LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 05-01-2008, 09:56 AM   #1
newtovanilla
Member
 
Registered: Apr 2008
Posts: 267

Rep: Reputation: 30
spyware on Linux?


"Every time a friend or relative complains about their computer being slow due to spyware, adware and viruses, you tell them to install Linux."

I read about spyware on the web. That must have been what happened to my M$crosoft ME! It was slow, and then it coughed, huffed, and puffed. It would not install from cd. How could spyware do this? How do I know that I will not have any spyware on my PC when I get it to work with Linux? This Linux is new to me.

1) How can you check for spyware on Linux? Are there packages to download and install? Can you get the sources?

2) When I run Linux on my PC, how can I find it out there is spyware on it?

3) If my M$crosoft ME PC huffed and puffed from spyware and a virus, and if I try to get Linux to work on it, will Linux not work on it?

I am thinking about using my PC for an art project. One of those abstract sculptures. My parents would turn my behind raw if I told them that! If I get Linux to work on it, I will have to find another art project idea.

If I feed my PC chicken soup, will it get better and run Linux? What if I get a pet penguin? Will that make my PC work with Linux?
 
Old 05-01-2008, 11:37 AM   #2
Woodypecker
Member
 
Registered: Mar 2006
Location: Austria
Distribution: Mandriva/Debian
Posts: 102

Rep: Reputation: 17
First, when you install from CD - not talking about a "repair" install - and it won't work (and you don't tell about the errors) it most probably is hardware related. Perhaps the aging harddrive is on the way out?
Try a liveCD. If something behaves strange, your hardware may be at fault.
Check ram and harddrive.
2nd, there is no specific spyware for linux - but attacks on webservers and other services you (often without knowledge) may got installed _and_ activated.
In tthe end, your linux box may get a r00ted source for spam and bots.
But then, the default configuration of a linux desktop install is fairly safe.

After all, you are just joking around, so never mind.
 
Old 05-01-2008, 06:20 PM   #3
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,287

Rep: Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034Reputation: 2034
Whether you go with Linux or back to MS, run Firefox browser with the 'NoScript' extension.
Great for preventing such stuff from downloading itself.
If you stick with the official repositories for the Linux SW pkgs, you shouldn't have a problem with getting rooted. (Of course anything could happen, but it's unlikely unless someone hacks your system deliberately.
We also have (afaik) no Linux viruses in the wild (I could be wrong, but they are certainly extremely rare and hardly anyone runs Linux AV SW).

Last edited by chrism01; 05-01-2008 at 08:51 PM.
 
Old 05-01-2008, 08:13 PM   #4
cyberfishee
Member
 
Registered: Mar 2005
Distribution: Debian Testing
Posts: 133

Rep: Reputation: 15
Quote:
1) How can you check for spyware on Linux? Are there packages to download and install? Can you get the sources?
On Linux they are called Rootkits. Unless you are running mission critical servers, it is probably not something you need to worry about, as they tend to be extremely rare (I have been using Linux for quite a few years now and has not even heard of one).

Quote:
2) When I run Linux on my PC, how can I find it out there is spyware on it?
I don't get this question...

Quote:
3) If my M$crosoft ME PC huffed and puffed from spyware and a virus, and if I try to get Linux to work on it, will Linux not work on it?
Linux will work. Spywares and virii only affect software (Windows), not hardware.
 
Old 05-01-2008, 08:39 PM   #5
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
One thing you need to worry about is if spyware is built into an authentication protocol. This is more likely playing media with a DRM scheme where you need to connect with an authentication server. If you are playing something from the web, you are running a script and maybe even a binary player that might also relay back information beyond your current IP address (which you already gave up by contacting the server)

Another thing to look for is being tracked using your browser. The ads displayed on a webpage are probably served by doubleclick. Because most websites have these ads, doubleclick can read the cookies they left in your browser while visiting other websites. You can disable cookies and add doubleclick to your /etc/hosts file giving it an ip address of 127.0.0.1.

There was an author who put a call home function in a perl package. He wasn't using it for anything malicious, but the package was pulled shortly after posting it and the author was blacklisted. For binary packages where the source is unknown, you can't be as certain if there isn't something like this.

IMHO, the biggest difference between Linux and Windows in this regard is that Linux users are using open source software almost exclusively. A Windows user is much more likely to install software using an installation program that installs unvetted compiled binary files which could contain anything. Spyware was invented by shareware authors to gather mailing list information of the downloaders that they sold to mailing list buyers. There are some binaries that we do install however. Mostly browser media plugins.

Any time you register your name and email address on the web, your information might be sold in a mailing list. This effects windows and Linux users equally. This is hard to avoid because websites need to do this to avoid automated spam applications. The website may indicate that they don't sell this information, but you are depending on their honesty.

Last edited by jschiwal; 05-01-2008 at 08:41 PM.
 
Old 05-02-2008, 09:12 AM   #6
dickgregory
Member
 
Registered: Oct 2002
Location: Houston
Distribution: Arch, PCLinuxOS, Mint
Posts: 257

Rep: Reputation: 34
Quote:
Originally Posted by cyberfishee View Post
Linux will work. Spywares and virii only affect software (Windows), not hardware.
There may be some exceptions to this. A few years ago my wife had an XP box. I had been using Linux for a while but was reluctant to ask her to switch. She didn't have any AV installed and got infected. We drove to Fry's and got one of the Norton AV boxes and ran the checks. There were thousands of reported viruses that we attempted to clean up. The machine totally refused to boot up. So we went through the re-install XP process, including a reformat of the HD. We installed Norton immediately before doing any connection to the internet. It already reported hundreds of viruses and would not boot.

We made another trip to Fry's and got a new HD which we also could not get to install or boot. I tried to install Linux, I think Suse 9.something. Still nothing.

Now I suppose that the hardware might have been failing, causing this chain of events, but there are some reasons I question that. First of all, the system was less than 6 months old when the trouble started. Second, neither the motherboard or the original HD ever worked again. While that may have been coincidental, it could also be that a virus may have exercised the hardware in a way that damaged it.

The upside to my story is that it was real easy to switch my wife to Linux. In fact, she insisted on it. To this day she asks people why anyone still sticks with MS, and probably goes a little too far with propagating conspiracy theories. She now uses PCLOS 2007 and loves it.
 
Old 05-02-2008, 10:51 AM   #7
ceantuco
Member
 
Registered: Mar 2008
Location: New Jersey
Distribution: CentOS, Debian, Mint, Backtrack, OpenSuse
Posts: 560

Rep: Reputation: 36
I have two Pcs, 1 is running windows and the other is running OpenSuse 10.3. You know how on Myspace people get their login information hacked and then malicious software uses it to send multiple comments with links just with the purpose to install Adware or Viruses if you click on them? well a friend of mine sent me a link so I clicked on it with an old windows xp machine running antivirus (just to see if I was going to get infected) and I did then I clicked on the same link using my Linux box and I didn't get infected.
My point is I never heard of any Spyware or Viruses for Linux whereas there are so many I would say millions for M$crosoft OSs.
 
Old 05-02-2008, 03:04 PM   #8
cyberfishee
Member
 
Registered: Mar 2005
Distribution: Debian Testing
Posts: 133

Rep: Reputation: 15
Quote:
We installed Norton immediately before doing any connection to the internet. It already reported hundreds of viruses and would not boot.
I'm guessing you have a data partition that you did not format?
 
Old 05-17-2008, 06:49 PM   #9
newtovanilla
Member
 
Registered: Apr 2008
Posts: 267

Original Poster
Rep: Reputation: 30
Thank you for all the comments.
Quote:
I don't get this question...
I am asking if there is a way to detect spyware that may be running on Linux.

Quote:
installation program that installs unvetted compiled binary files
I am new to Linux and LQ. Doesnt Linux install as a binary? It does not build the Linux system when I install it from cd, it is already a binary, is that correct? When I looked for some drivers on the web for Linux, I could not find source code but only what looked like binaries. There is no way to know if these have spyware or rootkits or viruses? What about rpm files?

Quote:
my Linux box and I didn't get infected.
I am not familiar with this. How did you know that the Linux box was not infected?
 
Old 05-17-2008, 07:00 PM   #10
SqdnGuns
Member
 
Registered: Aug 2005
Location: Fountain Valley, CA / Thailand
Distribution: Slackware64 14.0
Posts: 981

Rep: Reputation: 88
Damn, parents gave you your internet privileges back.
 
Old 05-18-2008, 07:26 AM   #11
vadkutya
Member
 
Registered: Apr 2008
Distribution: slackware 10.2
Posts: 117

Rep: Reputation: 16
Quote:
I am asking if there is a way to detect spyware that may be running on Linux.
antivir come for linux as well

Quote:
Doesnt Linux install as a binary? It does not build the Linux system when I install it from cd, it is already a binary, is that correct?
mostly yes. but the distros do normally all deliver the source as well. there is in any case the possibility to obtain the source code because linux is GPL licenced. which is impossible for win32 btw.

Quote:
When I looked for some drivers on the web for Linux, I could not find source code but only what looked like binaries. There is no way to know if these have spyware or rootkits or viruses? What about rpm files?
well yes. (proprietary) driver come mostly as precompiled binaries. if they are infected and loaded as module (lkm-rootkits) you have spyware on your computer. but there are ways of detecting it. maybe you should ask this question in the security forum. BUT you can compile your own kernel with most modules as well from source code (kernel.org). the only problem are video card drivers. if you are concerned about them ask the security guys . i don't know much about it.

in general one should always be questioning the security of a given system especially nowadays as linux becomes more and more popular. but for the moment the risk level is very, very, very low (in 99.9% of all cases you are not infected). you can compile your own distro from scratch (LFS). you can check the source code (if you can't, believe me, others do). what the kernel does is well documented so there's no chance that you have a tainted system from the beginning. as i said, the only source for rootkits as far as i know are proprietary drivers. i use the nvidia drivers and i have to trust them. but i have never ever heard about actual rootkits in use for unix/linux. there were some in the past but these were mostly projects from universities to demonstrate the possible vunerability of such systems.

big computer systems must be guarded against such attacks but your PC is no target at all. there are too few linux users to have an affect. almost every kernel in work differs from an other. it's not windows where everbody has the same system. so there's so far no need to worry...

vadkutya

Last edited by vadkutya; 05-18-2008 at 07:29 AM.
 
Old 05-18-2008, 09:44 AM   #12
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 7,039
Blog Entries: 52

Rep: Reputation: Disabled
DO NOT pour chicken soup into your computer - it will make all your programs run slowly. Only use hot coffee in winter, Coca Cola in summer.
 
Old 05-18-2008, 10:05 AM   #13
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,452
Blog Entries: 54

Rep: Reputation: 2895Reputation: 2895Reputation: 2895Reputation: 2895Reputation: 2895Reputation: 2895Reputation: 2895Reputation: 2895Reputation: 2895Reputation: 2895Reputation: 2895
Everyone knows chicken soup has curative powers and cola is good for derusting. Caffeine I don't know though, I don't use sticky keys.
 
Old 05-18-2008, 10:10 AM   #14
brianL
LQ 5k Club
 
Registered: Jan 2006
Location: Oldham, Lancs, England
Distribution: Slackware & Slackware64 14.1
Posts: 7,039
Blog Entries: 52

Rep: Reputation: Disabled
I tried tea once, but the tea-bag kept getting in the way of teh thingy wot reads my hard-drive.
 
Old 05-18-2008, 12:31 PM   #15
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,452
Blog Entries: 54

Rep: Reputation: 2895Reputation: 2895Reputation: 2895Reputation: 2895Reputation: 2895Reputation: 2895Reputation: 2895Reputation: 2895Reputation: 2895Reputation: 2895Reputation: 2895
...which serves to illustrate that while there are major questions about and problems associated with running GNU/Linux (like if prolonged use will make you go blind, which theme to choose, how much cola (in gram mol) fits on a needlepin, who that dude with the beard is, accurately positioning your coffeecup and if Kubler-Ross stages apply to making software work) spyware definately isn't listed as one of them.
 
  


Reply

Tags
linux, spyware


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Linux Spyware MikeNorth Linux - Security 16 02-18-2007 05:21 PM
Spyware in Linux? Mojojo General 4 01-19-2006 12:58 PM
Spyware On Linux dj9928 Linux - Software 2 04-16-2005 05:31 PM
Spyware and Linux? stunter Linux - Software 4 07-01-2004 02:04 PM
Can Linux have spyware? ProtoformX Linux - General 4 03-15-2004 06:51 AM


All times are GMT -5. The time now is 11:47 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration