Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I just read the above article. Someone in Communist China has found a way to create a virus in the Android operating system. Android is a Linux fork.
It looks as though the virus is quite specific: it only works on certain apps downloaded from Communist China. I'm hoping that the Google Android version of Linux is different enough from the standard Linux it was "forked" off of that it will be of no concern to we desktop Linux users.
Does this mean that we Linux users must begin running anti-virus software as a continuous process now? What is the chance standard distros will be affected?
The infected apps included repackaged versions sold in China of Monkey Jump 2, Sex Positions, President vs. Aliens, City Defense and Baseball Superstars 2010.
Don't go to China and buy this stuff. Case closed.
A very large percentage of phone firmware is Linux-based. That does not mean that one exploit will work on everything that is Linux-based.
Even Android phone (or tablet) owners need not worry about this. If they get their software only from trusted repositories, they'll be better off.
IMO, there is little chance of this affecting other distributions. Whenever malcode is injected into a distro's repository (Debian, for instance), the issue only affects that distro (why would such an issue affect other distributions?). It would be different if the 'virus' actually took advantage of a known vulnerability. This 'virus' appears to be relying on the ignorance of the typical phone user.
It isn't an issue, IMO....certainly not enough to start considering a Linux AV solution as a standard software install.
Well, Android has much more of a possibility to harbor malware as it is much more popular. It also has a different API/ABI than standard Linux (thanks to Java) so viruses on Android aren't likely to affect standard Linux in any way (okay, maybe NDK viruses but not SDK viruses).
*nix is and has never been immune to things like this .Rootkits have been around for a long time
THIS kind of thing is WHY repos are singed and the rpm's , deb's , or xz's are singed and that source tarballs have a signature to check against .
1) No operating system is completely safe from malicous code.
2) This exploit is made possible by people willing downloading and executing a piece of code from a 3rd party app provider, so it's not like it's some systemic problem with the Android OS. It's just bad decision making practices on behalf of the user.
I'm really baffled as to how this one specific issue changes any sort of game that might exist. As stated there have been vulnerabilities in linux software for aaaaaaages, why is this one example interesting?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
Linux Virus???
