LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > General
User Name
Password
General This forum is for non-technical general discussion which can include both Linux and non-Linux topics. Have fun!

Notices


Reply
  Search this Thread
Old 08-06-2017, 08:05 AM   #916
IsaacKuo
Senior Member
 
Registered: Apr 2004
Location: Baton Rouge, Louisiana, USA
Distribution: Debian 9 Stretch
Posts: 1,956
Blog Entries: 7

Rep: Reputation: 277Reputation: 277Reputation: 277

Quote:
Originally Posted by 273 View Post
So you know of Windows malware able to autorun under Linux and install BIOS hack from a USB stick with no reprogramming of the USB stick?
If not what are you worried about?
This is exactly the kind of thing I think is overly cautious. By all means, do it, but unless one of your friends knows you run Linux and is willing to spend money on attempting to hack you, with the possibility of no return on investment, I fail to understand what you are worried about.
By the way, the above is not to say that I think there is no possibility of an edge case where an Windows machine becomes infected and due to some configuration or combination of programs being present on a Linux machine it then becomes infected too but unless you've a link to plausible evidence of it happening or even a good logical argument as to how it could happen, I'll treat it as a negligible risk.
Since I use almost exclusively Linux, my main concern is the sort of malware designed specifically to stealthily infect popular Linux LiveUSBs or installers. Solution is pretty simple - I don't use any used USB drives for bootable USB drives. And also, I don't use any of the popular Linux LiveUSBs or installers; my habit is still to burn install CD discs (I may change my habits after my stack of CDRs finally runs out, but I've still got quite a stack). This isn't a 100% defense, but there are practical limits, you know.
 
Old 08-06-2017, 08:06 AM   #917
rokytnji
LQ 5k Club
 
Registered: Mar 2008
Location: Waaaaay out West Texas
Distribution: AntiX 17 , ChromeOS
Posts: 5,101
Blog Entries: 20

Rep: Reputation: 2380Reputation: 2380Reputation: 2380Reputation: 2380Reputation: 2380Reputation: 2380Reputation: 2380Reputation: 2380Reputation: 2380Reputation: 2380Reputation: 2380
It gives a new perspective on ebay usb drive listings. That is for sure.

Govt sponsored attacks are within the realm of being affordable .

So luck of draw does apply I guess. I thanked a user for educating me on a question I asked. I probably will never see bad usb on the Mexican border.
 
Old 08-06-2017, 09:11 AM   #918
Trihexagonal
Member
 
Registered: Jul 2017
Location: Over the hills and far away
Distribution: FreeBSD and OpenBSD
Posts: 64

Rep: Reputation: Disabled
Quote:
Originally Posted by 273 View Post
So you know of Windows malware able to autorun under Linux and install BIOS hack from a USB stick with no reprogramming of the USB stick?
If not what are you worried about?

*snip*

...but unless you've a link to plausible evidence of it happening or even a good logical argument as to how it could happen, I'll treat it as a negligible risk.
Why should reprogramming the USB stick be a problem? Here's a tutorial on how to do it using Windows:

Make Your Own Bad USB

If that's not enough just google USB exploits+Linux. It shows "About 540,000 results".


I don't use Linux, only BSD. The people I know don't know enough about hacking to prevent themselves from being hacked, much less compromise me by intention. It's that very fact that makes me leery of accepting any USB device from them that isn't brand new and still in the package.

IMO there is no such thing as "overly cautious" when it comes to computer security, but you Admin your system as you see fit and I will continue to do the same.
 
Old 08-06-2017, 09:16 AM   #919
dave@burn-it.co.uk
Member
 
Registered: Sep 2011
Distribution: Puppy
Posts: 274

Rep: Reputation: 90
Quote:
Especially since everyone I know uses Windows and I have no idea what they do or have done on their machine.
But a Windows machine is far more likely to be running antivirus software than a Linux machine. Also don't forget that that most viruses are OS independant or are spread via browsers.
Also why are you more likely to know what Linux users are doing - in fact since most Linux software is written by amateurs it is more likely that it hasn't gone through rigorous testing.
 
Old 08-06-2017, 09:25 AM   #920
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 6,740

Rep: Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920
Quote:
Originally Posted by Trihexagonal View Post
Why should reprogramming the USB stick be a problem? Here's a tutorial on how to do it using Windows:

Make Your Own Bad USB

If that's not enough just google USB exploits+Linux. It shows "About 540,000 results".


I don't use Linux, only BSD. The people I know don't know enough about hacking to prevent themselves from being hacked, much less compromise me by intention. It's that very fact that makes me leery of accepting any USB device from them that isn't brand new and still in the package.

