[Gllug] Virus on Linux/Mac

[Christopher Currie]

On  Fri, 21 Sep 2007 18:03:11 +0100 "Panos Savvas" 
<pasavvas.accounts at googlemail.com> wrote:

>how hard is it really to write a GTK application that pops up with "Ubuntu
>needs to install critical updates, click to install now" (as has been
>happening in win for years)? ubuntu users are used to entering a password to
>install updates. end of story.

The virus would have to be aimed specifically at ubuntu and wouldn't work on 
distros that still require a separate root password in this situation.

But it would soon get spotted if it used the word 'Ubuntu'. It would have to 
work on the growing number of distros that are modified ubuntu, and would 
have to use the same phraseology for each distro as each distro used in order 
to fool the naive user on each. 

If the popup says 'Ubuntu needs' and the user thinks he's using  Spearmint,  
WhizzoLinux, or even Kubuntu, he'll just say 'who the hell's Ubuntu'? and 
click 'no'.

> sudo is only secure if you know what you are
>doing, unfortunately it is also necessary for desktop linux as home users
>cannot not have root access. 

This box has only home users (I hope!), and only one of them ever has root 
access, and the others have been using it happily for years without that, and 
without needing to do their own upgrades.

But then it isn't a ubuntu box. I keep that for my personal laptop. 

I've read arguments before on this list explaining why doing without a 
separate overt root password does not increase risk, but I was unconvinced in 
a home situation.

Christopher
-- 
Christopher Currie	ccurrie at usa.net

-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug