maintained a
computer security site since 2005 and can assure you playing ostrich
with Linux malware will not make it go away. Linux and botnets are a
study in themselves.
I am well aware of Klam and Clam as only so-so or fair to very fair
chronically in their detection abilities. With Linux when you go to
Synaptics Package Manager you can really add a lot to Clam including the
Third Party Definitions from a handful of the most prestigious security
companies in the world. These fill a void until Clam catches up. As well
there are more and more to add for pop mail and web based mail scanning.
Now I am not engaging any can of worms here. I indeed appreciate your
comments. I absolutely do not agree with them but will say in reality I
lean towards it is currently a blue moon chance of getting infected on
Linux. There is now spyware for Linux.
Because of your entire views stated but particular where you stated ....
<<<"...there is little conviction in them or their argument....>>>
I may say off the bat you are very very very uninformed in Linux
security. And that's okay. And that's not okay if you are someone who
knows better and wish to spread help and awareness - meaning you try and
keep users informed. It's not okay when a friend gets preyed upon by
malware cyber criminals. You try and help. Knowledge in security
computing no matter what system is a starting place.
I am walking through this once because I know you are probably adamant
in your position but I feel compelled as a fellow user to offer another
view. Of course it is up to you to freely make up your mind as to what
is real or a convenient truth.
Let me just through this and that towards you as I assume you are not
aware - and because you feel there is no substance to any reality of
Linux malware being any threat....
Let's start with you mentioned QUOTEd <<<AV software in Linux is a
redundancy>>> and that BitDefender for Linux is better. Go to
BitDefender Linux and sure enough it says on the front page...
QUOTEd http://www.bitdefender.com/business/antivirus-for-unices.html
"Linux is no longer immune to security threats .....
Linux operating systems have been considered less vulnerable than
Windows systems for many years but the myth that they are immune to
virus attack is completely false.
The Linux platforms early low instance of attacks was primarily due to
the lack of root access required for malware to infiltrate the system,
the Linux communities ability to quickly patch vulnerabilities, and the
low adoption rate of Linux in the corporate network. This made Linux a
lower priority target for the writers of malware. However, that priority
is changing quickly as the platforms popularity across sectors
increases......" UNQUOTED
Sophos and Eset for Linux have both won the VB100 Award for Linux
antimalware. Do you understand what that means ? It means there is many
malwares that will infect Linux that have been thrown at these company
products in lab testing of the product ability to defend and protect.
BOTH of those got 100 percent protection in the tests with the legal
right to display the VB100 logo on their products which is the most
prestigious award available to antivirus companies.
These are NOT proof of concept malwares. These are not simulated from
fantasy. These are actual real threats they get tested on as well as
facsimiles of various malwares. These products (above mentioned) have
Real Time Protection processes for Linux - NOT simply stand alone on
demand reactive scanning for threats on Linux. Preemptive heuristics for
both virus and spyware category threats with Linux.
So I must say to your statement and only in the friendliness of
discussion....
QUOTED <<< First point to make is that you do not need to have any AV in
Linux.>>>
NO the first point to make in real world as opinion and fact of
virtually the entire security and news industry is that we as users MUST
observe that a malware infection is quite possible and possibly probable
now. This is truth sworn and testified to by the above mentioned meaning
it is FACT not fiction FUD or Proof Of Concept.
For sake of discussion ONLY have I replied but simply to your main
comment about Linux security being "...not much conviction in their
argument..."
I propose no "argument" at all but to state to you as an assumed Linux
security dummy (friendly phrase) that indeed as FACT that Linux malware
and the probability of infection exists and is indeed inevitable. Case
in point for a Linux security dummy is "How do you know your Linux
system and files are not infected right now by Linux spyware ?"
The most basic introduction to FACT not argument is right here....
Linux malware
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/List_of_Linux_computer_viruses
CLIP:
"The number of malicious programs --- including viruses, Trojans, and
other threats --- specifically written for Linux has been on the
increase in recent years and more than doubled during 2005 from 422 to 863"
Some may laugh because Windows viruses have passed one million not to
long ago and spyware catagory threats are double that now or in other
words there is a 3 Million chance on Windows as opposed to less than a
1,000 chances on Linux of getting infected by malware. Who is safer ?
Nooooo question - Linux obviously. And that is said with the idea that
it is assumed the User understands the neccessity to continually perform
computer maintanance which includes malware scanning either hourly,
daily, weekly, or monthly.
I recommend you join the Ubuntu security mail by Canonical. Surely you
do not believe Ubuntu and Canonical are just making arguements rather
than facts about Linux security ! ! ! Then they would be wasting
millions and millions of dollars over the years for all the Security
Updates/Patches/Fix issued by them for Ubuntu Linux, right ?
