LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 10-10-2005, 06:56 PM   #16
aysiu
Senior Member
 
Registered: May 2005
Distribution: Ubuntu with IceWM
Posts: 1,776

Rep: Reputation: 66

Quote:
Originally posted by KimVette
[B]Why do people still get their panties in a bunch over cookies, especially since every browser on the planet except IE allows you to closely control and monitor where cookies are originating?
I think it's self-fulfilling: because AdAware and other spyware scanners identify cookies as "spware" or "adware," people then think cookies are bad.

And, you're right--most non-IE browsers have great cookie control. And if you're really worried about it, even in IE you can delete cookies. Firefox is my favorite because I can have Firefox accept all cookies but automatically delete cookies every time I close Firefox (and I can specify exceptions to the rule for cookies I want to keep). That way things are clean. I don't have to keep cookies I don't want, but I'm not blocking cookies that keep my browser from functioning.
 
Old 10-19-2005, 02:12 AM   #17
DanielTan
Member
 
Registered: Sep 2004
Location: Malaysia
Distribution: FC6, Solaris
Posts: 340

Rep: Reputation: 30
Hi , i just browse through and how do we know we have spyware in linux ? I think we cannot take for granted there is none spyware for linux. Any linux spyware ? As for rootkit, any software can remove it ?

Rgds
Daniel


Quote:
Originally posted by KimVette
Why do people still get their panties in a bunch over cookies, especially since every browser on the planet except IE allows you to closely control and monitor where cookies are originating?

I let my browsers accept all cookies. Why? They cannot execute code. (Good) Browsers limit how sites can access cookies. So I might be targeted with more relevant ads. Good. I will see fewer ads for icky stuff, and more ads for tech stuff and mainstream movies, since I use the web mainly for technical info and reading IMDB. Big fookin' deal, advertisers can cater more closely to stuff I might actually consider buying. Also, sites will be able to maintain a session state better. Real scary stuff there!


http://www.cookiecentral.com/
http://www.cookiecentral.com/faq/
http://www.webopedia.com/TERM/c/cookie.html

Yeah. Scary stuff indeed. Ever hear of chicken little?

AntiSpyware is not required. I'd be more worried about rootkits. Download chkrootkit, rkhunter, and other rootkit detection scripts. Quit worrying about cookies. They're harmless.
 
Old 10-19-2005, 02:26 AM   #18
DanielTan
Member
 
Registered: Sep 2004
Location: Malaysia
Distribution: FC6, Solaris
Posts: 340

Rep: Reputation: 30
Hi, doesn't when we compile the source or binary package in linux , does it consider to be executable ? Pls explain how to use mount to secure ?

Rgds
Daniel

Quote:
Originally posted by enyawix
Ad-Aware and Virus is not yet an issue, but I would take steps now. Programs should not be executable from /home /tmp and /var

I use mount to secure /home /tmp and /var

/dev/sdc1 on /home type reiser4 (rw,noexec,nosuid,nodev,noatime)

/mnt/var.img on /var type reiser4 (rw,noexec,nosuid,nodev,noatime,loop=/dev/loop0)

/tmp -> /var/tmp.tmp

Now system is harder to infect.
 
Old 10-19-2005, 02:47 AM   #19
mr_demilord
Member
 
Registered: Sep 2005
Posts: 244

Rep: Reputation: 30
Quote:
Do we need Antispyware in Linux?
No.

Quote:
Do we need rootkit hunters?
No & Yes.

If you use your brain and only visit known and original sites that are known to be safe.

Propriate software is beginning to be booming on linux.
Like Nero, Adobe Reader
People who used pirated software on windows and start using linux and installed nero, and they want the full version and downloaded a keygen are vurnable for rootkits in my eyes.

I only browse sites I trust and are known to be safe, I only download the software from their original developement site/ftp. and always check the md5checksum

Last edited by mr_demilord; 10-19-2005 at 02:55 AM.
 
Old 10-19-2005, 02:58 AM   #20
mr_demilord
Member
 
Registered: Sep 2005
Posts: 244

Rep: Reputation: 30
Quote:
Hi, doesn't when we compile the source or binary package in linux , does it consider to be executable ? Pls explain how to use mount to secure ?
If use mount your filesystem noexec all the files are non executable and are not allowed to have a executable bit.
If you try to execute a file you get a permission denied warning.
Correct me if I'm wrong.
 
Old 10-19-2005, 03:11 AM   #21
fouldsy
Senior Member
 
Registered: Jan 2002
Location: St Louis, MO
Distribution: Ubuntu
Posts: 1,284

Rep: Reputation: 47
As mr_demilord said, spyware isn't a big issue in my opinion if you don't screw around downloading crap off the Internet and opening every attachement e-mailed to you. The only Windows machines at work that become infected with virus + spyware turn out to be those popping up in the Internet logs trying to access stuff they shouldn't. In the same way you get virus scanners that sit monitoring mail queues and running alongside Squid or DansGuardian for example to filter out virus coming in over the Internet on Linux boxes, I'd like to see something similar for spyware. Don't know how it work otherwise I'd have a go implementing something myself, but from home a user point of view, spyware shouldn't be an issue if you're sensible, especially under Linux. There will be spyware that becomes targeted at Linux users in the same way Mac users are starting to become targets, simply as the number of users increase, but since most people running Linux + Mac kinda know their thing, it's always going to be difficult and not really worthwhile for writers of such crap to spread it around.

Alternatively, just unplug your box from the net and surround your case in tin foil, especially if you're worried about those yummy cookies with chocolate chips in...
 
Old 10-19-2005, 03:16 AM   #22
DanielTan
Member
 
Registered: Sep 2004
Location: Malaysia
Distribution: FC6, Solaris
Posts: 340

Rep: Reputation: 30
But we cannot presume it is safe everytime even with known website. Just want to be cautious maybe visit to a new site or even installing from trusted site. Any rootkits detectors out there ?

Rgds
Daniel


Quote:
Originally posted by mr_demilord
No.


No & Yes.

If you use your brain and only visit known and original sites that are known to be safe.

Propriate software is beginning to be booming on linux.
Like Nero, Adobe Reader
People who used pirated software on windows and start using linux and installed nero, and they want the full version and downloaded a keygen are vurnable for rootkits in my eyes.

I only browse sites I trust and are known to be safe, I only download the software from their original developement site/ftp. and always check the md5checksum
 
Old 10-19-2005, 03:19 AM   #23
DanielTan
Member
 
Registered: Sep 2004
Location: Malaysia
Distribution: FC6, Solaris
Posts: 340

Rep: Reputation: 30
But then how to install any software on it ?

Rgds
Daniel

Quote:
Originally posted by mr_demilord
If use mount your filesystem noexec all the files are non executable and are not allowed to have a executable bit.
If you try to execute a file you get a permission denied warning.
Correct me if I'm wrong.
 
Old 10-19-2005, 03:53 AM   #24
mr_demilord
Member
 
Registered: Sep 2005
Posts: 244

Rep: Reputation: 30
Quote:
Originally posted by fouldsy
There will be spyware that becomes targeted at Linux users in the same way Mac users are starting to become targets, simply as the number of users increase, but since most people running Linux + Mac kinda know their thing, it's always going to be difficult and not really worthwhile for writers of such crap to spread it around.


One thing, I think they wont do as much as harm as spyware does on windows, because windows executables has more priveledges then executables on a *nix/mac operating system.
I also think that it is easier to track down spyware/chrootkit on *nix/mac then windows...... or am I wrong?
 
Old 10-19-2005, 04:21 AM   #25
fouldsy
Senior Member
 
Registered: Jan 2002
Location: St Louis, MO
Distribution: Ubuntu
Posts: 1,284

Rep: Reputation: 47
Quote:
Originally posted by mr_demilord
One thing, I think they wont do as much as harm as spyware does on windows, because windows executables has more priveledges then executables on a *nix/mac operating system.
I also think that it is easier to track down spyware/chrootkit on *nix/mac then windows...... or am I wrong?
I'd go along with that, although I still see people that appear on IRC logged in as root...

Tracking down infections isn't easier on Linux IMHO, as there are some very good tools for Windows that even my mother can use to find + clean viruses and spyware. Most Linux tools for detecting infiltrations are slightly more complicated, but not beyond the grasp of anyone able to understand the need to run a check!

The privileges point holds true for Windows though - if you have your Windows system setup with normal user privileges, i.e. not logging in as a user with full admin rights, you're not going to have many problems as large parts are protected. Sure, you can go nuts and see how damage you can create, but my first line of the post covers that!
 
