Malware on Linux

>that's what tech illiterates who don't know safe porn sources actually believe

>plug in a flash drive and you're infected
vs
>plug in a flash drive, mark as executable, execute, grant privileges and then you're infected

well that settles it lads, move along

Most malware have been completely multi-platform for years, what OS you use doesn't matter in any way.

well my point was that if you plug in a flash drive and you're infected it is only allowed because you:
>did not disable autostart in windows (you can do that)
>blindly doubleclicked the flash drive if it says "autorun" instead of open if you right click on it (or execute or something, i know that windows explorer makes a difference there).
>didn't scan it when you got it from someone else / plugged it into a public computer.

No it fucking doesn't.

They are finding bugs and vulnerabilities all the time, but I guess most of those require physical access to the computer, like that grub bug

Crypto lock still a rare pepe on linux.

All anti-virus is botnet and you shouldn't need it unless you run .exe's from MrNoobie420 from Sup Forums

> just don't click the ads on pornhub

ITT: people unaware that malware can be installed via javascript on windows.

I know senpai, but what I was getting at is that on windows doing the right thing is hard and doing the wrong thing is default. On linux, it's the other way around

grub bug was comparable to the bug which allows you to clear the administrator password with the windows install/repair disk.
Its comparable to people running bios/uefi with a password and someone being able to open your case and take out the cmos battery.

>running browser with superuser privileges

that episode was fucked

everyone knows that, but if you use safe websites you are basically safe, and don't need an background antivirus scanner or real time protection.
Also someone soon will point out that you shouldn't use JavaScript at all because its cancer.

>le NoScript meme
unless you exclusive browse stallman.org you need JS to use the internet

Also ads.
>use an adblocker
Go browse kickass torrents and see how your adblocker gets fucked in the ass, and that's just to show popups.

>prize money

>browsing an ad ridden honeypot made of a dead torrent site = safe web browsing
user you need to stop embarrassing yourself. I bet you install some gayms that have comments like:
>100% safe checked torrent, some people might get false alarms
>guys the *insert some trojan with high severity thread name here* is not really a virus ,you need to disable the AV
etc. so you think you need an AV to browse things. Also i have not mentioned an adblock at all.

I was just pointing out that:
1. it's not feasible to disable javascript to browse the internet
2. malware can be delivered through ads
3. even if you used an adblocker to prevent point 2, there are webistes which are able to bypass it

Are you simply retarded or actively baiting with stupidiy?

>there are actually people on Sup Forums that believe that random code is just magically executed by your computer if you go to websites

Is this how Windows users think?

and you are totally ignoring the fact that you should not use sites that provide malware trough javascript/flash/ads/whatever.
Also
You need a serious, unpatched privilege escalation + code execution exploit.

You could just stop looking at child porn.

You can get malware on linux but the fact is the market share isn't high enough.

it is if it uses an exploit in javascript that allows remote code execution. If you load a javascript objects and it has malware using such exploit , it basically automatically (or "magically" as you put it) executes and infects the browser/does its thing. Still you need an unfixed 0 day vulnerability that probably having an AV wont help with at all.

>it is if it uses an exploit in javascript that allows remote code execution
Modern browsers run their javascript engines isolated. I'm not saying that nothing ever has broken out of that isolation, but this is why you should run your browser with the minimum possible user privileges.

If your browser is allowed to modify itself, it's not being executed with the appropriate user privileges.

sure, that is accurate.

Also it can be installed via site favicon if you use IE5. What's your point exactly?

>You need a serious, unpatched privilege escalation
not on Poondows you don't. See >you should not use sites that provide malware trough javascript/flash/ads/whatever
Ads do not depend on the website tho, they are pushed to the website by the ad provider. Should I downright stop browsing all websites that display ads?

I don't really see the point in this discussion anymore tho, since I can assume we both run linux.

It is possible son, run and hide.

>you can't use a vulnerability to execute 3rd party code via JS on Linux
wut

Keep executables on one partition/directory, overwrite your system partition with every restart from an encrypted flash drive

>pic related
on windows you still need an exploit desu, one that will allow code execution by javascript in firefox, and have access outside your browser.

Ok, and what do you do then?

Install a virus? How do you get it to run next time I start my computer?

Figure out which window manager I'm using, look into my config files to see where my startup script is located, insert a line in my startup script to launch "virus" and pray that I don't ever look inside my own startup script again?

Or maybe you add it to my crontab and hope I don't notice that either?

It's not like you can just inject malicious code into firefox, that shit is owned by root

firefox->browser for political correctness

you can ,you just need multiple vulnerabilities or one that is so serious it will get patched outright. If you are able to get the browser to execute code you might not be able to do much with executed code because firefox has not enough privilages to do anything in the system or so on, making an exploit useless.

What i try to say is that It usually has to be a chain of vulnerabilities that are unpatched/unknown, or a really serious one.

All of this.

>and pray that I don't ever look inside my own startup script again?
That's the most retarded argument I have ever heard.

I don't understand what point you're trying to make. You don't ever look inside your own startup script?

Do you really think that virus makers expect users to never find that they have been infected?

I still don't get your point.

Do you even know how Linux works? As far as I can tell 100% of the software my computer is running right now is owned by root.
Where the fuck are you going to hide the virus? Where are you going to inject code that will make it run?

You're thinking of windows where you can know you have a virus and it could have spread all over the damn place. But where are you going to spread on Linux? Unless you do a privilege escalation then the only two places I have code owned by my user being executed is in my startup script and cron jobs.

>Ads do not depend on the website tho, they are pushed to the website by the ad provider.
The website allows a third party to display ads, for profit. Its in their interest to make sure those ads wont be malware, unless they do it on purpose in which case
> Should I downright stop browsing all websites that display ads?
and yes we both run Linux, but i run a dualboot because i need some software for my uni work, and the said windows install is there for 3 years (with an upgrade to win10) and has not been infected by malware at all.
And it is checked once in a while, so i guess my browsing habits allow me to run windows without an real time malware protection and not get pwned by javascript. Not that i do anything requiring protection from malware on it, since i have linux for that.

>what is vulnerabilites

yes
linux is the malware itself

In nomine Desu et Desu, et Desu Sancti
With ten thousand faces
Purge it like a cancer and install Windows master race.

>inject a dirty cow-style code into startup script that will allow privilege escalation and do what you want.
Not that the dirty-cow could be executed remotely or that there are extra steps and the whole thing is really hard to do and unlikely, but i hope you catch my drift.

We're not talking about YOUR system. We're talking about infections in general.
Also, why do you think that W viruses do not need to be escalated?

Virtually impossible.
Malware databases maintained by antivirus vendors will list a windows exploit as effecting both windows and linux if it can cause a botnet of windows machines to knock a linux server offline.
Or it's been patched 3 days or 3 years ago on you're desktop linux.
Those guys know which side their bread is buttered on.
Take that shit with a grain of salt.
iot or android is a different story.

not him but you might want to read the OP before posting desu.
>Malware on Linux
>So is it true that it's borderline impossible to get malware on Linux?

Have you read what he wrote?
His point is that even if virus penetrated his system HE would know about it and yet he tries to showcase that as Linux being impenetrable in general.

It's an example of the limited possibilities. Because almost no commonly used code exists in a predictable manner in Linux users home directories.

Mostly you're limited to trying to infect config files that are either custom made by the user (and thus likely to be noticed), or can be safely deleted and regenerated.
The potential for you to do damange in our $HOME folders is extremely low.

and worst case scenario we just create a new user and become infection free. No need to reinstall the whole operating system.

well what he wrote is applicable to Linux in general imo, since whole security is dependent on the fact that you need root privileges to do anything with some malware.
So if the malware is run by an user process and has no root privileges it can only do stuff to users files, so not much to the system, and can be easily found in the user files.
Ofc this is the case if there is no remote privilege escalation exploits used by malware.

Sure, people could make malware for Linux. But why? Windows is more commonly used in business, even in server environments. Linux for consumers is basically nonexistent outside of Android. On Android, the vast majority of users won't install anything not on the Google Play store.

So where's the benefit to making software for such a small userbase?

>On Android, the vast majority of users won't install anything not on the Google Play store.
>Android Banking Trojans Based on GM Bot Infected Over 200,000 Users in the Past 3 Months

because there are cloud, file and web servers running linux, that hold important data to people owning them. I do realize this is probably less profitable than stealing peoples logins and stuff and probably more risky but its still a target, even if someone wanted to hinder competition.

>tfw when android is linux
>but everytime i hear of some android malware i cannot classify it to linux malware
>since its probably caused by shitty support from the manufacturers
>or some people rooting phones and installing unofficial programs from the net manually

>200,000 Users
gartner.com/newsroom/id/3516317
Samsung alone sold more than 70 million android phones in Q3 2016, thanks for proving my point

Actual site data is typically worthless compared to user data or financial data

well don't servers usually run their own databases? I don't know actually, please explain. Also i believe some people/organizations paid ransom for their server data, although those were rare cases.

If someone is keeping valuable data on the same environment as their outward-facing website, there's something horribly wrong

Let's be real here. The only fucking way you are going to be infected is if you're retarded enough to piss off a hacker (most likely a script kiddy) who then runs nmap on your machine and searches exploit-db for something that will overflow your buffer allowing them to create an account. Don't enable telenet or host some random email service and you're fucking fine

>Don't enable telenet
Yeah, how do I access my favourite BBS then?

Yes it does you utter child, why do you think adblockers exist? Hint: it's not because people hate advertising.

>do not allow javascript from third parties
Hard wasn't it? Now you just have to boycott every site that is written in a way that you must use third party javascript, because you can be sure they just want sell your data or get you malware, or both.

>Now you just have to boycott every site that is written in a way that you must use third party javascript,

so basically every website. great plan, mr stallman.

Its a good plan to be honest, it would be effective compared to trying to patch n-th vulnerability of the same type for the n-th+x time, while all of them use 3rd party javascript. Unless you develop perfect sandbox for javascript.

I have no idea how you get that shit even on Windows, I haven't had any infection since I was 14 and ran an obviously suspicious exe because I was in a hurry to get a pirated copy of Heroes III running so I could play with a friend. I do block ads and JS, but I don't run any antivirus on my Windows machines other than Defender. Fucking hell, even my dad doesn't get his PC infected.

linux is a kernel, when will you newfags learn?

Linux is whatever you want it to be, that's the beauty of it!

oh, look a pedant searching for (you)'s by replying to as many posts as possible