Exercise care downloading fr. gnome look dot org

Discussion in 'all things UNIX' started by Ocky, Dec 9, 2009.

Thread Status:
Not open for further replies.
  1. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
  2. snowdrift

    snowdrift Registered Member

    Joined:
    Sep 7, 2007
    Posts:
    394
  3. Fajo

    Fajo Registered Member

    Joined:
    Jun 13, 2008
    Posts:
    1,812
    Re: Malicious screensaver proves any OS's biggest vulnerability is sitting in the chair

    As a response to the title. This is nothing new it's always been between the Chair and the keyboard.
     
  4. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
  5. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Re: Malicious screensaver proves any OS's biggest vulnerability is sitting in the chair

    Well, in defense of the users, this trojan was posted to a really well known and trusted site. Most people would never hesitate to trust gnome-look. Of course, experienced Linux users would know to never give a screensaver root access (it needed root to install), most Windows converts would think nothing of it since Windows often requires admin access for everything.

    The lesson here: Never install software from outside the repositories and be very skeptical when something prompts you for the root password.
     
  6. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    Not any more !!
    2 exploits posted.

    Devil's advocate here from a less expert POV:
    Didnt know that>
    I am a less experienced user: still heaps to learn. :doubt:
    Hhmm...interesting concept. :(
    Lots of useful apps out there neh?
    Very useful advice!!

    Imho as a suddenly nervous enduser: this is a very interesting and ominous development and deserves close attention: targeted exploits. :(
    Combination of techniques: 'trusted site', 'less experienced users'..sound familiar?

    Any right click scan apps in *nix land ?? : would any have identified this as malware ??
    Of course not
    Any "hips" tools to notify re outgoing connections.

    This a 'trojan' or 'rootkit' ?

    Interested in hearing more I are. :doubt:
     
    Last edited: Dec 11, 2009
  7. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Well, not much has changed. It has always been known that a user can destroy his own machine either purposely or inadvertently. If you install software that is malicious, no OS of any kind can prevent that. This is why we often preach to always use the main repositories if at all possible. 99% of the time you will find the software you need there.

    The main thing to remember is that *nix OS's are still virtually immune from many threats that plague Windows like drive-bys, viruses and the like. However when it comes to you giving your root password to some unknown app, anything can happen. Again, *nix OS's cannot stop you from destroying yourself but it can stop automated attacks.
     
  8. Longboard

    Longboard Registered Member

    Joined:
    Oct 2, 2004
    Posts:
    3,187
    Location:
    Sydney, Australia
    :thumb:
    :thumb: :thumb:
     
Loading...
Thread Status:
Not open for further replies.