IN THE NEWS.... http://www.linuxsecurity.com/
Linux Advisory Watch: October 28th, 2011
Source: IT Pro Portal - Posted by Dave Wreski
Hacks/Cracks
Recently, ESET and Sophos security researchers found out that hackers
are trying to transfer an old backdoor Trojan from Linux to the latest
Apple Mac OS X platform. By doing this the hackers are trying to expand
their reach of PCs which they will be able to use for botnets.
Do you see that ? Two things ? Number one "LinuxSecurity.Com and 'Linux
Advisory Watch" - these are Professionals in the Security field who
know everything a Linux computer security dummy does not. Agreed ? Linux
security and malware are not a popularity contest as to who makes the
best argument. They report facts and inferred opinion. They exhibit
samples - real factual samples - not best arguable suppositions and
surmisings of making best guesses about Linux malware to be one's
belief and Linux security status and then as it's stated view to be
considered real world facts.
Secondly above did you see it ? QUOTE "...old backdoor Trojan from
Linux...." Do you see it ? OLD Linux malware (and very dangerous,
backdoor trojans are). This is FACT. It is not there reality that they
are trying to make some believable ARGUEMENT (as you say) of some
fantasy or proof of concept malware threat to Linux - BUT a for real one
from days and days ago as very very very well known to Professionals and
Experts in Linux Security.
Hopefully this reply post is received as intended as nothing personal or
defamatory or anything BUT to make discussion of a very intense and
lengthy subject affecting all computer users. Possibly others are
reading these as interesting and may even add.
I will not engage anything else to the contrary as I stated I have been
in computing security and have seen your EXACT type view on both Windows
and Linux for several years as well as many many many others including
the entire security software industry, caring and concerned
professionals in security news, and the USA Government with their
agencies and publications to the public to engage them in awareness and
learning about the grave threat by cyber criminals through their
malwares that can not only destroy computers but peoples lives as well
financially. We most times it seems do not get through to assumed
ostriches that refuse to admit the threat is real no matter what OS
(operating system) you operate.
NEWS
New Mac Trojan Proves There's No Such Thing as a Malware-Proof Platform
eWeek
*It's time to accept the fact that any operating system can be attacked
by malware.* We've been hearing the stories for years about how Apple's
Macintosh is immune to malware. For years I've heard the smug claims
from Mac owners about how it's too bad ...
http://www.eweek.com/c/a/Security/New-Mac-Trojan-Proves-Theres-No-Such-Thing-as-a-Malware-Proof-Platform-180787/
That should be the new dialogue for Users with your view and opinion....
"It's time to accept the fact that any operating system can be attacked
by malware."
It is EVERYBODY else's ! Including mine.
That is only one article from one day among thousands on every day
yearly year in and year out. NOT meant as any substance to making a
"better argument" than yours that " there is little conviction in them
or their argument." as you stated.
I SINCERELY HOPE I personally have offered any Linux security knowledge
or beginnings to you and that as webmaster of the BlueCollarPC.US with
over 6 million users since 2005 as WE always say "Have a Safe Computing
Day" ! !
I would be happy to discuss actual Linux security with anyone but NOT
whether it exists or not. Fruitless and
I hope as well I made that absolutely clear. For any posting that - well
I have said enough that has addressed that already and anyone in the
know could write you a library of information.
TIP: Talking about virtualization, I have done a forensics in the R2
Windows 2008 Server patch area on Vista ...
https://bluecollarpcwebs.wordpress.com/2010/01/07/new-amatuer-forensics-build-in-progress-nimrod-botnet/
Your dummy speech is not at all fool proof but far from it to today's
sophisticated cyber criminals. Piece of cake. Virtualization is NOT a
defense. Fatal error.
gerald philly pa usa
http://bluecollarpc.us/
On 10/28/2011 08:16 AM, Roy wrote:
> You are right about klam. First point to make is that you do not need to
> have any AV in Linux. The only reason to do so is to protect Windows
> contacts. There are no Linux viruses in the wild and it is dubious that it
> can harm your computer through Wine, which lacks many of the things that
> viruses exploit such as Active X and it does not have the same structure in
> the dummy c drive and you can copy your dummy c drive and just delete any
> infected drive. AV software in Linux is a redundancy, IMO. You will get
> people saying otherwise, but there is little conviction in them or their
> argument.
> ----------------------------------CLIPPED---------------->
[Non-text portions of this message have been removed]
------------------------------------
To unsubscribe from this list, please email
[email protected] & you will be removed.Yahoo! Groups
Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/LINUX_Newbies/
<*> Your email settings:
Individual Email | Traditional
<*> To change settings online go to:
http://groups.yahoo.com/group/LINUX_Newbies/join
(Yahoo! ID required)
<*> To change settings via email:
[email protected]
[email protected]
<*> To unsubscribe from this group, send an email to:
[email protected]
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
