this post was submitted on 19 Nov 2023
700 points (90.6% liked)

linuxmemes

21210 readers
50 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.

  • Please report posts and comments that break these rules!

    founded 1 year ago
    MODERATORS
     
    top 50 comments
    sorted by: hot top controversial new old
    [–] Honytawk@lemmy.zip 130 points 11 months ago (4 children)

    https://en.wikipedia.org/wiki/Linux_malware

    I fucking hate the mentality that Linux is somehow completely safe.

    Just because it isn't attacked as much because of the low adoption rate among users, doesn't mean it has no vulnerabilities.

    [–] Clbull@lemmy.world 43 points 11 months ago* (last edited 11 months ago) (1 children)

    With SteamOS and ChromeOS now having millions of users, Linux attacks will become more commonplace.

    IIRC ChromeOS is either built on or can be configured to run applications like a Linux distro?

    [–] Honytawk@lemmy.zip 20 points 11 months ago

    Yes, so Linux better be ready, because those attacks will increase.

    And sentiments like the one from OP don't help one bit.

    [–] Ooops@kbin.social 31 points 11 months ago (3 children)

    Malware for desktop users is the low hanging fruit with little rewards. You just hear about it because it's so rediculous easy.

    The real money is on servers, so that's were real money/work is invested to develop malware for much higher gains. How successful are they again?

    [–] Gork@lemm.ee 14 points 11 months ago* (last edited 11 months ago)

    I think you're right. A single desktop, unless it is either someone in a position of power or access to trade secret files, is not a time effective attack vector.

    A server on the other hand can access all of that stuff across an entire organization.

    load more comments (2 replies)
    [–] jol@discuss.tchncs.de 12 points 11 months ago

    Not just that but whenever you hear that company xyz was hacked and their data leaked, what do you think was powering their servers? Most likely Linux. Sure, they usually have more things exposed to the internet, but users install way more apps so the attack surface is vastly bigger in home computers running Linux than servers.

    load more comments (1 replies)
    [–] TootSweet@lemmy.world 110 points 11 months ago (3 children)

    Wine appears in the output of ps aux.

    Nervous not-an-emulator noises.

    load more comments (3 replies)
    [–] netchami@sh.itjust.works 67 points 11 months ago (2 children)

    Pro tip: Infect your Windows friends with malware, then get them to switch to Linux

    /s

    [–] Feirdro@lemmy.world 43 points 11 months ago

    #unethicallinuxevangelismtips

    load more comments (1 replies)
    [–] ShunkW@lemmy.world 55 points 11 months ago (10 children)

    Lol as if Linux is free of malware.

    [–] squaresinger@feddit.de 61 points 11 months ago (6 children)

    It was, 25 years ago. Same as Windows' security was absent at that time.

    But people never update their prejudices, so all the jokes are from the last millenium.

    If you want an OS that is really malware-free, you need to run temple os.

    [–] ivanafterall@kbin.social 34 points 11 months ago (1 children)

    If you want an OS that is really malware-free, you need to run temple os.

    Can't get malware if the OS is the malware. jk. RIP you crazy genius SOB.

    [–] Godort@lemm.ee 25 points 11 months ago (1 children)

    It's also pretty hard to get malware without network capabilities

    [–] squaresinger@feddit.de 19 points 11 months ago

    I never said that Temple OS is usable ;)

    [–] averagedrunk@lemmy.ml 12 points 11 months ago

    God wouldn't let you get malware on his chosen OS.

    load more comments (4 replies)
    [–] backhdlp@lemmy.blahaj.zone 13 points 11 months ago

    It isn't, but you're unlikely to encounter Linux specific malware.

    load more comments (8 replies)
    [–] grandkaiser@lemmy.world 51 points 11 months ago (2 children)

    Security through obscurity is not security

    [–] SrTobi@feddit.de 25 points 11 months ago

    That's why I use NixOS. Double the obscurity, double the security!

    [–] SmoothIsFast@citizensgaming.com 24 points 11 months ago

    Say that too loudly, and you might upset the apple crowd lol

    [–] 0x4E4F@infosec.pub 34 points 11 months ago* (last edited 11 months ago) (4 children)

    True story, Linux sees MIME types, so if Hot.Chick.Blows.Brother.mp4 is a virus, it shows up with a Windows (MZ) binary icon, not a media icon 😉... unlike Windows which only recognizes extensions 😒.

