cross-platform virus
Florian Diesch
diesch at spamfence.net
Mon Apr 10 10:03:54 BST 2006
Eric Feliksik <milouny at gmx.net> wrote:
> Daniel Robitaille wrote:
>> On 4/8/06, Shawn McMahon <smcmahon at eiv.com> wrote:
>>> On Sat, Apr 08, 2006 at 10:57:37AM +0800, Senectus . said:
> This is because it's not difficult to make the user run the malware
> with root-priviledges; just make your malware replace an existing
You don't even need root privileges to convert a system in a bot for
distributing malware and spam or contributing to a DDoS attack.
> Yes, it feels insecure. Sudo seems only capable of preventing
> mistakes, but it does not prevent malware targetting this issue from
> compromising your system. So the claim is "you must take care". Well,
> we can claim this as long as ubuntu is only used by very few people,
> that are tech-savvy. As soon as gnome/ubuntu actually becomes "linux
> for grandma", the shit will hit the fan, I'm afraid.
Grandma don't want to do stupid things, she maybe just doesn't have the
knowledge. Therefore we have to tell her if she's doing something
potentially dangerous.
For example a common trick on windows since ILOVEYOU is to make the user
think he's just opening a file when he's actually executing a
program. On Ubuntu we have to take care that this can't happen.
Florian
--
Gib einem Hungrigen einen Fisch, und er ist für einen Tag satt. Zeig ihm, wie
man angelt, und er pöbelt Dich an, daß er besseres zu tun hätte, als Schnüre
ins Wasser hängen zu lassen. [David Kastrup in <x566arnpqc.fsf at tupik.goethe.zz>]
More information about the sounder
mailing list