startubuntu team mailing list archive

[Tim Plimpton <plimptm@xxxxxxxxx>]

I have to chime in here that the semantics of using "malware" vs. "virus"
and "adware" and "spyware" etc. make a big difference in this conversation.

Generally, Malware is used as the most inclusive term, encompassing any
sort of software or add-on that has some kind of negative effect on a
user's system or personal information. It can be as benign as an un-needed
background process that constantly chews up RAM, as exploiting as a program
designed to harvest and transmit sensitive personal information, as
annoying as a rogue security application that blocks basic OS functions
until you shell out $$ to the publisher in exchange for their "protection",
or as damaging as a rootkit that completely wrecks the core of a system.

@Ali, I think it would be wise to revise your statement that linux is
virus-free to something along the lines of "Linux is, by design, well
protected from malware." That doesn't make it immune to attacks or without
vulnerabilities.

OS X is UNIX based, and that doesn't stop users from getting "infections"
on their Macbooks. One time at work, I had to completely wipe and reinstall
Safari because it was wrecked by a Conduit add-on. How did it get there?
The user installed it, of course.

The best defense for any Linux or Unix based server system is a
well-educated system administrator - not the system itself. The same
applies to desktop systems. But in the personal computing market, most
people don't sign up to be a system administrator, they merely want to be a
user.

The myth that the small user-market share of Linux prevents malware from
spreading is certainly false. It's more likely the fact that Linux users
(on average) happen to be much more educated about operating systems,
software and how they can protect themselves from malicious code that puts
up the line of defense. If I packaged a script to wipe a user's home
directory and distributed it to un-educated linux users under the guise
that it would "improve" their system performance, the only missing piece is
having someone willing to run it (without even needing root access) and it
would definitely qualify as malware.

This is a great topic to discuss here!

-Tim


On Sat, Jan 4, 2014 at 8:58 AM, Marcello Tescari <marcello.tescari@xxxxxxxxx
> wrote:

> On Sat, Jan 4, 2014 at 2:47 PM, Ali Linx (amjjawad) <amjjawad@xxxxxxxxx>
> wrote:
> >
> > On Sat, Jan 4, 2014 at 4:37 PM, Marcello Tescari
> > <marcello.tescari@xxxxxxxxx> wrote:
> >>
> >> On Jan 4, 2014 1:21 PM, "Ali Linx (amjjawad)" <amjjawad@xxxxxxxxx>
> wrote:
> >>>
> >>>
> >>> On Sat, Jan 4, 2014 at 4:18 PM, Marcello Tescari
> >>> <marcello.tescari@xxxxxxxxx> wrote:
> >>>>
> >>>>
> >>>> On Jan 4, 2014 1:13 PM, "Ali Linx (amjjawad)" <amjjawad@xxxxxxxxx>
> >>>> wrote:
> >>>> >
> >>>> >
> >>>> > Hi,
> >>>> >
> >>>> > http://ubuntuforums.org/showthread.php?t=2197530
> >>>> >
> >>>> > What do you think? :)
> >>>> >
> >>>> > Thank you!
> >>>> >
> >>>> >
> >>>>
> >>>> I never experienced myself malware on a linux machine but some of my
> >>>> kubunters managed to get some malware in their browser such as those
> >>>> changing homepage, search engines or filling them with suspicious
> toolbars
> >>>>
> >>>> Marcello
> >>>
> >>>
> >>> Hi,
> >>>
> >>> You always forget to hit reply to All :P never mind :)
> >>>
> >>> Same here. I have never ever seen that for 3 years nor heard anyone had
> >>> such thing. This might be the first time I hear/read such a thing.
> Although
> >>> I am not sure, it seems that user had done something like visiting
> weird
> >>> websites? correct me please if I am wrong.
> >>>
> >>> Thank you!
> >>>
> >> Hi again, sorry for the Reply "not to all" but it's something I usually
> >> mistake when replying from phone.
> >
> >
> > Hi and No worries :)
> >
> >
> >
> >>
> >> As I said,  I never experienced,
> >
> >
> > Same here :)
> >
> >
> >>
> >> but I also never experienced Virus or whatever neither when using
> windows
> >> and I was also sometimes visiting weird websites.
> >
> >
> > The 16 machines for my neighbors that I converted to Linux in 3 months,
> > maybe half of these were infected with viruses and the rest were
> semi-dead.
> > For me? I've been with Windows since 1999 and I am not quite sure if I
> ever
> > had a virus on my own machine? but I am 100% sure I have seen so many
> virus
> > alert on my machine and others' people machines.
> >
> >
> >>
> >> I think it's just a matter of not clicking on "click here" banners or
> >> similar
> >> That happened to three or four people so far in about 20 that I know are
> >> my "kubunters".
> >
> >
> > Yeah, and that proves the theory of: "Be Careful Whenever You Are Using
> The
> > Internet and Do Not Click on Anything Unless You Know What Are You
> Doing."
> > but IMHO, the OS you are using is still does matter whether it will help
> > that virus or whatever it is to spread itself or can't even be run.
> >
> >
> >>
> >> Two of them being my sister and my girlfriend so I doubt they visited
> >> weird websites, but sometimes while trying to download some software,
> they
> >> also downladed toolbars and similar stuff (even sourceforge has a lot of
> >> download this and download that links, just to make an example) as they
> are
> >> not expert users.
> >
> >
> > Why would they download anything 'directly' from the website? the idea of
> > having Synaptic or Software Manager installed by default with Ubuntu and
> its
> > official variants is to actually keep everyone safe. With Linux, you
> don't
> > really need to go to any Website to install anything.
>
>
> Mainly for 2 reasons:
>
> 90% of software you can download from repositories throu synaptic,
> muon or whatever, but some free software is distributed normally (in a
> windows way). It's not relevant to sourceforge, but I had to download
> drafsight from the own website, I had to instal kmid by downloading
> sources for at least the last 5 versions of kubuntu (i know there are
> alternatives but I tried and didn't like them), same for updated HP,
> Canon, Epson or Brothers Printer drivers which are usually distributed
> from their websites in deb or rpm.
> I don't say that all programs are downloaded directly but some
> unfortunately should be.
> And I even saw people using linux to download warez for windows or for
> some proprietary software available for linux (or through wine)... but
> that's not the case of the mentioned people
>
>
> >>
> >> Even though, if you download and install them for mistake in linux, you
> >> can just remove them from the browser or delete the .nameofthebrowser
> folder
> >> from the home directory... in Windows you need to scan the register and
> >> sometimes the whole system gets harmed
> >>
> >
> > Not to mention you might need to re-install or format when it comes to
> > Windows :D
> >
>
> Indeed!
> >
> >>
> >> Marcello Tescari
> >
> >
> > Thank you!
> >
> > --
> > Remember: "All of us are smarter than any one of us."
> > Best Regards,
> > amjjawad
> > Areas of Involvement
> > My Projects
>
> --
> Mailing list: https://launchpad.net/~startubuntu
> Post to     : startubuntu@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~startubuntu
> More help   : https://help.launchpad.net/ListHelp
>