LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices

Reply
 
Search this Thread
Old 05-03-2011, 04:12 AM   #946
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776

Quote:
Originally Posted by Arcane View Post
Wait a sec..i remember some distros come only with root as default..like same Slackware? Still unfair.
No, this is not an unfair comparison in the least. Slackware is designed to be customized and provide a very basic and simplified setup without making any attempt to guess what the user wants or to mandate a particular policy on them. It is not an unfair comparison because even the documentation explains the importance of creating a non privileged account. The difference between Slackware and other distributions, like Ubuntu, is that it makes no assumption about what privileges this account should have and requires you to make the choice. In this regards, Slackware is about as opposite the Microsoft philosophy as you can get.

Quote:
Dunno about newer Windows yet.
Based upon my very limited experience with 7 (even though I have a machine with it, my experience is limited to about 4 hours of using it total), it appears to have better integration and better capability for run as administrator.

Lets give another example to the contrary: in Vista they added and continued to win-7 this security feature, where every time you try to perform a slightly administrative task that the screen dims, it beeps, and prompts you (yet again) to see if you are sure you want to perform this action. It is absolutely one of the most annoying things I have ever encountered. I suppose to Joe The Idiot User, it is a valuable feature that prevents a lot of trouble. With anyone who is remotely experienced and knows what they are doing, it is a repetitively frustrating waste of time that borders on insulting. Rest assured, this feature quickly got turned off in the registry.


Quote:
However XP has wonderful feature called "Run As"(should be available for newer Windows too) - can be admin and run risky stuff as Guest or Limited or be Limited and "Run as" admin. Still unfair because if you don't know password it means you don't need be Admin and if you know you don't have problems switching users or using "Run as".

And directly from my previous post: "it is possible to use the "run as" and apply a login that has administrative privilege, but over half of the time this feature does not work. For example, it won't allow you to launch windows explorer as an administrator to delete files that aren't "owned" by the user currently logged in."

Again, the feature works as if it were an after thought and only partially works. One of my co-workers spent no less than 3 hours attempting to get GE's Proficy software (the development tool for the DCS and PAC controllers) to work under this method, including writing scripts to start the application. It refused to go. In Windows, there is no equivalent to a setuid to launch processes and then drop root privilege when possible, there is no means to effectively group or user control application permissions. Yes, there is the groups and users, but once again its functionality is absolutely pale compared to that of *NIX.

I am by no means Windows / Microsoft bashing here. Based upon experience with both product lines, the equivalent security features in Microsoft's products are not anywhere near the quality of those that were built into Linux. The MS operating systems were initially designed and built without these features and they have been added on as renovations and you can tell that they were renovations.
 
Old 05-03-2011, 07:22 AM   #947
slimm609
Member
 
Registered: May 2007
Location: Chas, SC
Distribution: slackware, gentoo, fedora, LFS, sidewinder G2, solaris, FreeBSD, RHEL, SUSE, Backtrack
Posts: 428

Rep: Reputation: 65
Quote:
Originally Posted by Noway2 View Post
Again, the feature works as if it were an after thought and only partially works. One of my co-workers spent no less than 3 hours attempting to get GE's Proficy software (the development tool for the DCS and PAC controllers) to work under this method, including writing scripts to start the application. It refused to go. In Windows, there is no equivalent to a setuid to launch processes and then drop root privilege when possible, there is no means to effectively group or user control application permissions. Yes, there is the groups and users, but once again its functionality is absolutely pale compared to that of *NIX.

http://msdn.microsoft.com/en-us/library/ms972827.aspx


Someone developed a program called dropmyrights and microsoft ended up buying it and releasing it for free use. It allows you to run a program as a "user" while being administrator. If you run a web browser with dropmyrights and download an installer it will allow you to save it but you wont be able to run it. It basically drops you to the lowest rights required to run the program.
 
Old 05-03-2011, 01:23 PM   #948
nec207
Member
 
Registered: Apr 2011
Posts: 96

Rep: Reputation: 0
Quote:
In general you are right. But you have to compare also the habits of the users. In Windows most users actually work as admin all the time, most of them even not knowing that there is the possibility to work as restricted user.
In short: Is it fair to compare Linux user and Windows admin? No. But does it make sense when it comes to security in general? Yes. It simply is pointless to compare with Windows restricted user when nobody uses it.
The reason you not seeing companies trying to sue Microsoft or press releae saying windows malware epidemic is simple , Businesses do not internet surf if they go on the internet it has to be businesses related.The IT guys will block most web sites facebook ,myspace and torrent.Set up packet sniffer and content filtering.And the employer has no admin rights to run,install or download stuff.

