Discussion:
trojans on linux?
Robin Paulson
2011-05-06 03:16:58 UTC
Permalink
i saw this on slashdot a moment ago, and am curious about the effects.

http://www.net-security.org/malware_news.php?id=1714

it appears to be a cross-platform trojan, capable of infecting windows
and mac osx. as the article says, no mention of a linux version *yet*,
but i wonder how long it will be.

is this the start of something bad? or are there still fundamental
differences in linux distros which render it useless - i would guess
maybe not, osx being similar underneath?
--
robin

http://bumblepuppy.org/blog/?p=237 - government bill to remove basic
human rights in NZ

_______________________________________________
NZLUG mailing list ***@linux.net.nz
http://www.linux.net.nz/cgi-bin/mailman/listinfo/nzlug
Simon Bridge
2011-05-06 03:17:21 UTC
Permalink
http://en.wikipedia.org/wiki/Linux_malware#Cross-platform_viruses
... already been done.
Post by Robin Paulson
i saw this on slashdot a moment ago, and am curious about the effects.
http://www.net-security.org/malware_news.php?id=1714
it appears to be a cross-platform trojan, capable of infecting windows
and mac osx. as the article says, no mention of a linux version *yet*,
but i wonder how long it will be.
is this the start of something bad? or are there still fundamental
differences in linux distros which render it useless - i would guess
maybe not, osx being similar underneath?
_______________________________________________
NZLUG mailing list ***@linux.net.nz
http://www.linux.net.nz/cgi-bin/mailman/listinfo/nzlug
Daniel Pittman
2011-05-06 05:58:25 UTC
Permalink
Post by Robin Paulson
i saw this on slashdot a moment ago, and am curious about the effects.
http://www.net-security.org/malware_news.php?id=1714
it appears to be a cross-platform trojan, capable of infecting windows and
mac osx. as the article says, no mention of a linux version *yet*, but i
wonder how long it will be.
There are a whole pile of similar things for Linux today, but they
mostly target server-side things like PHP vulnerabilities. When they
get in the act pretty much exactly like the botnet clients do on
Win32, including spreading.
Post by Robin Paulson
is this the start of something bad? or are there still fundamental
differences in linux distros which render it useless - i would guess maybe
not, osx being similar underneath?
Heck, no: there is enough commonality between Linux distributions that
you could totally do useful things. It really is just disinterest
that gives any measure of protection. It *used* to be the case that
the OOTB Win32 system had substantially less protection than an OOTB
Linux, but that has eroded with the added security of Windows 7, and
the broader attack surfaces provided in the very standard GUI
environments on Linux.

Daniel

As an aside, most of the folks reading this list are *not* the folks
that those comments apply to: we select for people who care enough to
change things from defaults. The standard, insecure stuff is what you
get if you aren't one of us. :)
--
⎋ Puppet Labs Developer – http://puppetlabs.com
✉ Daniel Pittman <***@rimspace.net>
✆ Contact me via gtalk, email, or phone: +1 (503) 893-2285
♲ Made with 100 percent post-consumer electrons

_______________________________________________
NZLUG mailing list ***@linux.net.nz
http://www.linux.net.nz/cgi-bin/mailman/listinfo/nzlug
cr
2011-05-06 12:34:12 UTC
Permalink
(snip for bandwidth)
Post by Daniel Pittman
Post by Robin Paulson
is this the start of something bad? or are there still fundamental
differences in linux distros which render it useless - i would guess
maybe not, osx being similar underneath?
Heck, no: there is enough commonality between Linux distributions that
you could totally do useful things. It really is just disinterest
that gives any measure of protection. It *used* to be the case that
the OOTB Win32 system had substantially less protection than an OOTB
Linux, but that has eroded with the added security of Windows 7, and
the broader attack surfaces provided in the very standard GUI
environments on Linux.
Daniel
As an aside, most of the folks reading this list are *not* the folks
that those comments apply to: we select for people who care enough to
change things from defaults. The standard, insecure stuff is what you
get if you aren't one of us. :)
And then there's the Irish Computer Virus which works on *all* OS's.

['Hi. I'm the Irish Computer Virus. I work on the honour principle.
Please send a copy of me to everybody in your address book and delete all the
files on your hard drive. Thank you and have a nice day.']

cr

_______________________________________________
NZLUG mailing list ***@linux.net.nz
http://www.linux.net.nz/cgi-bin/mailman/listinfo/nzlug

Loading...