Linux infection proves Windows malware monopoly is over

[Mark Lane]

On Tue, Jun 15, 2010 at 3:33 AM, Mike Oliver <moliver-fC0AHe2n+mcIvw5+aKnW+Pd9D2ou9A/h at public.gmane.org> wrote:
> Quoting Lennart Sorensen <lsorense-1wCw9BSqJbv44Nm34jS7GywD8/FfD2ys at public.gmane.org>:
>
>> On Mon, Jun 14, 2010 at 11:54:56AM -0400, Digimer wrote:
>>>
>>> This isn't a virus in the traditional sense. It didn't spread, it was
>>> embedded in a package. It's still a big deal, but it should be discussed
>>> for what it is.
>>
This wasn't a virus at all. traditional or otherwise. It's a back
door. And it really isn't a big deal. It's an obscure package on a
distro that isn't one of the major players. Also It's not the first
time someone has put a back door in OSS.

>> And it only has access as the user you ran the server as.  Now if you
>> ran it as root, then you are of course an idiot. :)
>
> Well, there's plenty of nasty stuff a program can do with just the
> privileges of the sole non-root user of a typical home system.  For example,
> it could look in your .mozilla tree and grab your passwords, unless you have
> them encrypted.  You *should* have them encrypted, of course.  But what
> fraction of users really do?  It's an extra hassle.
>
You do realize that this was a IRC server. It should be running as
it's own user and not someone's user account. Also it was easily
detected if you checked the signature. Bott is just trying to stir up
something he knows nothing about.


-- 
Mark Lane <lmlane-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org>
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists