that's absolutely true! but i did this for years and never had a problem. in 1996 i had a parity.b bootvirus, that came from a friend with a sim city 2000 save disk and was actually never activated on my p66. since then i had no problems, but used ad-aware and f-prot quite a lot. so are there similar programs for linux? easy to install (.rpm), easy to update? ease of use seems important to me, as i said, i am still a newbie.
this => http://www.apple.com/quicktime/download/ was the site i was forwarded to, i wanted to see this => http://www.novabus.com/crash.html movie, which worked after all. i have a great interest in mass traffic and run the world's biggest german-language forum for modern-volvos... just if you wonder why i look at a strange video like this one. and i could see the video and surf on. i ran ad-aware and f-prot the same evening. the next morning, windows was kind of reseted, wanted to have my serial nummer, which i don't have. i moved to norway from germany and some of my stuff is still there; w98se-cd + number included. so i removed the last newly created files that were not system files: exact time of downloading quicktime, which i remember since i took a look at the watch the evening before and posted the link in my forum after watching the video. after removing the files the windows explorer crashed right after starting. i could not even access my second partition anymore. i wanted then to install linux, since i just have to do my studies for university. unfortunately, linux lycoris deleted all my data, even though i told the installation routine, not to touch d:\ - and in knoppix burning a cd wouldn't work, so i had no backups. that's the story, as far as i remember.
i agree on that. the pc in 2004 is not what people once thought it might be. common people use it and they use the internet for fun also. i do watch flash animations myself. it is not the end user who is to address. in my eyes, an operating system for non-admins should be safe enough to browse the web carelessly. and, most of all, people who actually write viruses & spyware should be addressed.

regards
ungua

Just for info that picture is from a photoshop contest at www.fark.com

mark

That's very much true, but you can't blame the operating system for it, if they were using linux they'd have exactly the same problems.

I can and do blame both the users *and* the OS for it. If they were using linux, they would *not* be having the same problems, and it's largely due to the huge difference in thinking between the Microsoft business asshats who decide how windows can "embrace and extend" the users internet experience, and the real life developers who actually have a clue and are interested in more than bells and whistles to dazzle the users.

The fact of the matter is that *much* if not all of the malware on the internet is designed as well as or better than many of the things that get classified as a "virus" or "worm" by the AV companies, and *many* if not all of them use exactly the same methods to infect the host, if they're available. The user getting a "Click ok" box for infection is a last resort. Obviously, if users actually kept their systems up to date (which is just as (and arguably more) important under *NIX), the threat will be much lower, but they won't, for exactly the same reasons they click "Ok", and therefore it will always be there... Why do you think the number one recommendation for malware is to switch to a browser/email client that is not based on the IE engine?

I couldn't agree more ... Windows isn't that system though. Anyone who's done any programming for ActiveX controls in IE can tell you how much access to the system you can get through that nightmare of a browser that you just *should not have*, and the malware authors know that.

... This thread has gone horribly off topic ...

You do the same things to protect a linux computer that you would any other.

1) Patch your system OFTEN
2) Don't install software you don't need
3) Don't run software (services) you're not using
4) Don't execute code that you cannot verify the origin of
5) Use a firewall
6) Read and understand the errors your computer presents to you. If you don't understand the errors, ask google, or LQ.org

That's a good start. I could write volumes about security, but I'll leave that to better authors than myself. I highly recommed "Secrets and Lies" by Bruce Schneier as a good starter security book.

in other words: nobody really assumed to have a 2004 pc look like this?
this is a more general problem: microsoft wants to earn money, while linux products also define themselves as an opportunity besides microsoft. ms became "evil" for trying to gain too much control - and i don't think they are interested in a smart user either... for using linux you are supposed to be up-to-date, that's what scares so many people, i guess. i could still use an ancient os until this event happened, a linux user will always be somehow connected to a community who tells you to update and give some more reasonable arguements for that. not so with windows... (hard to explain what i mean...)

my biggest problem usually is that i lack time - so i'd like to read the book you recommended, but... so this problem goes over to how i use linux, too. there are very many unsolved problems and i have no idea how to fix them. obviously, nobody else here either.

http://www.linuxquestions.org/questi...hreadid=247020 i am not allowed to access my own printer, as a student not living in town centre a serious problem, as you might imagine
http://www.linuxquestions.org/questi...hreadid=260166 no proper function of kopete
http://www.linuxquestions.org/questi...hreadid=260321 unvulnerable file can't be deleted
http://www.linuxquestions.org/questi...hreadid=258986 corel doesn't like to be installed, lacking folders itself is supposed to create
http://www.linuxquestions.org/questi...hreadid=258542 cannot write on the upper level of my usb-stick
http://www.linuxquestions.org/questi...hreadid=256405 vlc media player installation won't work - even though i downloaded >20 .rpms there is still always something missing. redhat and debian version won't work either

i have got a very good explanation for how to use .tar.gz, i guess, but am still too respectful and lacking the concentration and time to try it ( http://www.linuxquestions.org/questi...hreadid=256394 )

another explanation i assume to be very good (and i am grateful to have it!) is how to format my harddisc when i want to use both linux and suse - since my digicam was never compiled for linux ( http://www.linuxquestions.org/questi...hreadid=244248 ) seems a bit complicated and since both linux lycoris and linux suse did as they wanted and not as i told them, i have not too much trust into a linux system formating my harddisc.

okay, talking about off-topic...
which?

regards
ungua

iptables!

This article made me think of this thread, and ror specifically. Not exactly spyware, but does show a good example of what I was talking about.

I'd advise all XP users to patch their systems. Oh wait, they can't. A patch doesn't exist yet.

I am a newbie too but I am confused. As of now, is it a high risk of getting spyware on Linux through web browsing, given the comparatively tight security measure in Linux? If so, how can we detect if a spyware is running and sending out info?

"An attacker would need to first entice the user to visit a specific Web site and then entice the user to take a series of specific actions on the Web site, then reboot or log off before the attack could succeed."

series of specific actions means that the user would have to be on the more clueless end to manage it.

Not to mention it's just another way to get something in via local zone, this time via help, oh, and "called from page" implies some kind of scripting too.

It's true but i've mever seen spyware in linux? :P If u got it from somewhere... then plz send me the link.... that would be quite interesting thing to look :P

Another one for ror. Hopefully the folks who make the linux desktops will keep design decisions that make things like this possible out of their codebases.

This is why a browser should be a browser and not do double duty as the system shell.