basic - continued
Knapp
magick.crow at gmail.com
Sat Feb 6 13:51:38 UTC 2010
>> Yes, but as pointed out in the link, you don't need it to get the
>> user's list of contacts or his bank account and even other uses like
>> zombies do not seed SU on a machine used by one users as most home
>> desktop machines are.
>
> That is true, but at least a rootkit can't be installed. Anyway, I suppose
> we'll need antivirus on Linux too, if regular users without the technical
> knowhow starts using it in large numbers.
>
> --
> Odd
True, but does it matter? I could see it mattering if you ran a system
with many users, like at a big firm but for most of us, user = super
user for 99% of what we do with the computer. I also don't think it
would be to heard to do as the article stated and link in a password
stealer between programs that the users expects to type a password
into.
This is how I hacked Western Washington University's mainframe
computer back in the early 80s. I got LOTS of user names and passwords
and all I could do was send them to the printer in the corner. I would
just go in and start MY sign in program on all the terminals and then
leave. Come back 2 hours later and get the names and passwords. My
program looked just like the password program and it dumped the user
into the real password program seamlessly. I just told the user that
they failed the password the first time.
--
Douglas E Knapp
Open Source Sci-Fi mmoRPG Game project.
http://sf-journey-creations.wikispot.org/Front_Page
http://code.google.com/p/perspectiveproject/
More information about the ubuntu-users
mailing list