LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 11-03-2005, 12:05 PM   #1
Cogar
Senior Member
 
Registered: Oct 2005
Location: It varies, but usually within 100 feet of a keyboard.
Distribution: Fedora 10, Kubuntu 8.04, Puppy 4.1.2, openSUSE 11.2
Posts: 1,126

Rep: Reputation: 51
Online banking security issues


At another forum, we started discussing an article over at MSNBC, where they talk about RATs. As a first guess, I thought that using Linux for online banking and other secure transactions may be better than using Windows, since most of these Trojans and other malware seem targeted to Windows systems. I wanted to ask here as well to learn the opinion of people who are more generally Linux-savvy than others. Here is the article:

http://www.msnbc.msn.com/id/9898957/
 
Old 11-03-2005, 12:50 PM   #2
kilgoretrout
Senior Member
 
Registered: Oct 2003
Posts: 2,300

Rep: Reputation: 138Reputation: 138
I know of no trojan like those described in the article for linux or *nix . Propogation would be very difficult in a linux environment.
First, things cannot be automatically installed in linux like they can in windows. The article refers to automatc and unknowing installation of this malware - that's windows and MS's security impaired ActiveX technology at work. ActiveX is generally regarded as a security abomination, so much so that Vista has it disabled by default as a new "feature". ActiveX allows an untrusted remote source to download, install and run code on your box without any interaction from the user. Talk about a blueprint for disaster. Ironically, many bank/financial sites rely on ActiveX technology in order to run properly.
Second, while linux users are not immune from social engineering manipulating them to install the malware, writing such malware for linux is much more difficult because there is so much variation within linux. You do not have a uniform environment like you do in windows. It would be very difficult to get a set of malware binaries together that could be successfully installed on a broad spectrum of *nix boxes without someone detecting the true nature of the malware. Even assuming some attack vector in *nix that would allow for installation of malware without the users knowledge, crafting that malware would be a ton of work given the huge variation in linux kernels used, not to mention other software. This software diversity has greatly limited the spread of any such trojans in *nix environments when compared to windows environments. It's just so much easier on windows to do.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Online update issues jag2000 Suse/Novell 2 03-29-2005 05:13 PM
PHLAK Security Documentation Online? zsejk Linux - Security 6 06-01-2004 01:14 AM
online banking? toolshed Linux - Software 7 03-24-2004 12:10 PM
Online Banking / Online Shopping in Linux? JROCK1980 Linux - General 14 02-27-2004 02:46 PM
Online Banking/Credit Card JROCK1980 Linux - Software 0 02-26-2004 05:03 PM


All times are GMT -5. The time now is 06:52 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration