This guy claims he was infected with Malware in Linux, but he lost me during the Video, if somebody is board they can see if there's any merit to what he's saying or just an idiot.
http://www.youtube.com/watch?v=94QsgdXnsmU

I've run Linux for over 10 yrs and never had an issue like I assume most people haven't.

<SARCASM>
Adobe Flash Player is vulnerable to exploits? Huh? Go figure.
</SARCASM>

1 members found this post helpful.

It's certainly possible, although extremely unlikely. Going to the pirate bay without script blocking and/or flashblock is probably one of the best ways "try" to get nailed though.

I hate Adobe products with passion.

The video you are linking requires FP to see it, I have to use Unplug for FF and download it if I want to see it (which is really pointless in this case) and then I open it with VLC.

I took a paranoid approach to the web: I have NoScript & Flashblock to block most of the web junk, Firebug for debugging (most of the time I use it to remove layers of nasty ads), Stylish for sites like Facebook (to permanently remove ads), and User Agent Switcher for some web sites.

I know NoScript and Flashblock may be redundant, ok. just my opinion.

RM.

Total BS, probably some Microsoft employee.

There are many security sites that still show holes in almost every OS and every application.


You may have run linux for ten years but you do not know you have or have had an issue is the correct statement. Not knowing is different than knowing.

Linux can be hacked, linux is not secure. There are many actions that may make it more secure but it is not secure by default or by design.

that's why we should go back to windows, I guess.

whether this user was talking rubbish about their own situation or not,linux is definitely not invincible-the metasploit framework is just one place where various linux and native linux program exploits are databased as well as produced.

+1 to Jefro and Aut/Geek.

No OS is invincible. Linux is much more secure than almost all the others (from what I've read, BSD may be the most secure), but "more secure" does not mean invincible.

I find myself somewhere between bemused and distressed by those who think Linux is invincible. It is always wise to practice safe hex.

Kernel.org was hacked. http://ostatic.com/blog/oh-no-kernel-org-was-hacked

I guess one should run the OS that they want. If you want you can run windows.

The BSD's have proven to be some of the most resistant but that only includes the OS and not any application on it. A hole in a standard app ported to all platforms tends to have the same hole.

There are millions of exploited servers and home machines being used by someone other than their respective owners.

Working at an ISP, the cluster of spam appliances block hundreds/thousands of these malicious URL's and links, however it is dynamic always changing.

Thus, the reason to always be on guard, read up on security and/or restricting resources from running on your machine.

The one common trend I have noticed with Adobe and its products, they are often patched more than used.

Lastly, any machine be it a server/laptop/netbook facing the Public Internet needs to be secured regardless of platform.

First of all, I suggest that we stop using "biological metaphors," such as "infect" or (for that matter...) even "virus."

If you, as a biological organism, inhale a virus particle that your immune system doesn't manage to destroy, then you will get sick whether you wanted to do so or not. But a digital computer is not a biological organism.

Call them: "rogue programs."

Windows users are historically vexed with rogues because they run their systems with the OS's formidable protective mechanisms turned off. There are no passwords, and the user is designated as "all powerful." Since rogues necessarily run with the credentials of their unwitting user, the rogues possess supreme privileges that the operating system has no reason to question. But it's not because the rogue programs are bearing some secret wafer of Kryptonite: it's because the security of the entire system has been knowingly disabled by its vendor. (Which makes a lot of money for Mr. McAfee, who pays a lot of that money to Microsoft.)

But ... every operating system, including Linux, has vulnerabilities. The reason for the sharp decline in rogue problems in Linux or OS/X is simply that, in these systems, security is even slightly "turned on." Rogues are strictly opportunistic. They troll through millions of systems looking for open doors, and, as it were, find millions of them open. Even the most trivial padlock will turn them away.

Heh... "rogue programs". They're called "viruses" in the computer world because they self replicate/propagate, like a real world virus. Just like trojans don't come from Troy, but get on systems by posing as something you actually want to run. "Virus" is far easier to say than "rogue program that spreads by exploiting and replicating onto remote systems".

What you're going off about isn't totally off-yer-rocker, though. Most malware are incorrectly classified as a virus. Viruses are viruses, malware are malware, rootkits are rootkits... bootloaders, trojans, and the classifications go on. You'll notice that the classifications are based on the behavior of the "offending code".

Most of these get plugged into the moniker of "virus" however, so that legislation doesn't require differentiating all the classifications when writing up ways to penalize the authors.

...

Back to the thread though... yes. I've seen rootkits get onto linux boxes because they weren't sufficiently updated and firewalled; usually to construct temporary phishing sites. Pick your platform and keep it up to date. And use tools to keep tabs on your system, like rkhunter.