If you get cought on web site like music,movie ,blog or any thing non work related you have alot of explaining to do.And yes you will get cought has the IT guy will set up logging.

Where the PC homeowner running windows at home is internet surfing and running has admin .
 
Old 05-03-2011, 01:27 PM   #949
nec207
Member
 
Registered: Apr 2011
Posts: 96

Rep: Reputation: 0
Here is list of do not do or you will get malware from reading computer books and times in past I got malware.

1-free music
2-free movies
3-free games
4-free software/program
5-free stuff
6. porn of any sort hard ,soft ,fettish
7-read every spam and junk mail
8-P2P and torrent
9.cracks and secuity keys




You get malware in less than a day trying to so this!! I say again YOU WILL get Malware in LESS THAN DAY trying to do this.

And google image search is not safe .

If you must use google image search make sure the filter is on SafeSearch strict.Do not key any thing in the search box Popstars , American idols, celebrities ,fashion,people or blogs or anyone of above.


Never try to get wallpaper ,themes or bachgrounds or skins for computer?I know Pop-ups and ads can be easily blocked with firefox adblockplus.The Adblock Plus for firfox will block most Pop-ups and ads .

DO Not click on pictures or links . If a pop up does come up use ctr-alt-delete to bring up task manager to close it never try to click the x or close on the pop up.You must turn HTML off in the e-mail program and turn off active-X ASAP.

If a site has alot of pop ups and ads get out of the site ASAP.

Doing simple rules it cut down on most of the malware.
 
Old 05-03-2011, 01:56 PM   #950
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Main: Gentoo Others: What fits the task
Posts: 15,592
Blog Entries: 2

Rep: Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047
Quote:
Originally Posted by nec207 View Post
1-free music
2-free movies
3-free games
4-free software/program
5-free stuff
6. porn of any sort hard ,soft ,fettish
7-read every spam and junk mail
8-P2P and torrent
9.cracks and secuity keys
1. There are plenty of sites were you can get free and legal music without being infected with malware.
2. http://creativecommons.org/video/Free and legal videos, without malware.
3. http://www.freewaregames.net/, Free games, without malware
4. http://www.heise.de/software/ Free software, without malware (this one is in German, but I am sure there are such sites for all languages)
5. What free stuff do you mean?
6. Never had any problem with that.
7. Who wants that anyway?
8. I torrented Slackware, Planeshift and other software. No problems. Torrenting is not dangerous. What you actually may mean is illegally downloading pirated software.
9. Also illegal. If you infect your machine with this it is totally your own fault and I will laugh about that.

Conclusion: Only number 7 and number 9 are dangerous in itself. All the other things you mentioned are not dangerous, if you know where to get your stuff. You should never execute scripts or programs that you got from an untrusted source. And you can consider every illegal download as gotten from an untrusted source.
In short: Know your source. Stay legal. You will have no problems.

Quote:
DO Not click on pictures or links.
This advice basically renders the Internet useless.
 
Old 05-04-2011, 04:24 AM   #951
nec207
Member
 
Registered: Apr 2011
Posts: 96

Rep: Reputation: 0
Quote:
1. There are plenty of sites were you can get free and legal music without being infected with malware.
2. http://creativecommons.org/video/Free and legal videos, without malware.
3. http://www.freewaregames.net/, Free games, without malware
4. http://www.heise.de/software/ Free software, without malware (this one is in German, but I am sure there are such sites for all languages)
5. What free stuff do you mean?
6. Never had any problem with that.
7. Who wants that anyway?
8. I torrented
No that not issure there are enough sites that are not legal that one can watch TV shows and movies ,download movies and TV Shows !! Also download free music !!

And yes free x rated sites !! All no malware did I say yes no malware!!!

But that does change fact putting in google search box Quote ---- Quote it going turn up alot of rough sites with malware.

Not all free stuff on net or x rated stuff porn of any sort hard ,soft ,fettish are going have malware .But most malware on the net count on user putting in google search box looking for this stuff.

Quote:
This advice basically renders the Internet useless.
In reality it coming to it ,google,myspace,twitter and facebook has been spreading malware time and time again a legit site doing every thing in their power to stop it.

When you click on links or pictures in google image search or go to blogs you take a gamble..

Last edited by nec207; 05-04-2011 at 04:33 AM.
 
Old 05-04-2011, 06:49 AM   #952
MTK358
LQ 5k Club
 
Registered: Sep 2009
Posts: 6,443
Blog Entries: 3

Rep: Reputation: 713Reputation: 713Reputation: 713Reputation: 713Reputation: 713Reputation: 713Reputation: 713
@nec207

I don't understand about half of that post due to poor Engligh.
 
Old 05-04-2011, 07:16 AM   #953
slimm609
Member
 
Registered: May 2007
Location: Chas, SC
Distribution: slackware, gentoo, fedora, LFS, sidewinder G2, solaris, FreeBSD, RHEL, SUSE, Backtrack
Posts: 428

Rep: Reputation: 65
Quote:
Originally Posted by nec207 View Post
In reality it coming to it ,google,myspace,twitter and facebook has been spreading malware time and time again a legit site doing every thing in their power to stop it.
When you click on links or pictures in google image search or go to blogs you take a gamble..
Its really not a gamble. It comes down to knowing what you are doing and how to defend against it. The large majority of users in the world have no clue what they are doing on a computer. But that is good in the long run because it keeps most of us employed. facebook is NOT spreading malware. It is the users of facebook that are spreading malware. they are linking to external sites (which facebook has ZERO control over) and getting people to click the links because they think it is something else. Clickjacking is a common way of doing such things.

We just have to get better at detecting it and stopping it in the end.
 
Old 05-04-2011, 08:15 AM   #954
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Main: Gentoo Others: What fits the task
Posts: 15,592
Blog Entries: 2

Rep: Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047
Quote:
Originally Posted by nec207 View Post
No that not issure there are enough sites that are not legal that one can watch TV shows and movies ,download movies and TV Shows !! Also download free music !!

And yes free x rated sites !! All no malware did I say yes no malware!!!

But that does change fact putting in google search box Quote ---- Quote it going turn up alot of rough sites with malware.

Not all free stuff on net or x rated stuff porn of any sort hard ,soft ,fettish are going have malware .But most malware on the net count on user putting in google search box looking for this stuff.



In reality it coming to it ,google,myspace,twitter and facebook has been spreading malware time and time again a legit site doing every thing in their power to stop it.

When you click on links or pictures in google image search or go to blogs you take a gamble..
If you are surfing the net with a little common sense (sadly, most people turn their brain off when sitting in front of a open browser) you are pretty safe. This has nothing to do with the security functions of Windows or Linux, this has to do with the behavior of the user in front of the computer. And it are neither Google, Myspace, Twitter nor Facebook that are spreading malware, malware is spread by malevolent people that use the habit of some dumb users that click mindlessly on anything they see.
And if you use illegal sites to illegaly download your pirated stuff it is your own fault if you get infected. Stay legal, then you will get no malware.
 
Old 05-04-2011, 09:03 AM   #955
hua
Member
 
Registered: Oct 2006
Location: Slovak Republic
Distribution: Slackware 13.37, 14.0
Posts: 394

Rep: Reputation: 49
Quote:
Originally Posted by slimm609 View Post
facebook is NOT spreading malware ...
No, it itself is a big one.
From wikipedia
Quote:
Malware, short for malicious software, is programming (code, scripts, active content, and other software) designed to disrupt or deny operation, gather information that leads to loss of privacy or exploitation, gain unauthorized access to system resources, and other abusive behavior.

Last edited by hua; 05-04-2011 at 09:10 AM.
 
Old 05-04-2011, 09:31 AM   #956
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 781
Blog Entries: 8

Rep: Reputation: 157Reputation: 157
Quote:
Originally Posted by hua View Post
No, it itself is a big one.
From wikipedia
Gonna have to agree to that. FB has a huge issue with the trustworthiness of its apps.
 
Old 05-04-2011, 09:46 AM   #957
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Main: Gentoo Others: What fits the task
Posts: 15,592
Blog Entries: 2

Rep: Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047
Quote:
Originally Posted by unixfool View Post
Gonna have to agree to that. FB has a huge issue with the trustworthiness of its apps.
That is exactly what I am saying. If you don't trust those apps then don't use them and deny to give them any rights. I am using Facebook, but I only use it to keep in contact with my friends, and not to use one of the pointless apps.
 
