InfoWorld on Why Linux on the Desktop is Still Better than Windows 10
-
@Breffni-Potter said:
Linux repos have been breached as early as 2010/2011.
No platform has 100% track record of reliability, lot of us like Linux but let's not ignore the past.
You're right, I shouldn't say you can't. It's just super hard. And with the number of servers running critical and important data, you would have think it would have happened more frequently than it does on Windows home computers running goofy software.
-
@Dashrender said:
@johnhooks said:
@Dashrender said:
@johnhooks said:
When has this happened?
The malicious app basically attempts to detect if a device is rooted, and then it copies several files to the/system partition
The devices have to be rooted. Which removes all security that was given.
That definitely wasn't the case for bad apps that were released in china. There was an infected compiler running around china that was being used to create apps, those apps did make their way into the apple store, later to be removed.
The apps in question installed their own digital certificates on a person's Apple mobile device. It would enable the apps to terminate an encrypted connection between a device and a service and view the traffic, which is a potential security risk.
That's all it did.
-
@johnhooks I think servers don't suffer this because how often are server admins pushing out some unknown package? They are using newer versions of things that have been around for a long time. There is probably some kind of chain of custody that makes those things less likely to make their way into the repo in an infected state, unless the vendor making the software was penetrated and the code infected.
Server admins are not home users - home users install all kinds of crazy things - they want card maker programs, and soduko, crossword, crazy smiley faces, etc.
-
@Dashrender said:
@johnhooks I think servers don't suffer this because how often are server admins pushing out some unknown package? They are using newer versions of things that have been around for a long time. There is probably some kind of chain of custody that makes those things less likely to make their way into the repo in an infected state, unless the vendor making the software was penetrated and the code infected.
Server admins are not home users - home users install all kinds of crazy things - they want card maker programs, and soduko, crossword, crazy smiley faces, etc.
But being in the repo or store means its not unknown. The software stores use the same repos. If you can install it on Ubuntu with Unity, you can install it on Ubuntu server.
-
@johnhooks said:
The devices have to be rooted. Which removes all security that was given.
That article didn't actually say they had to be rooted, but if it was rooted, it would right itself to the file system making it difficult to remove.. not the same thing at all.
It's like javascript in your browser, stuff can be downloaded that can do all kinds of crazy things... like attempting to log into your router (now from the LAN side) and making changes, etc.
Root, admin level privileges aren't needed to do those things. -
@johnhooks said:
@Dashrender said:
@johnhooks I think servers don't suffer this because how often are server admins pushing out some unknown package? They are using newer versions of things that have been around for a long time. There is probably some kind of chain of custody that makes those things less likely to make their way into the repo in an infected state, unless the vendor making the software was penetrated and the code infected.
Server admins are not home users - home users install all kinds of crazy things - they want card maker programs, and soduko, crossword, crazy smiley faces, etc.
But being in the repo or store means its not unknown. The software stores use the same repos. If you can install it on Ubuntu with Unity, you can install it on Ubuntu server.
A brand new game, in the repo is an unknown - to you. that's my point. Brand new things in the repo have no reputation. I'm surprised you haven't heard about the dozens of things being pulled from both Google/Apple stores for doing improper things.
If you want to find more, I guess you can google it.
-
@Dashrender said:
@johnhooks said:
The devices have to be rooted. Which removes all security that was given.
That article didn't actually say they had to be rooted, but if it was rooted, it would right itself to the file system making it difficult to remove.. not the same thing at all.
It's like javascript in your browser, stuff can be downloaded that can do all kinds of crazy things... like attempting to log into your router (now from the LAN side) and making changes, etc.
Root, admin level privileges aren't needed to do those things.You don't have filesystem access without root access on Android.
-
@johnhooks said:
@Dashrender said:
@johnhooks said:
The devices have to be rooted. Which removes all security that was given.
That article didn't actually say they had to be rooted, but if it was rooted, it would right itself to the file system making it difficult to remove.. not the same thing at all.
It's like javascript in your browser, stuff can be downloaded that can do all kinds of crazy things... like attempting to log into your router (now from the LAN side) and making changes, etc.
Root, admin level privileges aren't needed to do those things.You don't have filesystem access without root access on Android.
but you don't need it to do what that program was doing.. only to keep itself from being uninstalled/removed completely.
It's like a virus that runs in user space on Windows, you don't need local admin rights, but it can still do plenty of damage.
-
@Dashrender said:
@johnhooks said:
@Dashrender said:
@johnhooks said:
The devices have to be rooted. Which removes all security that was given.
That article didn't actually say they had to be rooted, but if it was rooted, it would right itself to the file system making it difficult to remove.. not the same thing at all.
It's like javascript in your browser, stuff can be downloaded that can do all kinds of crazy things... like attempting to log into your router (now from the LAN side) and making changes, etc.
Root, admin level privileges aren't needed to do those things.You don't have filesystem access without root access on Android.
but you don't need it to do what that program was doing.. only to keep itself from being uninstalled/removed completely.
It's like a virus that runs in user space on Windows, you don't need local admin rights, but it can still do plenty of damage.
I apologize, I was told we were going on a family walk and I was trying to read while walking down the road and didn't read your comment correctly.
-
@Dashrender said:
@johnhooks said:
@Dashrender said:
@johnhooks I think servers don't suffer this because how often are server admins pushing out some unknown package? They are using newer versions of things that have been around for a long time. There is probably some kind of chain of custody that makes those things less likely to make their way into the repo in an infected state, unless the vendor making the software was penetrated and the code infected.
Server admins are not home users - home users install all kinds of crazy things - they want card maker programs, and soduko, crossword, crazy smiley faces, etc.
But being in the repo or store means its not unknown. The software stores use the same repos. If you can install it on Ubuntu with Unity, you can install it on Ubuntu server.
A brand new game, in the repo is an unknown - to you. that's my point. Brand new things in the repo have no reputation. I'm surprised you haven't heard about the dozens of things being pulled from both Google/Apple stores for doing improper things.
If you want to find more, I guess you can google it.
From my experience, things in the repos aren't usually brand new, unless you enable a repo that has that. That is one gripe people have with Ubuntu. PPAs make it trivial to install software from a repo that could possibly not be maintained 10 months down the road and now has security issues. It's easy to add Jimbob's super drawing app repo, but it's likely that will never be maintained.
You don't really run into unknown software to anyone in the main repos.
I guess my whole point is this, if you have root access to your device, all bets are off (especially if you have no clue what you are doing). Things like Chromebooks have done away with a lot of problems (and still run Linux). So desktop space, I'm sure if the market takes off there will be virus issues. However, the platform itself makes it so much easier to take care of that, both in being open and in design.
For example, if I download a file that was malicious on my laptop I'm using right now, I can keep my whole system in tact, and just blow away my home folder and create a new one without ever turning it off. As long as I didn't give it root permissions.
-
@Dashrender said:
@johnhooks said:
The devices have to be rooted. Which removes all security that was given.
That article didn't actually say they had to be rooted, but if it was rooted, it would right itself to the file system making it difficult to remove.. not the same thing at all.
It's like javascript in your browser, stuff can be downloaded that can do all kinds of crazy things... like attempting to log into your router (now from the LAN side) and making changes, etc.
Root, admin level privileges aren't needed to do those things.https://blog.lookout.com/blog/2016/01/06/brain-test-re-emerges/
That link is pretty much saying it does need to be rooted for the malware to do anything. If it doesn't have root access, then it can't install any other applications.
-
Microsoft with their store apps is trying to move to the Google/Apple model, but there is so much legacy software that people want/need that will never be converted.
When you are talking about Ubuntu, you're talking about admins using it.. not home users. As such the lack of new things making would never be acceptable to home users - they are constantly looking for new things.. and if they can't find it in the normal store.. they will go elsewhere if it's possible at all.
Apple makes this nearly impossible, but Android makes side loading pretty easy in fact. So sure, people could go outside of the store and install non vetted things.
The exact same thing would happen if Linux got a foot hold on the desktop, unless the ability to side load was more or less completely removed, or the app store was always being renewed with latest crap.
-
@Dashrender said:
Microsoft with their store apps is trying to move to the Google/Apple model, but there is so much legacy software that people want/need that will never be converted.
When you are talking about Ubuntu, you're talking about admins using it.. not home users. As such the lack of new things making would never be acceptable to home users - they are constantly looking for new things.. and if they can't find it in the normal store.. they will go elsewhere if it's possible at all.
Apple makes this nearly impossible, but Android makes side loading pretty easy in fact. So sure, people could go outside of the store and install non vetted things.
The exact same thing would happen if Linux got a foot hold on the desktop, unless the ability to side load was more or less completely removed, or the app store was always being renewed with latest crap.
I'm still talking about home users for Ubuntu. You can use PPAs with any version of ubuntu. The software center (picture below), by default it has right now 81,735 packages, it isn't lacking in any way. BUT, if you do decide to install something outside of it, you can add more repos, or even download the file. It's just as easy on a Mac, just disable gatekeeper.
-
The last insurance company I worked for had hundreds of thousands of dollars invested in their accounting software that could only run, and was built to run in IE. Windows it is. Sometimes business dictates and overrules the "everything can run on Linux" theory....
-
@Bob-Beatty said:
The last insurance company I worked for had hundreds of thousands of dollars invested in their accounting software that could only run, and was built to run in IE. Windows it is. Sometimes business dictates and overrules the "everything can run on Linux" theory....
Did it only run on IE because it was dependent on something like ActiveX or was it because they just added a line to the header to only allow IE?
-
@Dashrender said:
When you are talking about Ubuntu, you're talking about admins using it.. not home users. As such the lack of new things making would never be acceptable to home users - they are constantly looking for new things.. and if they can't find it in the normal store.. they will go elsewhere if it's possible at all.
I've never met those home users. What things are they looking for? I rarely see home users install anything but malware. All they use are web browsers.