    [–] superduperenigma@lemmy.world 48 points 11 months ago* (last edited 11 months ago) (4 children)

    Microsoft, in their infinite wisdom, also decided that file extensions should be hidden by default. So you won't even see that you downloaded TaylorSwift_1989_TaylorsVersion.exe instead of TaylorSwift_1989_TaylorsVersion.mp3 unless you changed that setting ahead of time.

    [–] otp@sh.itjust.works 23 points 11 months ago

    Or worse, Numb_LinkinPark.mp3.exe just shows up as Numb_LinkinPark.mp3, making it look like it's DEFINITELY a legit MP3!

    [–] Sidhean@lemmy.world 19 points 11 months ago (1 children)

    Wait.. Real?? I guess its always been a part of the first round of changes I've always made to Windows. Crazy how much I've normalized fighting the software I use.

    Anyway, that's wild. What a just bad and unsafe decision.

    [–] 0x4E4F@infosec.pub 9 points 11 months ago

    See, this is mostly because of 2 things. One, when changing filenames, users make the stupid mistake of changing the extension as well (having no extension that is), which of course, in Windows, it means the file won't be recognized as a media file. Two, blind you from the truth - you don't want users that can think, that's not what our bysiness is about 😏. Also the reason behind why Windows has less and less options and people that want to change something have to revert to registery hacks to do so.

    [–] fushuan@lemm.ee 15 points 11 months ago

    It's even worse, since exe files can have custom icons, the malware will have a mp3 player icon in their exe file, making it totes confusing.

    load more comments (1 replies)
    [–] RidcullyTheBrown@lemmy.world 15 points 11 months ago (1 children)

    That's not a Linux thing. It's just whatever desktop shell you chose to use and various shells behave in various ways. The reason this might be safer in most Linux distros is that you're discouraged from executing things under a privileged user which means that malware can't make significant changest to your system easily. If you do the same in windows, you'd be just as safe.

    load more comments (1 replies)
    load more comments (2 replies)
    [–] ShinyRanger@iusearchlinux.fyi 31 points 11 months ago (1 children)

    You guys are quick to forget that Wine (Wine Is Not an Emulator) is, in fact, not an emulator. Most windows ransomware will successfully encrypt your files if ran with wine.

    [–] RoyaltyInTraining@lemmy.world 10 points 11 months ago (1 children)

    That is why I always try to avoid installing Wine natively

    load more comments (1 replies)
    [–] Gork@lemm.ee 30 points 11 months ago (4 children)

    If you're feeling even more paranoid, go with something even more obscure like Plan 9 from Bell Labs. It's Unix-like but differs so much from it that a Unix or Linux type malware would do nothing to it.

    [–] Laser@feddit.de 14 points 11 months ago (3 children)

    I always want to try Plan 9 or one of its successors but actually never do. So many interesting concepts but nothing really to apply them to.

    load more comments (3 replies)
    load more comments (3 replies)
    [–] rockrelishpiealamode@lemmy.ml 22 points 11 months ago (1 children)

    but then the little Wine window appears

    [–] Stephen304@lemmy.ml 14 points 11 months ago

    the wine prefix is being updated, please wait...

    [–] recapitated@lemmy.world 20 points 11 months ago (1 children)

    False sense of security. You accidentally downloaded a virus that doesn't work on your system... What kind of habits and hygiene are you rolling with on a day to day basis?

    load more comments (1 replies)
    [–] nyakojiru@lemmy.dbzer0.com 15 points 11 months ago (4 children)

    If you use Linux because of this you are just a kid following the hype

    load more comments (4 replies)
    [–] bjoern_tantau@swg-empire.de 14 points 11 months ago (1 children)

    Downloading a virus has as much effect on Windows as it does on Linux and any other operating system: None.

    Unless it exploits a security vulnerability with something that automatically touches the file. Like a virus scanner.

    load more comments (1 replies)
    [–] iamtherealwalrus@lemmy.world 13 points 11 months ago

    Next you're going to say https://www.cisecurity.org/benchmark/red_hat_linux exists for fearmongering.

    [–] EmperorHenry@discuss.tchncs.de 13 points 11 months ago

    WINE

    Also...Get a whitelisting antivirus on windows.

    [–] lemmesay@discuss.tchncs.de 9 points 11 months ago (1 children)

    so, I had a pendrive that a friend borrowed once. later on another friend used it and said it had virus. I simply couldn't know since I was on GNU/Linux.

    though later on I cleaned it with dd.

    load more comments (1 replies)
    load more comments
    view more: next ›