this post was submitted on 19 Nov 2023
704 points (90.6% liked)

linuxmemes

21272 readers
654 users here now

Hint: :q!


Sister communities:


Community rules (click to expand)

1. Follow the site-wide rules

2. Be civil
  • Understand the difference between a joke and an insult.
  • Do not harrass or attack members of the community for any reason.
  • Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
  • Bigotry will not be tolerated.
  • These rules are somewhat loosened when the subject is a public figure. Still, do not attack their person or incite harrassment.
  • 3. Post Linux-related content
  • Including Unix and BSD.
  • Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of sudo in Windows.
  • No porn. Even if you watch it on a Linux machine.
  • 4. No recent reposts
  • Everybody uses Arch btw, can't quit Vim, and wants to interject for a moment. You can stop now.

  • Please report posts and comments that break these rules!

    founded 1 year ago
    MODERATORS
     
    top 50 comments
    sorted by: hot top controversial new old
    [–] Honytawk@lemmy.zip 130 points 1 year ago (4 children)

    https://en.wikipedia.org/wiki/Linux_malware

    I fucking hate the mentality that Linux is somehow completely safe.

    Just because it isn't attacked as much because of the low adoption rate among users, doesn't mean it has no vulnerabilities.

    [–] Clbull@lemmy.world 43 points 1 year ago* (last edited 1 year ago) (1 children)

    With SteamOS and ChromeOS now having millions of users, Linux attacks will become more commonplace.

    IIRC ChromeOS is either built on or can be configured to run applications like a Linux distro?

    [–] Honytawk@lemmy.zip 20 points 1 year ago

    Yes, so Linux better be ready, because those attacks will increase.

    And sentiments like the one from OP don't help one bit.

    [–] Ooops@kbin.social 31 points 1 year ago (3 children)

    Malware for desktop users is the low hanging fruit with little rewards. You just hear about it because it's so rediculous easy.

    The real money is on servers, so that's were real money/work is invested to develop malware for much higher gains. How successful are they again?

    [–] Gork@lemm.ee 14 points 1 year ago* (last edited 1 year ago)

    I think you're right. A single desktop, unless it is either someone in a position of power or access to trade secret files, is not a time effective attack vector.

    A server on the other hand can access all of that stuff across an entire organization.

    load more comments (2 replies)
    [–] jol@discuss.tchncs.de 12 points 1 year ago

    Not just that but whenever you hear that company xyz was hacked and their data leaked, what do you think was powering their servers? Most likely Linux. Sure, they usually have more things exposed to the internet, but users install way more apps so the attack surface is vastly bigger in home computers running Linux than servers.

    load more comments (1 replies)
    [–] TootSweet@lemmy.world 110 points 1 year ago (3 children)

    Wine appears in the output of ps aux.

    Nervous not-an-emulator noises.

    load more comments (3 replies)
    [–] netchami@sh.itjust.works 67 points 1 year ago (2 children)

    Pro tip: Infect your Windows friends with malware, then get them to switch to Linux

    /s

    [–] Feirdro@lemmy.world 43 points 1 year ago

    #unethicallinuxevangelismtips

    load more comments (1 replies)
    [–] ShunkW@lemmy.world 55 points 1 year ago (10 children)

    Lol as if Linux is free of malware.

    [–] squaresinger@feddit.de 61 points 1 year ago (6 children)

    It was, 25 years ago. Same as Windows' security was absent at that time.

    But people never update their prejudices, so all the jokes are from the last millenium.

    If you want an OS that is really malware-free, you need to run temple os.

    [–] ivanafterall@kbin.social 34 points 1 year ago (1 children)

    If you want an OS that is really malware-free, you need to run temple os.

    Can't get malware if the OS is the malware. jk. RIP you crazy genius SOB.

    [–] Godort@lemm.ee 25 points 1 year ago (1 children)

    It's also pretty hard to get malware without network capabilities

    [–] squaresinger@feddit.de 19 points 1 year ago

    I never said that Temple OS is usable ;)

    [–] averagedrunk@lemmy.ml 12 points 1 year ago

    God wouldn't let you get malware on his chosen OS.

    load more comments (4 replies)
    [–] backhdlp@lemmy.blahaj.zone 13 points 1 year ago

    It isn't, but you're unlikely to encounter Linux specific malware.

    load more comments (8 replies)
    [–] grandkaiser@lemmy.world 51 points 1 year ago (2 children)

    Security through obscurity is not security

    [–] SrTobi@feddit.de 25 points 1 year ago

    That's why I use NixOS. Double the obscurity, double the security!

    [–] SmoothIsFast@citizensgaming.com 23 points 1 year ago

    Say that too loudly, and you might upset the apple crowd lol

    [–] 0x4E4F@infosec.pub 34 points 1 year ago* (last edited 1 year ago) (4 children)

    True story, Linux sees MIME types, so if Hot.Chick.Blows.Brother.mp4 is a virus, it shows up with a Windows (MZ) binary icon, not a media icon 😉... unlike Windows which only recognizes extensions 😒.

    [–] superduperenigma@lemmy.world 48 points 1 year ago* (last edited 1 year ago) (4 children)

    Microsoft, in their infinite wisdom, also decided that file extensions should be hidden by default. So you won't even see that you downloaded TaylorSwift_1989_TaylorsVersion.exe instead of TaylorSwift_1989_TaylorsVersion.mp3 unless you changed that setting ahead of time.

    [–] otp@sh.itjust.works 23 points 1 year ago

    Or worse, Numb_LinkinPark.mp3.exe just shows up as Numb_LinkinPark.mp3, making it look like it's DEFINITELY a legit MP3!

    [–] Sidhean@lemmy.world 19 points 1 year ago (1 children)

    Wait.. Real?? I guess its always been a part of the first round of changes I've always made to Windows. Crazy how much I've normalized fighting the software I use.

    Anyway, that's wild. What a just bad and unsafe decision.

    [–] 0x4E4F@infosec.pub 9 points 1 year ago

    See, this is mostly because of 2 things. One, when changing filenames, users make the stupid mistake of changing the extension as well (having no extension that is), which of course, in Windows, it means the file won't be recognized as a media file. Two, blind you from the truth - you don't want users that can think, that's not what our bysiness is about 😏. Also the reason behind why Windows has less and less options and people that want to change something have to revert to registery hacks to do so.

    [–] fushuan@lemm.ee 15 points 1 year ago

    It's even worse, since exe files can have custom icons, the malware will have a mp3 player icon in their exe file, making it totes confusing.

    load more comments (1 replies)
    [–] RidcullyTheBrown@lemmy.world 15 points 1 year ago (1 children)

    That's not a Linux thing. It's just whatever desktop shell you chose to use and various shells behave in various ways. The reason this might be safer in most Linux distros is that you're discouraged from executing things under a privileged user which means that malware can't make significant changest to your system easily. If you do the same in windows, you'd be just as safe.

    load more comments (1 replies)
    load more comments (2 replies)
    [–] ShinyRanger@iusearchlinux.fyi 31 points 1 year ago (1 children)

    You guys are quick to forget that Wine (Wine Is Not an Emulator) is, in fact, not an emulator. Most windows ransomware will successfully encrypt your files if ran with wine.

    [–] RoyaltyInTraining@lemmy.world 10 points 1 year ago (1 children)

    That is why I always try to avoid installing Wine natively

    load more comments (1 replies)
    [–] Gork@lemm.ee 30 points 1 year ago (4 children)

    If you're feeling even more paranoid, go with something even more obscure like Plan 9 from Bell Labs. It's Unix-like but differs so much from it that a Unix or Linux type malware would do nothing to it.

    [–] Laser@feddit.de 14 points 1 year ago (3 children)

    I always want to try Plan 9 or one of its successors but actually never do. So many interesting concepts but nothing really to apply them to.

    load more comments (3 replies)
    load more comments (3 replies)
    [–] rockrelishpiealamode@lemmy.ml 22 points 1 year ago (1 children)

    but then the little Wine window appears

    [–] Stephen304@lemmy.ml 14 points 1 year ago

    the wine prefix is being updated, please wait...

    [–] recapitated@lemmy.world 20 points 1 year ago (1 children)

    False sense of security. You accidentally downloaded a virus that doesn't work on your system... What kind of habits and hygiene are you rolling with on a day to day basis?

    load more comments (1 replies)
    [–] nyakojiru@lemmy.dbzer0.com 15 points 1 year ago (4 children)

    If you use Linux because of this you are just a kid following the hype

    load more comments (4 replies)
    [–] bjoern_tantau@swg-empire.de 14 points 1 year ago (1 children)

    Downloading a virus has as much effect on Windows as it does on Linux and any other operating system: None.

    Unless it exploits a security vulnerability with something that automatically touches the file. Like a virus scanner.

    load more comments (1 replies)
    [–] iamtherealwalrus@lemmy.world 13 points 1 year ago

    Next you're going to say https://www.cisecurity.org/benchmark/red_hat_linux exists for fearmongering.

    [–] EmperorHenry@discuss.tchncs.de 13 points 1 year ago

    WINE

    Also...Get a whitelisting antivirus on windows.

    [–] lemmesay@discuss.tchncs.de 9 points 1 year ago (1 children)

    so, I had a pendrive that a friend borrowed once. later on another friend used it and said it had virus. I simply couldn't know since I was on GNU/Linux.

    though later on I cleaned it with dd.

    load more comments (1 replies)
    load more comments
    view more: next ›