Re: [ubuntu-uk] How to write a Linux virus in 5 easy steps?
> I hope it is /not/ MD5, which has been 'cracked' for a while now ;) > > http://www.mscs.dal.ca/~selinger/md5collision/ > > In principle however, your idea would work well in practice. It's even > quite possible to do today. > > I would like to see SELinux/AppArmour taken that little bit further > too. I still refuse to run anti-virus on Linux, I *don't* need it :) > > Matthew. Okay so maybe not MD5, but the theory :) AppArmor kept me up till 4am in a hotel in Switzerland during an emergency a few years ago before I knew it existed. For that reason I have a personal grudge :) However I definitely agree that more work on it (extending the app profiles, and possibly pushing to a 2 level, root +user with frontend) would be valuable! -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] How to write a Linux virus in 5 easy steps?
On Wed, Feb 11, 2009 at 10:10 AM, Michael Holloway wrote: > On Tue, 2009-02-10 at 22:14 +, alan c wrote: >> >> I trust it will not be long before I can feel just a little safer? >> comments welcomed. > > I think something like "distro level security" could be implemented, > where ubuntu (/rh/suse etc) maintain say an md5 list of all binaries > available from the repositories (or just the installed ones), and before > executing a file check if it exists in the hash file, and matches, and > then execute or warn. I hope it is /not/ MD5, which has been 'cracked' for a while now ;) http://www.mscs.dal.ca/~selinger/md5collision/ In principle however, your idea would work well in practice. It's even quite possible to do today. I would like to see SELinux/AppArmour taken that little bit further too. I still refuse to run anti-virus on Linux, I *don't* need it :) Matthew. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] How to write a Linux virus in 5 easy steps?
Chris Bagley wrote: > Fantastic little article. I guess we are never going to be able to > fully protect against stupidity but there definitely is room for bug > fixes in this case. Thunar seem to have got it right -- alan cocks Ubuntu user #10391 Linux user #360648 -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] How to write a Linux virus in 5 easy steps?
Michael Holloway wrote: > On Tue, 2009-02-10 at 22:14 +, alan c wrote: >> I trust it will not be long before I can feel just a little safer? >> comments welcomed. > > > Personally, I would say that this is a very long article stating that > social engineering is platform independent. Anybody can stick a bash > script/binary/.exe on their blog saying "convert all your music to > smaller files" or something. somewhere in the middle there is a wget and > a sudo (or whatever the platform), and a lot of people blindly type in > the password. Even if the source is available, 99% of people wont look. > Well said. The weakest link in "any" security system is the user. -- Life is too short. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] How to write a Linux virus in 5 easy steps?
Fantastic little article. I guess we are never going to be able to fully protect against stupidity but there definitely is room for bug fixes in this case. -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
Re: [ubuntu-uk] How to write a Linux virus in 5 easy steps?
On Tue, 2009-02-10 at 22:14 +, alan c wrote: > > I trust it will not be long before I can feel just a little safer? > comments welcomed. Personally, I would say that this is a very long article stating that social engineering is platform independent. Anybody can stick a bash script/binary/.exe on their blog saying "convert all your music to smaller files" or something. somewhere in the middle there is a wget and a sudo (or whatever the platform), and a lot of people blindly type in the password. Even if the source is available, 99% of people wont look. *nix by nature may be more "secure", and probably the majority of its users highly resilient to this sort of attack, but the most vulnerable point of any OS exists behind the keyboard. Essentially, its up to the OS/ distro to make the user aware (with annoying popups). I think something like "distro level security" could be implemented, where ubuntu (/rh/suse etc) maintain say an md5 list of all binaries available from the repositories (or just the installed ones), and before executing a file check if it exists in the hash file, and matches, and then execute or warn. For many users (who don't cross repo line much), this would be beneficial. For some, little more than annoying. This is assuming of course that no dodgy code makes its way into the repositories :) -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
[ubuntu-uk] How to write a Linux virus in 5 easy steps?
In the open and sharing spirit of FOSS I offer a heads up to a well written item which looks like it needs some actions in response. There may be some nice debate about a definition here or there, but the real world is in this article as far as I can see. I trust it will not be long before I can feel just a little safer? comments welcomed. I should say that if you have seen other items and comments about 'linux viruses' then what you read is probably still true, in a strict sense. However, I cannot fault the information given in this item, and it does seem that some action can be sensibly taken by both the gnome and kde teams. (and well done, the thunar project!!) Article: How to write a Linux virus in 5 easy steps http://www.geekzone.co.nz/foobar/6229 -- alan cocks Ubuntu user #10391 Linux user #360648 -- ubuntu-uk@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.com/UKTeam/
