[Gllug] Trojans and social engineering

[Andrew Farnsworth]

On Wed, Aug 11, 2010 at 9:57 AM, Gordon Joly <gordon.joly at pobox.com> wrote:

> On 11/08/2010 13:37, Andrew Farnsworth wrote:
> > Linux tends to be less susceptible to social engineering (i.e. trojans
> > etc) simply due to the fact that, unlike windows, the majority of
> > Linux users have a CLUE.  This does not make them immune and, as time
> > progresses and Linux makes it's way onto the normal users desktop that
> > his will change.
> >
> > Andy
> I can see, but only up to a point. My recollection was the *nix was
> built with more security in the kernel and elsewhere that Microsoft
> Windows.
>
> On what might be a side issue, *nix tends to favour human readable
> config files.
>

Additionally, in most cases, a Linux/Unix user will be running as themselves
with limited permissions rather than as the root user.  Therefore, a breach
will generally only affect their login, not the entire system. Under
windows, users are generally used to running as either "single user" or as
an administrator, thus making it much more likely any breach will compromise
the entire system.  Thankfully, Windows 7 seems to run all users in user
mode with the ability to run individual applications with administrator
privileges.

As to the human readable configuration files... yes, they are there but
there is some debate about how much better this is over the registry.  Yes,
it keeps the individual configurations separate and you can give specific
permission access to the individual configuration files, but otherwise it is
really a question of where do you store the info.

Andy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20100811/1eb349f8/attachment.html>
-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug