Exercise care downloading fr. gnome look dot org

Discussion in 'all things UNIX' started by Ocky, Dec 9, 2009.

Thread Status:
Not open for further replies.
  1. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,713
    Location:
    George, S.Africa
    Ocky, Dec 9, 2009
    #1
  2. snowdrift

    snowdrift Registered Member

    Joined:
    Sep 7, 2007
    Posts:
    394
    snowdrift, Dec 10, 2009
    #2
  3. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,814
    Re: Malicious screensaver proves any OS's biggest vulnerability is sitting in the chair

    As a response to the title. This is nothing new it's always been between the Chair and the keyboard.
     
    Fajo, Dec 10, 2009
    #3
  4. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,713
    Location:
    George, S.Africa
    Ocky, Dec 10, 2009
    #4
  5. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Re: Malicious screensaver proves any OS's biggest vulnerability is sitting in the chair

    Well, in defense of the users, this trojan was posted to a really well known and trusted site. Most people would never hesitate to trust gnome-look. Of course, experienced Linux users would know to never give a screensaver root access (it needed root to install), most Windows converts would think nothing of it since Windows often requires admin access for everything.

    The lesson here: Never install software from outside the repositories and be very skeptical when something prompts you for the root password.
     
    chronomatic, Dec 10, 2009
    #5
  6. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,238
    Location:
    Sydney, Australia
    Not any more !!
    2 exploits posted.

    Devil's advocate here from a less expert POV:
    Didnt know that>
    I am a less experienced user: still heaps to learn. :doubt:
    Hhmm...interesting concept. :(
    Lots of useful apps out there neh?
    Very useful advice!!

    Imho as a suddenly nervous enduser: this is a very interesting and ominous development and deserves close attention: targeted exploits. :(
    Combination of techniques: 'trusted site', 'less experienced users'..sound familiar?

    Any right click scan apps in *nix land ?? : would any have identified this as malware ??
    Of course not
    Any "hips" tools to notify re outgoing connections.

    This a 'trojan' or 'rootkit' ?

    Interested in hearing more I are. :doubt:
     
    Last edited: Dec 11, 2009
    Longboard, Dec 11, 2009
    #6
  7. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Well, not much has changed. It has always been known that a user can destroy his own machine either purposely or inadvertently. If you install software that is malicious, no OS of any kind can prevent that. This is why we often preach to always use the main repositories if at all possible. 99% of the time you will find the software you need there.

    The main thing to remember is that *nix OS's are still virtually immune from many threats that plague Windows like drive-bys, viruses and the like. However when it comes to you giving your root password to some unknown app, anything can happen. Again, *nix OS's cannot stop you from destroying yourself but it can stop automated attacks.
     
    chronomatic, Dec 11, 2009
    #7
  8. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,238
    Location:
    Sydney, Australia
    :thumb:
    :thumb: :thumb:
     
    Longboard, Dec 11, 2009
    #8
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...