[SOLVED] Remove greeter virus when customizing Ubuntu 18.04
UbuntuThis forum is for the discussion of Ubuntu Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
seasoned_geek, just install Debian and, with respect, stop being silly.
Ubuntu has a price and you know it now. Everything costs people time and effort and they all choose how they wish to be rewarded for that. You are free to not pay at all for GNU/Linux or, alternatively, to choose to pay by having an install method you don't like which offends you in some way or just paying cash.
seasoned_geek, just install Debian and, with respect, stop being silly.
Ubuntu has a price and you know it now. Everything costs people time and effort and they all choose how they wish to be rewarded for that. You are free to not pay at all for GNU/Linux or, alternatively, to choose to pay by having an install method you don't like which offends you in some way or just paying cash.
Change of distro not an option.
Other than that I cannot make heads or tails of your rant.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by seasoned_geek
Change of distro not an option.
Other than that I cannot make heads or tails of your rant.
Then might I suggest you ask your Canonical representitive how to do what you want to do. For the fees you are paying you may get an answer from tech support. I take it you are paying the limited company based upon making money from an OS and support for that oS for some kind of support?
Otherwise, why do you expect people to work for no payment to make your life easier?
Why can't you use any other distribution apart from the one which will not do what you pay them for?
The desktop welcome screen only activates once, and it neither replicates its code throughout the disk - into unrelated files - nor infects system memory. It neither corrupts the system nor destroys data, as a virus typically does. It neither obfuscates its code to make hex editing and disassembly harder, nor does it pass control from an infected to a non-infected file as two certain subtypes of viruses might do. To suggest that the greeter is a virus implies that welcome screens for any application which starts up without user approval are viruses -- even a virus scanner.
The desktop welcome screen only activates once, and it neither replicates its code throughout the disk - into unrelated files - nor infects system memory. It neither corrupts the system nor destroys data, as a virus typically does. It neither obfuscates its code to make hex editing and disassembly harder, nor does it pass control from an infected to a non-infected file as two certain subtypes of viruses might do. To suggest that the greeter is a virus implies that welcome screens for any application which starts up without user approval are viruses -- even a virus scanner.
To suggest that a piece of software which fights every attempt at removal isn't a virus is highly unethical and shows a severe lack of industry experience.
The very first virus ever created was simply funny.
That greeter keeps multiple copies of itself scattered about AND some of those copies keep a TryExec= so it can backdoor running and having a user happy key through, allowing Canonical to obtain information on the user and computer.
Have you read EVERY line of code for that greeter? Are you 100% certain what it gathers and reports once one happy keys through the screens just to get rid of it?
The dialog may appear only once, but the gathering and reporting continues forever once a person happy keys through.
From a technical and personal privacy standpoint, that greeter is the gateway to disaster. Once happy keyed through there will be a (fairly well) known application which can then be exploited. It already gathers some information and sends it off somewhere, replacing it with another application that gathers __lots__ more sending it off to insert-identity-theft-crime-organization-here not a huge trick.
Honestly, the entire security issue was a distant second for needing to remove. Primarily we couldn't have it on the screen. Technically I didn't remove it, just removed it from the screen and blocked its configuration.
A piece of software does not need to cause damage to a computer system to be classified as one or more virus types. Today's most successfull and prolific viruses do no damage what-so-ever. They read a little and send a little each and every day seeking to remain hidden until they have read and sent everything.
To be clear, I never said that every piece of software which fights user attempts at removal (like Internet Explorer in the Windows 98 days) isn't a virus.
All I'm saying is that most characteristics of a virus are not met by a welcome screen. For the burden of proof to be met, it would have to be much more like a typical virus than not. Also, and most importantly here, the burden of proof has to be met by the one making the allegation.
I'm well aware that some viruses don't have adverse effects (I did say, after all, as they typically do) on a system. I can think of a couple off hand, and one that even applied beneficial security patches.
But do you know for a fact what the welcome screen is doing? Do you know what or if it is sending to Canonical? The idea that user statistics are a gateway to identity theft crime is almost inducing fear which I'm sure you'll agree is not conducive to a fruitful discussion on any subject.
I know a good way to find out once and for all if virus or no: Send the greeter to an online multi-engine scan tool. Bam, problem solved.
Last edited by RickDeckard; 11-20-2018 at 03:11 PM.
To be clear, I never said that every piece of software which fights user attempts at removal (like Internet Explorer in the Windows 98 days) isn't a virus.
All I'm saying is that most characteristics of a virus are not met by a welcome screen. For the burden of proof to be met, it would have to be much more like a typical virus than not. Also, and most importantly here, the burden of proof has to be met by the one making the allegation.
I'm well aware that some viruses don't have adverse effects (I did say, after all, as they typically do) on a system. I can think of a couple off hand, and one that even applied beneficial security patches.
But do you know for a fact what the welcome screen is doing? Do you know what or if it is sending to Canonical? The idea that user statistics are a gateway to identity theft crime is almost inducing fear which I'm sure you'll agree is not conducive to a fruitful discussion on any subject.
I know a good way to find out once and for all if virus or no: Send the greeter to an online multi-engine scan tool. Bam, problem solved.
It's sending lots and the DEFAULT answer is to send everything. See "ubuntu-privacy-invasion" image.
Any system wide automated information collection program which is widely known can be hijacked. This isn't inducing fear this is fact. Every Debian you install prompts for sudo password and people blindly provide it.
As for your suggestion to test, won't work and isn't reliable. You need to dig through the back issues of "Computer World." Microsoft appears to have done a good job of scrubbing the content from the Internet, but Norton correctly identified Windows 95 as a virus. (Might have been 98, but I really believe it was 95, the bug riddled version hated even more than Vista.)
I guess you'll rant on me and maybe I'm just an old dumb guy but what happens if you click 'No, don't send system info'? I actually don't remember seeing this screen in my 14.04LTS, 16.04LTS or 18.04LTS.
Wow, this conversation as seriously deteriorated. Pretty sure the members are trying help you, seasoned_geek - no need to lash out at them with psychotic rants. There are some pretty intelligent people here and there is an extreme level of paranoia in your posts. As suggested, take this up with canonical.
Wow, this conversation as seriously deteriorated. Pretty sure the members are trying help you, seasoned_geek - no need to lash out at them with psychotic rants. There are some pretty intelligent people here and there is an extreme level of paranoia in your posts. As suggested, take this up with canonical.
Sorry if you feel that way. I already posted the answer about how to disable it. Many others are looking for that answer judging from the please I found when searching.
I don't need any more information on this matter and haven't since I posted the actual answer.
The rest of this has been people trying to justify the existance of a virus.
As for "extreme level of paranoia in your posts" once you've worked in a regulated industry, you will realize every hour of every day is spent trying to stop the Googles and FaceBooks of the world from gathering every piece of information ever to be created. It's not paranoia when it's your job. Why? Because this happens:
Once hackers determine Canonical has their own data collection tool sitting on your computer and most users happy-key through the default of "send everything" two things will happen.
1) Canonical will be the target of hackers for a data breach.
2) Someone will release something into the wild which adds a bunch more data collection to said tool and redirects it to a "special" server.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
If you are serious please explain, exactly, why you cannot use anything but Ubuntu?
Also, please explain what the Canonical representatives you pay for support said about this?
If you are serious please explain, exactly, why you cannot use anything but Ubuntu?
Also, please explain what the Canonical representatives you pay for support said about this?
The ultimate consumer of this wanted Ubuntu. Their reasons are their own. It was never an issue until the virus (or seriously potential threat of comprimize which currently collects unknown amounts of data on each machine/user) appeared in 18.04.
As I said, I'm done with this topic. It is ___NEVER__ a good idea to allow anything on your computer which collects and transmits __ANY__ information about you, your computer, or whatever.
It is ___NEVER__ a good idea to allow anything on your computer which collects and transmits __ANY__ information about you, your computer, or whatever.
Sorry to insist but, as suggested by Toadman in #23, what prevents your customer from clicking the No option in the greeter?
so the fact that the greeter pops up after login and is hard to disable proves that it collects user data and sends it to ... canonical i guess???
do we have any proof of that claim, or at least anything supporting that idea?
so the fact that the greeter pops up after login and is hard to disable proves that it collects user data and sends it to ... canonical i guess???
do we have any proof of that claim, or at least anything supporting that idea?
You obviously don't look at screenshot attachments which appeared earlier in this thread.
What "prevents" someone from clicking "no?" That's simple. The entire dialog sequence is setup to encourage a user to "happy key" through AND THE DEFAULT IS YES.
Can you prove a user selecting no actually stops the virus from collecting and sending information about you?
You do know that the "don't track me" option most modern browsers have doesn't actually stop sites from tracking you or gathering inforomation on you, correct? Like the door close button on most elevators, it's a placebo. Just there to make people _think_ they have control. Can you prove beyond a shado of a doubt clicking no stops both collection and transmission?
I'm through with this debate so hopefully the powers which be will lock the conversation from further comment.
It's a virus.
The client doesn't want to see it on the screen.
No amount of arguing will change the last and anyone working professionally in IT believes the first.
In professional circles a virus is
anything which collects and possibly transmits data about the environment or user where the user did not deliberately and explicitly give permission
I found and posted the answer to my own technical question. People trying to claim this doesn't qualify as a virus are providing too much invalid information. Any piece of software which could potentially be touched by a UK citizen runs risk of violating the GDPR, especially if you design an entry sequence which entices users to happy-key through consent.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.