Old 05-04-2011, 10:27 AM   #958
unixfool
Member
 
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 781
Blog Entries: 8

Rep: Reputation: 157Reputation: 157
Quote:
Originally Posted by TobiSGD View Post
That is exactly what I am saying. If you don't trust those apps then don't use them and deny to give them any rights. I am using Facebook, but I only use it to keep in contact with my friends, and not to use one of the pointless apps.
How do you determine what's trustworthy or not? I'm pretty sure most people who install such apps think they are trustworthy, at least initially (I doubt they are installing them to purposely compromise their machines). And not everyone is security-savvy. IMO, its much easier to regulate and audit the apps themselves. These apps should be inherently trustworthy apps. I don't see other software/app pools having the same severity of issues with their apps (for instance, iTunes).

Last edited by unixfool; 05-04-2011 at 10:29 AM.
 
Old 05-04-2011, 10:42 AM   #959
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Main: Gentoo Others: What fits the task
Posts: 15,592
Blog Entries: 2

Rep: Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047Reputation: 4047
At first, Facebook is not a software/app-pool, it is a social network. That you can play games or have other apps is just a marketing thing to let you spend more time there.
So how to determine if it is a trustworthy app? I think you can do that with a little common sense. If an app that counts how many times I can click the mouse-button in 10 seconds asks me that it needs access to my personal data, then I have to ask my self: Why should this app have access to my personal data to count mouse-clicks? Simple answer: It shouldn't, so in my eyes it is not trustworthy.
I have to correct my previous post, I have one app installed: A chat history database. This app definitely needs access to my data for its function. So I allowed it.

Quote:
And not everyone is security-savvy.
That is what I am saying, most people turn their brains off when opening a browser.

Quote:
IMO, its much easier to regulate and audit the apps themselves.
In my eyes the wrong approach. If you do it that way, people will think even less about security, in the believe that others will do it for them. Same thing like people with ABS brake in their cars who drive faster because of a false thinking of security.
 
Old 05-04-2011, 10:49 AM   #960
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 3,910

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
Quote:
Originally Posted by nec207 View Post
Here is list of do not do or you will get malware from reading computer books and times in past I got malware.

1-free music
2-free movies
3-free games
4-free software/program
5-free stuff
6. porn of any sort hard ,soft ,fettish
7-read every spam and junk mail
8-P2P and torrent
9.cracks and secuity keys




You get malware in less than a day trying to so this!! I say again YOU WILL get Malware in LESS THAN DAY trying to do this.

And google image search is not safe .

If you must use google image search make sure the filter is on SafeSearch strict.Do not key any thing in the search box Popstars , American idols, celebrities ,fashion,people or blogs or anyone of above.


Never try to get wallpaper ,themes or bachgrounds or skins for computer?I know Pop-ups and ads can be easily blocked with firefox adblockplus.The Adblock Plus for firfox will block most Pop-ups and ads .

DO Not click on pictures or links . If a pop up does come up use ctr-alt-delete to bring up task manager to close it never try to click the x or close on the pop up.You must turn HTML off in the e-mail program and turn off active-X ASAP.

If a site has alot of pop ups and ads get out of the site ASAP.

Doing simple rules it cut down on most of the malware.
This is weird; are you just trying to point out that the 'folk myths' referenced in the link given by noway back in post #6 are alive and well even amongst Linux users, or are you saying that you wouldn't read security research because it has been linked..

Quote:
Never try to get wallpaper ,themes or bachgrounds or skins for computer?
.

Given the different mechanisms that we use to get these,are you saying that, eg, kde-look and gnome-look have taken the risk of becoming malware suppliers? Given that they know that this would be the end of trust for them, and what that implies, it really sounds quite unlikely.

Quote:
If a pop up does come up use ctr-alt-delete to bring up task manager
More good advice for Linux users...
 
  


Reply

Tags
64bit, cloud, linux, microsoft, windows


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Tutorial: Four Easy Fun Useful Things You Can Do With Linux LXer Syndicated Linux News 0 09-30-2008 11:41 PM
LXer: KDE 4: The Shiny New Linux (and Windows) Desktop LXer Syndicated Linux News 0 09-17-2007 06:10 PM
media server or other fun things. doralsoral Linux - Software 1 11-05-2005 07:55 AM
most fun & excited things about Linux woranl Linux - General 2 07-27-2004 08:28 PM


All times are GMT -5. The time now is 10:15 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration