flat assembler
Message board for the users of flat assembler.

Index > Heap > Linux and viruses, wouldn't they cra...

Author
Thread Post new topic Reply to topic
Coddy41



Joined: 18 Jan 2009
Posts: 384
Location: Ohio, USA
Coddy41
This may/may not be a n00b question but...

I just had a thought, I use Linux, and web sites would still put the virus on my PC hidden correct? wouldn't
they just continue to build up and slowly fill up my HDD but cannot attack my computer? because how would
Firefox know there is a virus on the site?

_________________
Want hosting for free for your asm project? You can PM me. (*.fasm4u.net)
Post 26 Jul 2009, 18:05
View user's profile Send private message Visit poster's website Reply with quote
asmcoder



Joined: 02 Jun 2008
Posts: 784
asmcoder
[content deleted]


Last edited by asmcoder on 14 Aug 2009, 14:48; edited 1 time in total
Post 26 Jul 2009, 18:10
View user's profile Send private message Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
How would they get on your system in the first place? While some may be able to reside in a Firefox directory, they would be unused or cleared eventually. They can't be saved in any system file. They can't be saved in your usr path without permissions. So it's a good question but I think the answer is they would never get there in the first place to accumulate.
Post 26 Jul 2009, 19:33
View user's profile Send private message Reply with quote
Coddy41



Joined: 18 Jan 2009
Posts: 384
Location: Ohio, USA
Coddy41
Do you think Wine would give places for viruses to sit? or due to its VERY limmited compatibility aimed to run sertain EXE's give the Virus a hard let down?
Post 26 Jul 2009, 20:54
View user's profile Send private message Visit poster's website Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
I can't answer that.
Post 26 Jul 2009, 21:23
View user's profile Send private message Reply with quote
ManOfSteel



Joined: 02 Feb 2005
Posts: 1154
ManOfSteel
Firefox knows nothing. It follows your commands like any other piece of code.

Most viruses in the wild are Windows viruses, and won't run at all under Linux for obvious reasons. But THERE ARE some non-Windows viruses (and rootkits and...) out there and they might easily take advantage of vulnerabilities in your software and in publicly available services. Unfortunately, many new Linux point-and-click distros come with many (most?) services enabled by default, which puts the user at high, yet unnecessary, risk.

Basically, viruses (or more probably spyware) could install themselves in your home directory -- the only read-write, permanent, directory for a non-root user (you don't work as root, do you?), in a well-patched/up-to-date and well-configured system -- and run at every startup using the usual methods provided by the DE. You should know what every file in there does, and recognize suspicious files and/or any changes to existing files that you (or one of your legit software) didn't make.

The easiest way to avoid getting infected online is to always browse with JS disabled and only enable it, when necessary, on highly trusted websites, and avoid those sites that can't work at all without JS, plugins/extensions, etc. (they are crap and need to be boycotted anyway).
Also, if you don't want remote access to your machine, just don't give it. And if you need it, just make sure only the "good" guys have it AND limit their access to the bare minimum.
Post 26 Jul 2009, 21:24
View user's profile Send private message Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
ManOfSteel wrote:

The easiest way to avoid getting infected online is to always browse with JS disabled and only enable it, when necessary, on highly trusted websites, and avoid those sites that can't work at all without JS, plugins/extensions, etc. (they are crap and need to be boycotted anyway).


Well, no. This is the modern web and the modern web is scripted. Having js off will become a worse idea as newer tech gets implemented and, in fact, is being implemented now. Although I am a big believer in not using js unless it is necessary, I'm not afraid to use it and would require its service of everyone visiting.

Especially with all the browsers now "sandboxing" everything, having javascript off is approaching "silly". Turn it on and leave it on.
Post 26 Jul 2009, 22:59
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8966
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
the most dangerous thing imo would be,
If a virus sneaks into ur linux, would u notice or aware??
Coz,in windows,those viruses made noticeable changes and sort of wanna tell da users,c, i owned ur machine.

But in linux, how would the users notice? And alert?
Post 27 Jul 2009, 04:45
View user's profile Send private message Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
The same thing would happen as on Windows but it's far more difficult to do that on *nix.
Post 27 Jul 2009, 05:43
View user's profile Send private message Reply with quote
ManOfSteel



Joined: 02 Feb 2005
Posts: 1154
ManOfSteel
@ drhowarddrfine

JS on most websites is used to display ads and animate things, from menus to silly scrolling banners, rollover buttons or whatever.
I hate all these effects and useless visual pollution. They screw my web experience up.
I don't want ads either and they wouldn't be displayed anyway since I also always browse with images off.
JS slows my web browsing significantly and I don't need anything slowing my already slow connection.

Virtually no website I visit has JS and when they do have it, it's nothing vital and I don't even notice its absence.

My favorite browser is Opera. And it has no sandbox mechanism. So I'll continue to disable JS for all the reasons I already mentioned.

Also, please take some page randomly, say from a Google search, view its source and see how many JS really enhance your browsing VS how many only annoy you and slow things down.

And yeah, modern is not always synonymous with good or nice or useful.


@ sleepsleep

You should know your system's guts, how to protect it and how to prevent attacks and infections. THAT is the key.

And no, nowadays only a few viruses tell the users. Those are the "original type" of viruses, the ones that were the most frequent in the 80/90ies, the "real" computer viruses that tried to mimic biological pathogens, the famous appending viruses that infected all types of files from .com, to .exe, to .dll, to .hlp, etc.
The greeting message is more or less the programmer bragging about his technical prowess and saying hi to his clan members or other people in the Scene. It's just an act of vandalism fueled by an ego problem, something like webpage defacement.

OTOH, most other malware in the wild (the majority) are silent because they are made by organized criminals and social engineers looking for financial data and corporate plans to sell to your competition, or personal data to use for identity theft, or simply drafts of your last book.
Post 27 Jul 2009, 09:53
View user's profile Send private message Reply with quote
Pirata Derek



Joined: 31 Oct 2008
Posts: 259
Location: Italy
Pirata Derek
A malware LKM (loadable kernel module) for linux could be the closest cousin of a windows Rootkit.
But to install a LKM and run it you have to set its configuration file.
To do all this operations you should run in Super-User.
("sudo su" command)
Post 27 Jul 2009, 10:13
View user's profile Send private message Send e-mail Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8966
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
i think maybe a new OS architecture must be deploy in order to have a stable system.

old time, memory is scarce, nowadays. we can easily get 1GB of memory with cheap price.

i mean, why not the OS separate 200MB or more for incoming tcp/ip request. or for any application that request memory.

let say, an application try to request 600MB, eg. to copy the CD to hard disk drive, of course, it is impossible for the hardware to copy them in a split of second, so, we gave it little by little, 50MB for each request.
after fill up, we check, and write it onto hard disk, then refill it again.

it seems to me, nowadays, our system unstable problem is coz by old architecture (during the time, memory is like gold). but time has changed, all modern system has more than 1GB, especially, pc system that on selling this year.

application and memory I/O request procedure should be as clear as HELLO WORLD!. no tricks, and almost 100% proof.
Post 27 Jul 2009, 11:46
View user's profile Send private message Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
ManOfSteel wrote:
@ drhowarddrfine

JS on most websites is used to display ads and animate things, from menus to silly scrolling banners, rollover buttons or whatever.
It's more flash than js but you're not wrong.
Quote:

Virtually no website I visit has JS and when they do have it, it's nothing vital and I don't even notice its absence.
Like I said, you'll notice it more and more in the coming years and not just for advertising and banners but, without it, functionality will be either crude, slow or non-existant.

Now, I'm not talking about someone's blog. I'm talking about, say, Amazon or a lot of the outlets where you might order things from. More and more technical sites that show audio/video demonstrations will use it. In HTML 5, the canvas tag requires it. Soon, you'll be hearing a lot about "web workers" which greatly speeds up js code.
Quote:

And yeah, modern is not always synonymous with good or nice or useful.
Despite the sham, drudgery & broken dreams, it's still a beautiful web.
Post 27 Jul 2009, 12:30
View user's profile Send private message Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
sleepsleep wrote:

i mean, why not the OS separate 200MB or more for incoming tcp/ip request. or for any application that request memory.
In a way, *nix does that. Applications only run in user space if the user has permission plus write permission and if that app goes wild it can only mess up the user and not system files or anyone elses. A smart user can even have different permissions for different applications so then the app could only mess up files associated with that app and no other files for the same user. It would be like you got a virus using IE but only IE would get hosed but not anything else.
Quote:

all modern system has more than 1GB, especially, pc system that on selling this year.

That's the cool thing about *nix in that the only thing using up the most memory is the desktop environments, like Gnome and KDE, but a more technical user can use ANY desktop or windowing environment to knock their memory usage way down. I have two FreeBSD boxes that use dwm and xmonad with a 550Mhz PII with 192Mb ram just fine. Individual apps that use graphics can be a little slow, a lot due to an old graphics card, but they are better than adequate.
Post 27 Jul 2009, 12:43
View user's profile Send private message Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
That's what I hate about new OSes, especially MS ones. They take more and more RAM. I mean, if I buy ram sticks I want to use them for PERFORMANCE, not eat them for nothing (compared to previous OS). I expect my system to run much more smooth, not to be similar just cause the OS decides to eat more of it than before. Not to mention longer boot times.

An OS should take absolutely no more than 60MB without drivers, and 170MB or so with drivers. (that's my current nLited XP config Razz)

_________________
Previously known as The_Grey_Beast
Post 27 Jul 2009, 19:01
View user's profile Send private message Reply with quote
asmcoder



Joined: 02 Jun 2008
Posts: 784
asmcoder
[content deleted]


Last edited by asmcoder on 14 Aug 2009, 14:48; edited 1 time in total
Post 27 Jul 2009, 19:17
View user's profile Send private message Reply with quote
Azu



Joined: 16 Dec 2008
Posts: 1159
Azu
Coddy41 wrote:
This may/may not be a n00b question but...

I just had a thought, I use Linux, and web sites would still put the virus on my PC hidden correct? wouldn't
they just continue to build up and slowly fill up my HDD but cannot attack my computer? because how would
Firefox know there is a virus on the site?
They won't be saved to begin with, most likely. Except in a temporary cache maybe.
Post 27 Jul 2009, 22:24
View user's profile Send private message Send e-mail AIM Address Yahoo Messenger MSN Messenger ICQ Number Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.