IMO there is no such thing as "overly cautious" when it comes to computer security, but you Admin your system as you see fit and I will continue to do the same.
Did you actually read the tutorial you linked to? Because it appears to suggest that badusb is a non-issue unless the person you obtained the stick from specifically went to the trouble of reprogramming a USB stick and resoldering a pin. I really am not sure how you expect Windows malware to do that all on its own?
So, again, your "security procedures" seem pointless. And, again, while there may be an outside chance that it may be possible for a piece of Windows malware to be hooked onto my an autorun process on Linux (or BSD, etc.) the chances are so remote and the chances of it not being detected by somebody who has likely shut off any "autorun" processes anyhow so low it's really not a viable concern. It's like worrying about catching AIDS from a door handle -- sure if you want to wear disposable gloves and go through complex procedures every time you use a door on the off chance you may suffer a one in a million infection go ahead.

IsaacKuo: DO you have an article explaining the bootloader infection? As it stands I don't think it does what the description you gave suggests it does. i.e. I don't think that something will autorun from a USB drive and infect a Linux bootloader regardless of what it's installed on. I'm also doubtful that something which infected the bootloader of a USB drive attached to a system with malware installed would survive that USB stick being dd'd with another image.

Perhaps I'm missing something but there seems to be a disconnect between what has been achieved and how and what is being perceived.
 
Old 08-06-2017, 09:26 AM   #921
Trihexagonal
Member
 
Registered: Jul 2017
Location: Over the hills and far away
Distribution: FreeBSD and OpenBSD
Posts: 64

Rep: Reputation: Disabled
Quote:
Originally Posted by dave@burn-it.co.uk View Post
But a Windows machine is far more likely to be running antivirus software than a Linux machine. Also don't forget that that most viruses are OS independant or are spread via browsers.
BadUSB is not detectable by antivirus programs.

Quote:
Originally Posted by dave@burn-it.co.uk View Post
Also why are you more likely to know what Linux users are doing - in fact since most Linux software is written by amateurs it is more likely that it hasn't gone through rigorous testing.
I'm on a Linux forum, aren't I? As if that had anything to do with it.
 
Old 08-06-2017, 09:48 AM   #922
IsaacKuo
Senior Member
 
Registered: Apr 2004
Location: Baton Rouge, Louisiana, USA
Distribution: Debian 9 Stretch
Posts: 1,956
Blog Entries: 7

Rep: Reputation: 277Reputation: 277Reputation: 277
Quote:
Originally Posted by 273 View Post
Did you actually read the tutorial you linked to? Because it appears to suggest that badusb is a non-issue unless the person you obtained the stick from specifically went to the trouble of reprogramming a USB stick and resoldering a pin.
No, you didn't read carefully enough. Infecting it with BadUSB is software only. The bit about manually connecting two pins is to reset the thing back to the original state (or to modify it again after the first time).
 
Old 08-06-2017, 09:49 AM   #923
Trihexagonal
Member
 
Registered: Jul 2017
Location: Over the hills and far away
Distribution: FreeBSD and OpenBSD
Posts: 64

Rep: Reputation: Disabled
Quote:
Originally Posted by 273 View Post
Did you actually read the tutorial you linked to? Because it appears to suggest that badusb is a non-issue unless the person you obtained the stick from specifically went to the trouble of reprogramming a USB stick and resoldering a pin. I really am not sure how you expect Windows malware to do that all on its own?
Yes I read it, from beginning to end. The soldering took place by the writer of the tutorial, not Windows malware.

I'm not going to debate the issue for the sake of argument, I already said you Admin your system as you see fit and I will continue to do the same.

If you think it's not a threat then so be it. What you eat don't make me fat.
 
Old 08-06-2017, 10:01 AM   #924
IsaacKuo
Senior Member
 
Registered: Apr 2004
Location: Baton Rouge, Louisiana, USA
Distribution: Debian 9 Stretch
Posts: 1,956
Blog Entries: 7

Rep: Reputation: 277Reputation: 277Reputation: 277
Quote:
Originally Posted by 273 View Post
IsaacKuo: DO you have an article explaining the bootloader infection? As it stands I don't think it does what the description you gave suggests it does. i.e. I don't think that something will autorun from a USB drive and infect a Linux bootloader regardless of what it's installed on. I'm also doubtful that something which infected the bootloader of a USB drive attached to a system with malware installed would survive that USB stick being dd'd with another image.

Perhaps I'm missing something but there seems to be a disconnect between what has been achieved and how and what is being perceived.
I'd have to search around to find an article with more technical information, but it's from the original BadUSB Black Hat presentation demos:
https://arstechnica.com/information-...ces-turn-evil/

The thing you're missing is that BadUSB doesn't autorun anything on the Linux computer. It autoruns the USB device's firmware on the USB device itself, which you simply can't avoid doing and still have a functional USB device. Remember that a USB device is fundamentally a small computer which communicates with your computer via a simple networking protocol.

So when the computer requests a bit of data from a USB drive's flash memory, the computer has no direct access to the flash memory hardware. It must request that data from the USB device's little computer, and the USB device returns that data - or, if the firmware is so programmed to - modified data. So, instead of returning the legitimate Ubuntu install file, it returns an infected Ubuntu install file. When it decides to, in order to try and escape detection from paranoid users.
 
Old 08-06-2017, 10:02 AM   #925
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 6,740

Rep: Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920
Quote:
Originally Posted by IsaacKuo View Post
No, you didn't read carefully enough. Infecting it with BadUSB is software only. The bit about manually connecting two pins is to reset the thing back to the original state (or to modify it again after the first time).
Quote:
Originally Posted by Linked Website
If you want to take further actions to your Bad USB, you will notice that neither DriveCom nor Windows nor any other operating system can access it, because it is a keyboard after all. We need to open the case of our USB drive and connect two pins of the microcontroller while plugging the drive into our PC.
"It is a keyboard, after all". So it's a keyboard able to do what a keyboard does.
I'm actually finding it difficult to even find an example of badusb in action.
To be more on topic I think that the chances of a USB stick picked up second hand causing any issues is a lot less than that of getting a bed-bug infestation from an old PC case or an old laptop having a catastrophic battery failure. The risks are so minimal, especially given that this is for use in old PCs running Linux, that I think it's a waste of money not to use an old USB drive "just in case".
 
Old 08-06-2017, 10:05 AM   #926
hazel
Senior Member
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: Debian, Crux, LFS, AntiX, NuTyX
Posts: 1,211

Rep: Reputation: 561Reputation: 561Reputation: 561Reputation: 561Reputation: 561Reputation: 561
@dave: Anyone who, with malevolent intent, left a drive lying about in the park for a random person to pick up would make sure that any software it carried would run under Windows. Because the chances of that person using anything other than Windows on a PC are vanishingly small. Linux malware would only be used to target a specific person who was known to be a Linux user.

Of course different rules apply in offices. A lot of office servers run Linux even if the desktop machines don't, so putting Linux malware on such a drive and leaving it lying around in the building (or gifting it as a commercial freebie) would make a lot of sense.

In any case, I'm not planning to boot from this drive. I have a couple of shop-bought 8GB drives that I use for installation images. What I intend to do with this much larger drive is to tar up my four main Bigboy partitions (Crux, LFS, Debian and home/documents) and copy them onto Littleboy for safety in case I run into serious mobo trouble (see my posts in the hardware forum for accounts of recent misbehaviour).

In my fstab, usb drives are user-mountable, which means automatic noexec.
 
Old 08-06-2017, 10:06 AM   #927
273
LQ Addict
 
Registered: Dec 2011
Location: UK
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 6,740

Rep: Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920Reputation: 1920
Quote:
Originally Posted by IsaacKuo View Post
The thing you're missing is that BadUSB doesn't autorun anything on the Linux computer. It autoruns the USB device's firmware on the USB device itself, which you simply can't avoid doing and still have a functional USB device. Remember that a USB device is fundamentally a small computer which communicates with your computer via a simple networking protocol.

So when the computer requests a bit of data from a USB drive's flash memory, the computer has no direct access to the flash memory hardware. It must request that data from the USB device's little computer, and the USB device returns that data - or, if the firmware is so programmed to - modified data. So, instead of returning the legitimate Ubuntu install file, it returns an infected Ubuntu install file. When it decides to, in order to try and escape detection from paranoid users.
Thanks, that expansion makes it clear to me. The device firmware could be changed at any point and still behave normally but cause issues with Linux installers. I'll read the attached but still not convinced this is a reason to eschew found USB drives as the complexities are a little too great for the average script kiddy.
 
Old 08-06-2017, 02:15 PM   #928
dave@burn-it.co.uk
Member
 
Registered: Sep 2011
Distribution: Puppy
Posts: 274

Rep: Reputation: 90
I said that most modern malware is NOT OS dependant and would likeley attack using machine level code - and even if it didn't actually affect Linux, it would still be passed on , like Typhoid Mary did all those years ago.
 
Old 08-07-2017, 10:19 AM   #929
rvijay
Member
 
Registered: Aug 2003
Location: Quebec, Canada
Distribution: Debian HD install of Knoppix 5.0.1
Posts: 921
Blog Entries: 15

Original Poster
Rep: Reputation: 43
As a general rule, the more icky stuff you can handle in dumpster diving, better will be your finds. If you can't handle icky stuff, then you must not be diving.
Open and spilled coffee cups are normal, as are used and sometimes even soggy clothes. Some cut open the garbage bags inside the dumpster, if this is done, then can expect to find even hair, used tissue papers etc., to say the least. Once I even came across two used condoms in one dumpster. Just left that dumpster alone the moment I saw it and then moved on. As a general rule, if there is open food in the dumpster, I just leave it for the birds in an open area. There are even reports of folks finding abandoned pets etc., in dumpster. So, be prepared for all these. My worst nightmare is finding human body parts, if ever something like this happens it is best to call the cops. These are just some of the common sense things I have learned in regards to dumpster diving in residential area.

Now in regards to IT items, most are thrown as the owner gets a new one or is moving etc., Also, these items are usually dirty and need some cleaning as I have mentioned before. I have found only one USB key and it has a key chain that is badly rusted, so figure this was the reason it was thrown. My hair dryer is very useful for cleaning insides of abandoned old computers of all the dirt. For the finer areas I use a tooth pick.

Presently tho, I haven't dumpster dived in almost 4 weeks now due to swollen feet. However this got me into gardening, sprouting and microgreens. Had a very nice harvest of brown lentils microgreens that will last me for two weeks or so just now. Also growing sunflower seed sprouts and flax seed sprouts. Have a tomato plant and bean plant growing in my garden. Have several starter seedlings growing, will see how they come out. I still have a lot to learn about gardening, sprouting and microgreens. Also, plan to learn about fermented foods in the future. Thanks to my old computer and the net, that I was able to minimize mistakes in my trials and learn more efficiently so far. Some have great experience and were kind enough to share some tips with me. The one thing I need now are grow lights which I have to buy. I am sharing this as life is a balance and helps to use old computer parts in garden also. The cardboard boxes of old computers and IT parts can be added to the compost bin, I also add pieces of these to pots. That way these are recycled.
The screws, damaged cables etc., can be used to stake plants. The glass plate from printers are extremely useful to cover pots with seedlings that need to be kept outside (indoors they become leggy and then slowly die). It is vital to avoid toxic IT parts in garden tho, unless it is a flower pot. At this point I welcome any other creative suggestions from folks about using old IT parts for gardening, specially in containers. Thanks in advance.

Edited to add:
I just found these, need to explore more:
https://en.wikipedia.org/wiki/Comput..._garden_design
http://lifehacker.com/5888532/how-to...ze-your-garden

Edited again to add :
There are those good with IT and also a very intense green thumb. These folks are using computers very nicely to grow plants. Here are some related images that give good ideas:
http://tinyurl.com/yb94u4cp

Last edited by rvijay; 08-07-2017 at 12:13 PM.
 
Old 08-16-2017, 02:10 AM   #930
rvijay
Member
 
Registered: Aug 2003
Location: Quebec, Canada
Distribution: Debian HD install of Knoppix 5.0.1
Posts: 921
Blog Entries: 15

Original Poster
Rep: Reputation: 43
This article was written around the P2 era, so presently this is considered as old computer.
This article shows the vital role Linux plays in agriculture:
http://www.linuxjournal.com/article/3292

I hope to benefit from the connection between old computers, linux and plants a bit.
When looking for used IT items, I will also look for some plants that I can collect and eat. Will watch this video in future and learn from it:
https://www.youtube.com/watch?v=dabvs-jriL8

At this point, I am going to stop exploring old computers for their own sake for sometime.
I am going to accept an old computer as a complete tool for eg., like a swiss knife and explore its applications more. This is a new mindset, costs nothing, so will see what I can get from it.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to establish "ssh" trusted hosts between PCs with non-root users? rainman1985_2010 Linux - General 3 09-10-2011 11:11 PM
what is all this OSes khodeir Linux - General 3 02-24-2009 05:43 PM
Alien OSes sancho5 Linux - General 3 01-26-2006 09:36 PM
Three OSes - Is it possible? Jongi Linux - General 9 05-20-2005 12:21 PM
Different OSes SnowSurfAir Linux - Software 10 04-17-2004 10:42 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > General

All times are GMT -5. The time now is 05:58 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration