Jump to content

Malware for the Linux desktop. Yes, really.

Ashley MLP Fangirl

anybody got a probably excessive antivirus for linux?

it is worth noting that if you download something not from your package manager which can be hacked or from apt-get or snap which can be hacked you have to mess with the properties of the file to run it.

I live in misery USA. my timezone is central daylight time which is either UTC -5 or -4 because the government hates everyone.

into trains? here's the model railroad thread!

Link to comment
Share on other sites

Link to post
Share on other sites

7 hours ago, Sauron said:

Well, what would you like us to say about that? Some people are just ignorant, unfortunately there isn't much we can do about it and I don't see anyone here making that argument. For all the problems the Linux community has I'd say people trusting their system too much is a pretty minor one. It's not like people don't have bad security habits on Windows or MacOS.

Nothing else needs to be said, you've clarified your position and I have accepted it.   The only issue left in this thread is the people telling me my experience with Linux community is not real and I have to prove repositories aren't intrinsically safe.   I Imagine if i said my experience of the Microsoft support forums was abysmal and I never managed to solve a single problem posting there that no one would ask me to prove that was my experience.  

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites

Link to post
Share on other sites

6 minutes ago, mr moose said:

I Imagine if i said my experience of the Microsoft support forums was abysmal and I never managed to solve a single problem posting there that no one would ask me to prove that was my experience.

@GoodBytes might :P

Don't ask to ask, just ask... please 🤨

sudo chmod -R 000 /*

Link to comment
Share on other sites

Link to post
Share on other sites

14 hours ago, mr moose said:

I am not putting words in anyone's mouth, I am just pointing out something that people obviously don't like hearing.

 

What do you want me to prove, that malware can be uploaded to an official repository?

here you are:

 

https://www.bleepingcomputer.com/news/security/malware-found-in-arch-linux-aur-package-repository/

https://www.zdnet.com/article/how-much-more-malware-is-lurking-in-linux-official-repositories/

 

 

I really didn't think people needed proof to understand the concept that nothing is intrinsically secure. 

 

Why decontextualise our discussion again? I don't think anyone said it's impossible. There are checks and safeguards set in place precisely because of what you copy-pasted from 2010. We're well into H2 2019, and I think we've done quite a fair job, especially compared to other OSes' equivalent of the Linux distro.

 

Lastly, AUR frankly isn't the Arch repo. Gentoo has had issues with malware years ago, but as far as I know, I haven't heard of such incidents regarding the official Arch repo. As for Debian and Ubuntu, I haven't recalled any incidents in recent years regarding official repos. In contrast, Google, Apple, Microsoft have struggled to maintain such track records.

Context is pretty important. If you're just out here to feel good about being a contrarian, I think you're missing the context.

Link to comment
Share on other sites

Link to post
Share on other sites

Linux has been getting targeted more and more for a good while now. I mean a huge percentage of servers out there are linux which means they contain valuable data.

 

Maybe tools targeting consumer linux distros are more rare, but that is because the other tools for linux servers works on them.

Link to comment
Share on other sites

Link to post
Share on other sites

12 minutes ago, AngryBeaver said:

Maybe tools targeting consumer linux distros are more rare, but that is because the other tools for linux servers works on them.

Also because the Linux marketshare on PCs is (deservedly) small.

Come Bloody Angel

Break off your chains

And look what I've found in the dirt.

 

Pale battered body

Seems she was struggling

Something is wrong with this world.

 

Fierce Bloody Angel

The blood is on your hands

Why did you come to this world?

 

Everybody turns to dust.

 

Everybody turns to dust.

 

The blood is on your hands.

 

The blood is on your hands!

 

Pyo.

Link to comment
Share on other sites

Link to post
Share on other sites

6 minutes ago, Twilight said:

why deservedly? 

Linux is not a good consumer OS.

 

 

 

Unless you’re a hipster.

Come Bloody Angel

Break off your chains

And look what I've found in the dirt.

 

Pale battered body

Seems she was struggling

Something is wrong with this world.

 

Fierce Bloody Angel

The blood is on your hands

Why did you come to this world?

 

Everybody turns to dust.

 

Everybody turns to dust.

 

The blood is on your hands.

 

The blood is on your hands!

 

Pyo.

Link to comment
Share on other sites

Link to post
Share on other sites

Just now, Twilight said:

why

The OS family is no where near as user friendly as TrueOS, OSX, or Windows. Nor is it as polished.

 

The best distro on those fronts is Ubuntu, and it lags behind.

Come Bloody Angel

Break off your chains

And look what I've found in the dirt.

 

Pale battered body

Seems she was struggling

Something is wrong with this world.

 

Fierce Bloody Angel

The blood is on your hands

Why did you come to this world?

 

Everybody turns to dust.

 

Everybody turns to dust.

 

The blood is on your hands.

 

The blood is on your hands!

 

Pyo.

Link to comment
Share on other sites

Link to post
Share on other sites

1 hour ago, Tenelia said:

Why decontextualise our discussion again? I don't think anyone said it's impossible. There are checks and safeguards set in place precisely because of what you copy-pasted from 2010. We're well into H2 2019, and I think we've done quite a fair job, especially compared to other OSes' equivalent of the Linux distro.

 

Lastly, AUR frankly isn't the Arch repo. Gentoo has had issues with malware years ago, but as far as I know, I haven't heard of such incidents regarding the official Arch repo. As for Debian and Ubuntu, I haven't recalled any incidents in recent years regarding official repos. In contrast, Google, Apple, Microsoft have struggled to maintain such track records.

Context is pretty important. If you're just out here to feel good about being a contrarian, I think you're missing the context.

I think I have been over this sufficiently enough that I have already addressed all of that.

Grammar and spelling is not indicative of intelligence/knowledge.  Not having the same opinion does not always mean lack of understanding.  

Link to comment
Share on other sites

Link to post
Share on other sites

8 hours ago, Twilight said:

why deservedly? 

Don't feed the troll.

Drak3 has absolutely no idea what he is talking about most of the time and I have had countless arguments with him, none of which leads anywhere. Examples of this is the time he was adamant that OS X was based on Debian. In the same thread he argued that Kali was a more locked down operating system than Windows 10 and therefore people did not experience as many issues with it.

 

Same goes for mr moose when it comes to GNU/Linux really. Complete and utter ignorance, wide and inaccurate generalizations, arguing in bad faith and strawmanning like crazy. I think a lot of people in this thread have left that already.

It's basically impossible to have a conversation with either of these two people regarding GNU/Linux.

Link to comment
Share on other sites

Link to post
Share on other sites

8 hours ago, Twilight said:

in what way?

Ignore him, anyone who mentions TrueOS and the word "polished" in the same sentence is a low effort troll.

Don't ask to ask, just ask... please 🤨

sudo chmod -R 000 /*

Link to comment
Share on other sites

Link to post
Share on other sites

17 minutes ago, LAwLz said:

Way to frame an argument way out of context.

 

8 hours ago, Twilight said:

in what way?

Reliance on CLI when problems occur.

Compatibility and/or stability issues with hardware that isn't all that old, like Wifi cards.

Come Bloody Angel

Break off your chains

And look what I've found in the dirt.

 

Pale battered body

Seems she was struggling

Something is wrong with this world.

 

Fierce Bloody Angel

The blood is on your hands

Why did you come to this world?

 

Everybody turns to dust.

 

Everybody turns to dust.

 

The blood is on your hands.

 

The blood is on your hands!

 

Pyo.

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, Drak3 said:

Reliance on CLI when problems occur.

cough powershell cmd cough

 

1 minute ago, Drak3 said:

Compatibility and/or stability issues with hardware that isn't all that old, like Wifi cards.

for wifi only broadcom in my experience, and installing the correct driver for it fixes it. 

She/Her

Link to comment
Share on other sites

Link to post
Share on other sites

On 7/28/2019 at 11:50 AM, mr moose said:

1. It's what I hear, even in this thread. It's my observation and I am not about to pretend I can't see it.

No that's not what you have heard.

That's what you want to have heard so that you have something to attack. Someone said that this is not a big risk, which it isn't because it has never been discovered in the wild, and then gave a recommendation for how to be a bit extra safe, as in reduce the risk of being infected. You read and then started spewing a bunch of bollocks about how the GNU/Linux community treats their OS as an impenetrable and flawless system, then went on a soap boxed and started talking about how bad all GNU/Linux users are.

 

The problem here is that your reading comprehension skills are, quite frankly, horrible. This is not the first time I have told you this (for example here, and here), and I genuinely believe it.

 

 

On 7/28/2019 at 11:50 AM, mr moose said:

2. Linux is no more secure than any other OS in that if someone wants to create malware for it or break into it they will.  To think otherwise is just naive.

It's not naive to think that. Security is not binary where something is either secure or not at all. It's a spectrum where some things are more secure than other things. There are also quite a few ways to measure security.

If we were to make some generalization of the term "secure OS" then I think it's quite easy to argue that GNU/Linux is more secure than Windows.

 

For example, far more user input is required to make something run with elevated privileges in GNU/Linux compared to Windows. That alone greatly reduces the risk of someone accidentally running something malicious. Even if someone were to run something malicious, like the malware in this thread, the steps to removing it are usually far more clean than on Windows.

 

Wanna know what is naive? To think that no OS is more or less secure than any other one just because all of them has their share of security issues.

 

 

On 7/28/2019 at 11:50 AM, mr moose said:

3. whatever,  the issue is pretending Linux is more secure because there is currently less malware is as silly as pretending MAC's don't get viruses.

Can you please explain why you feel like someone saying GNU/Linux is more secure than Windows is merely "pretending"? What criteria do you use to measure how secure an OS is where Windows and GNU/Linux both gets an equal score?

And I'd say that in general, Macs do not get viruses. They can, but the risk is very low.

I think saying that you don't have to worry about viruses on MacOS is about as accurate as saying you shouldn't be afraid to sleep in a bed, even though apparently 5 people in 2015 died from falling out of their beds. It happens for sure, and there are real risks, but the risks are so small it's not worth worrying about in everyday life.

 

 

 

15 minutes ago, Drak3 said:

Way to frame an argument way out of context.

I linked the thread so that people can go and look for the full context if they so desire. I don't think people will come to a different conclusion though.

By the way, I just realized you never answered my questions I asked in that thread.

Link to comment
Share on other sites

Link to post
Share on other sites

5 minutes ago, Twilight said:

cough powershell cmd cough

Neither of which are necessary for 99% of the issues on Windows.

 

8 minutes ago, Twilight said:

for wifi only broadcom in my experience, and installing the correct driver for it fixes it. 

From my experience, it's anything the same age as Broadwell outside a select couple of Intel cards.

Come Bloody Angel

Break off your chains

And look what I've found in the dirt.

 

Pale battered body

Seems she was struggling

Something is wrong with this world.

 

Fierce Bloody Angel

The blood is on your hands

Why did you come to this world?

 

Everybody turns to dust.

 

Everybody turns to dust.

 

The blood is on your hands.

 

The blood is on your hands!

 

Pyo.

Link to comment
Share on other sites

Link to post
Share on other sites

21 minutes ago, Drak3 said:

Way to frame an argument way out of context.

5 minutes ago, Drak3 said:

Neither of which are necessary for 99% of the issues on Windows. 

 

Got any examples?

I usually find that when you have an issue on a distro like Ubuntu or Mint, people on forums or other support tools tend to recommend solutions which relies on CLI even though there are GUI ways of solving the problems.

 

I have talked about that before, for example here:

 

Quote
Quote

Thank you for this post.... It PERFECTLY demonstrates EVERYTHING wrong with linux and why it will NEVER be viable for the average user.

  • EVERY "help post"/"tutorial" on linux starts the same way, open a terminal..... 

 

I believe the reason why people often recommend the CLI ways of doing things is because it is much more efficient and less risk of someone screwing up. 

If someone wants to do X, and there is a CLI and a GUI way of accomplishing it I will often recommend the CLI way. Why? 

Because if I explain the CLI way I just have to say "copy and paste this command into the terminal .........".

If I explain it the GUI way I have to explain which program to start, then which menu option to pick, describe how the options window should look like to then explain which buttons to press, and where to type in things. Not to mention that in a version or two, the menus might look different and the guide I wrote might be completely useless.

 

Describing how to do something with a GUI:
1) Takes a much longer time to describe. You need to look up where everything is, think of words to describe the look of some buttons and their position, etc.

2) Takes a much longer time for the user to do, since they have to read, look, read, look, click, read, look, and so on.

3) Has a dramatically higher risk of the user clicking the wrong button, thus screwing something up.

4) The guide has a very high chance of getting outdated and misleading in the near future if an update to the program changes the look of something. Let's say you need to click 10 buttons to do something which can be done with 1 line of code. If any of those 10 buttons changes in an update, the guide will be really misleading and may result in people changing the wrong things.

 

Compare that to descibing how to do something in the CLI. It's just:

1) Write this.

2) You're done

 

 

And just because someone suggests using the terminal does not mean it is the only way of doing things.

 

 

 

 

 

 

5 minutes ago, Drak3 said:

From my experience, it's anything the same age as Broadwell outside a select couple of Intel cards. 

Got any examples?

You might have had issues, but you can't make broad generalizations about comparability just based on your experience. Why? Because your experience is insignificant. Even if you got a ton of hardware lying around, let's say 10 or even 15 different wireless cards, that's still a very small portion of all the ones that actually exists. It might be that 90% of all cards works flawlessly, but the handful of ones you have tried falls into the 10% category.

The same can be said for people with the opposite experience mind you.

 

So your personal experience sadly means next to nothing. If you want to make claims and be taken seriously then you need far more facts and statistics than just "it didn't work for me so therefore it sucks", or "it worked for me therefore it's great".

Link to comment
Share on other sites

Link to post
Share on other sites

1 minute ago, Twilight said:

cough powershell cmd cough

 

for wifi only broadcom in my experience, and installing the correct driver for it fixes it. 

Also try running a modern nvidia card on MacOS ? or really any hardware that wasn't explicitly certified. But nope, that's a PoLiShEd system so it's fine.

 

He doesn't actually have an argument, he's just spouting random words that sound like gotchas like "compatibility" and "polish" while placing systems that are equally bad or worse in these regards on a pedestal. We don't even have to dig up freaking TrueOS to call out the bullshit, I'm sure @DrMacintosh and @RedRound2 (or yourself) would be more than happy to tell us why Windows is everything BUT polished.

 

I also think there's a huge underlying hypocrisy in building your own computer and engaging with a community that mainly does tech troubleshooting and then whining about having to run one or two CLI commands every once in a while for system maintenance. I don't care if you like the system or not but I hate when people use the potential stupidity of a hypothetical end user as a point against it - just because something isn't for absolutely everyone that doesn't mean it's bad. Especially when it's the same people that when questioned about Windows malware will just dismiss it with a "hurr durr just don't be stupid".

3 minutes ago, LAwLz said:

I linked the thread so that people can go and look for the full context if they so desire. I don't think people will come to a different conclusion though.

To be absolutely fair that post reads more to me as though he's saying that the core of MacOS is open source, not that it's based on Debian. It's still a stupid point because just dumping the source somewhere and inviting community contribution are quite different, but hey.

Don't ask to ask, just ask... please 🤨

sudo chmod -R 000 /*

Link to comment
Share on other sites

Link to post
Share on other sites

I had personally stopped installing antivirus solutions on my Linux machines, however that is only due to the fact that I had switched to simply narrowing the possible entrances, such as going on a stricter blocking scheme in my browsers, such as enabling malware filters in uBlock Origin, disabling 3rd party cookies (and wiping all cookies on browser close), etc.

Plus, I use Solus, so our package repos are heavily curated, and when I do install something from the outside, I generally compile it on my own from the source code (which can be verified).

 

However there is AVG for Linux (CLI only), and ESET maintains a Linux variant (an old version at that) of their NOD32 antivirus.

 

I wish we would not have any need whatsoever for antiviruses, however unless you actively prevent access for malware, and is actually diligent about it, that wont be a reality, especially for servers, which are the main focus of malware.

Link to comment
Share on other sites

Link to post
Share on other sites

20 minutes ago, Drak3 said:

Neither of which are necessary for 99% of the issues on Windows.

yeah because most issues on Windows are fixed with a reinstall. that's convenient. 

She/Her

Link to comment
Share on other sites

Link to post
Share on other sites

6 minutes ago, Sauron said:

To be absolutely fair that post reads more to me as though he's saying that the core of MacOS is open source, not that it's based on Debian. It's still a stupid point because just dumping the source somewhere and inviting community contribution are quite different, but hey. 

Maybe, but I am not entirely convinced because of really inaccurate claims made before, such as this:

On 11/7/2016 at 5:02 AM, Drak3 said:

Kali Linux also has incompatibilities with Debian and Debian based distros, that are meant to keep Kali Linux secure and harder to reverse engineer. 

And he said other widely inaccurate stuff in that thread too. Like how Kali is more locked down than Windows, and how Kali isn't open source.

Link to comment
Share on other sites

Link to post
Share on other sites

31 minutes ago, Twilight said:

yeah because most issues on Windows are fixed with a reinstall. that's convenient. 

Not really. And most issues on Windows are easily avoidable, or directly due to bad drivers.

Come Bloody Angel

Break off your chains

And look what I've found in the dirt.

 

Pale battered body

Seems she was struggling

Something is wrong with this world.

 

Fierce Bloody Angel

The blood is on your hands

Why did you come to this world?

 

Everybody turns to dust.

 

Everybody turns to dust.

 

The blood is on your hands.

 

The blood is on your hands!

 

Pyo.

Link to comment
Share on other sites

Link to post
Share on other sites

9 minutes ago, Drak3 said:

Not really. And most issues on Windows are easily avoidable, or directly due to bad drivers.

most issues i have is with Windows update and gpu drivers. how are those avoidable? 

 

Windows update is simply not avoidable, and the gpu driver issue also sucks because i can't revert to an open source driver. 

She/Her

Link to comment
Share on other sites

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×