Malware for Linux
Bill Sconce
sconce at in-spec-inc.com
Wed Jul 18 21:23:45 EDT 2012
On Fri, 13 Jul 2012 13:09:42 -0400
David Ohlemacher <ohlemacher at gmail.com> wrote:
> Any recommended solutions for risk reduction?
>
> 0. How about running your browser as a different user?
That's one of the things.
(One of the things you *have* to do.(*))
Also a different user for your e-mail client.
"Users" are cheap.(**)
That's what I've been doing, for the last few years, anyway.(***)
YMMV,
Bill
_______
Sent from my virusproofed Linux PC
(*) I used to think a browser could be made "safe" with NoScript,
whitelists, and so on. I was forced to give up on that, finally
discovering that the problem becomes easier to solve if you just
assume the browser is poisoned code/TRYING to do its worst, and
throw away everything it had write access to after each use. (E.g.,
its home directory; OF COURSE it doesn't have write access to
"your" home directory, or to any other users's stuff, including
root's.)
(**) Almost forgot: your PDF reader. (Especially if it's the Adobe one.)
And Java, yet another case -- if there ever turns out to be a reason to
have Java installed.
Basically, any executable which doesn't come from Debian and/or any
executable which pulls things from the Internet.
Or which "phones home". (Other users don't have READ access to your
home directory either.)
(***) I suppose I ought to give a talk on it someday. Kinda got
discouraged, though, back when I started, after observing on this list
that other *cough* operating systems don't help with security techiques
in some of the ways which Linux makes easy, such as separate user
accounts for separate applications. Got yelled at... :)
More information about the gnhlug-discuss
mailing list