Old 10-19-2005, 05:36 AM   #26
nelamvr6
Member
 
Registered: Oct 2005
Location: New London, CT USA
Distribution: Ubuntu 7.04
Posts: 49

Rep: Reputation: 15
I remember that a few years back spyware on windows machines was unheard of.

I believe you guys when you say there isn't much to worry about...right now. But I would like to take a proactive approach. In my mind it would be much better to aggressively prevent spyware wherever possible than to just assume we are invulnerable.
 
Old 10-19-2005, 08:27 AM   #27
spindles
Member
 
Registered: May 2005
Location: New Zealand
Distribution: Suse 9.1 Linux 2.6.4-52-default, Kubuntu Feisty
Posts: 136

Rep: Reputation: 15
My totally unsophisticated, but really simple cookie-filtering solution:
Browse regularly used sites, like Linux Questions, with Konquerer. Accept all cookies.
(Make many Linux/technical related bookmarks here also.)
Browse for entertainment, news etc. with a lot of link-following using a different browser (Opera, Firefox).
When finished dump all cookies, or clear the cache. Personally I think Opera makes it easiest to do this--by having "Delete all private data" right on the menu.
Talk about low-tech.
 
Old 10-19-2005, 11:03 AM   #28
muddywaters
Member
 
Registered: May 2005
Location: Winnipeg, Canada
Distribution: mostly mepis
Posts: 427

Rep: Reputation: 30
I'm likely less sophisticated when it comes to understanding browsers than most people. One thing I find unnerving is that my internal address can be
retrieved from behind a router as shown here
http://www.auditmypc.com/freescan/scanoptions.asp
Maybe this is a normal situation but I always thought this information was shared only between the computer and the router. I suspect disabling some browser options would prevent this (java possibly ?) but would hate to lose that kind of functionality. It makes me curious what other information my computer is offering up.
The real answer is probably to browse carefully as others have already said.
 
Old 10-19-2005, 11:15 AM   #29
nelamvr6
Member
 
Registered: Oct 2005
Location: New London, CT USA
Distribution: Ubuntu 7.04
Posts: 49

Rep: Reputation: 15
Quote:
Originally posted by muddywaters
I'm likely less sophisticated when it comes to understanding browsers than most people. One thing I find unnerving is that my internal address can be
retrieved from behind a router as shown here
http://www.auditmypc.com/freescan/scanoptions.asp
Maybe this is a normal situation but I always thought this information was shared only between the computer and the router. I suspect disabling some browser options would prevent this (java possibly ?) but would hate to lose that kind of functionality. It makes me curious what other information my computer is offering up.
The real answer is probably to browse carefully as others have already said.
Remember, that is a link you clicked on. That doesn't me that just anybody out in the wild can find your internal address just by snooping.

What this points out to me more than anything else is that prudent behavior while cruising the web can go a long way toward protecting your system.
 
Old 10-19-2005, 01:53 PM   #30
springshades
Member
 
Registered: Nov 2004
Location: Near Lansing, MI , USA
Distribution: Mainly just Mandriva these days.
Posts: 304

Rep: Reputation: 30
The major danger as I see it is proprietary installers. Most likely source packages should be fine (because most likely they don't want everyone to see what they're doing... not like most of us could understand the source code or anything). Also, binary packages from your distribution through known repositories should be fine. However, programs that have built in installers (there are getting to be more and more) could at any time start putting in adware spyware. These could take the forms of add-ins/extensions for firefox or ads showing up in real player for linux at some point. The thing is that when you install something, you install it as root. That means that once you've installed it, it could install a portion of the program in /usr/bin with normal user priveledges (safe) and then another part as a line hidden in one of your start up scripts that points to a program in /usr/sbin so that it runs with full root permissions (VERY VERY bad). This would basically be no different than spyware in Windows in my understanding... The one thing that could be really bad is if someone someday manages to hack some package repositories for a major distribution and throws some really big, bad, and nastys into it...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
link dies intermittently-seemingly at random- between win<->linux not linux<->linux?? takahaya Linux - Networking 10 03-09-2007 10:37 PM
triple boot linux/linux/linux No Windows involved toastermaker Linux - Newbie 12 03-02-2006 10:40 PM
Microsoft Antispyware program Micro420 General 20 03-15-2005 12:41 AM
Redhat (rhel v2.1) bootup problem with linux (linux vs linux-up) namgor Linux - Software 2 06-24-2004 02:49 PM


All times are GMT -5. The time now is 08:00 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration