[Ambassadors] New Trojan Threatens Mac OS X, Linux Machines

Tristan Santore tristan.santore at internexusconnect.net
Sun Sep 2 08:31:12 UTC 2012 

On 02/09/12 09:20, Dan Mashal wrote:
> This is a bunch of BS.
> 
> No direct links or hard evidence in the article. Even if there was, this
> is a browser issue. Not an OS issue.
> 
> Dan
> 
> On Sun, Sep 2, 2012 at 1:19 AM, Tristan Santore
> <tristan.santore at internexusconnect.net
> <mailto:tristan.santore at internexusconnect.net>> wrote:
> 
>     On 02/09/12 03:04, Danishka Navin wrote:
>     > Is this true? (for Linux)
>     >
>     http://news.efytimes.com/e1/89929/New-Trojan-Threatens-Mac-OS-X-Linux-Machines
>     >
>     > Btw, I could not find any source other than this.
>     >
>     > Thanks,
>     > --
>     > Danishka Navin
>     > http://danishkanavin.blogspot.com
>     > http://twitter.com/danishkanavin
>     > http://www.flickr.com/photos/danishkanavin/
>     >
>     >
>     >
>     >
>     >
>     >
>     > --
>     > ambassadors mailing list
>     > ambassadors at lists.fedoraproject.org
>     <mailto:ambassadors at lists.fedoraproject.org>
>     > https://admin.fedoraproject.org/mailman/listinfo/ambassadors
>     If it is, it just reinforces that you cannot rely on anything for
>     security, because there is no such thing as a secure system, as long as
>     us filthy useless humans write code. Nobody in the linux community ever
>     made such promises any way.
> 
>     Just keep updated, install and run clamav every so often, maybe install
>     and configure tripwire/aide, do not download dodgy stuff, follow and
>     click random dodgy links. Same applies to any other operating system
>     really.
> 
>     Compared to many other systems, GNU operating systems can still have
>     issues, but far less, and if they do the issue is fixed much quicker.
> 
>     Not much else to say really apart from Keep Calm and carry on!
> 
> 
>     Regards,
> 
>     Tristan
> 
>     --
>     Tristan Santore BSc MBCS
>     TS4523-RIPE
>     Network and Infrastructure Operations
>     InterNexusConnect
>     Mobile +44-78-55069812 <tel:%2B44-78-55069812>
>     Tristan.Santore at internexusconnect.net
>     <mailto:Tristan.Santore at internexusconnect.net>
> 
>     Former Thawte Notary
>     (Please note: Thawte has closed its WoT programme down,
>     and I am therefore no longer able to accredit trust)
> 
>     For Fedora related issues, please email me at:
>     TSantore at fedoraproject.org <mailto:TSantore at fedoraproject.org>
>     --
>     ambassadors mailing list
>     ambassadors at lists.fedoraproject.org
>     <mailto:ambassadors at lists.fedoraproject.org>
>     https://admin.fedoraproject.org/mailman/listinfo/ambassadors
> 
> 
> 
> 
> --
> ambassadors mailing list
> ambassadors at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/ambassadors
As ambassador you should know better to make such definitive statements.
fact is we do not know any facts yet, so please do not make such views
public, especially as ambassador. People with less experience will look
for your guidance. So, provide them with facts, not fiction or innuendo.

The fact is, there have been viruses and the like, affecting GNU linux
based systems before, however, thanks to the way GNU linux systems work,
such as privilege separation and a "secure" source of software, issues
are far reduced.

I believe there were no more than a few hand full of viruses affecting
GNU operating systems, however I never found any research document
stating factual relevant numbers.
The main issue are remotely exploitable loopholes, found in pretty much
any software that has a listening port open to the outside world.
Browsers of course are included in this as they go around to unverified
locations. So, this might be the most likely source of catching a cold,
so to speak. However, as we now all use Instant Messaging and silly
(anti)social-networking, email hosted by third-parties, etc.. you
sometimes get emails/instant messages from "friends", saying click here
or download this file, and it was not sent by your friend, even though
it came from his account. And there you go, you caught a cold.

So, by all means, do not assume stuff, because in most cases you will be
wrong.

It best to be vigilant and distrust everything, especially your own code
you are writing ;-p.

Regards,
Tristan

-- 
Tristan Santore BSc MBCS
TS4523-RIPE
Network and Infrastructure Operations
InterNexusConnect
Mobile +44-78-55069812
Tristan.Santore at internexusconnect.net

Former Thawte Notary
(Please note: Thawte has closed its WoT programme down,
and I am therefore no longer able to accredit trust)

For Fedora related issues, please email me at:
TSantore at fedoraproject.org

More information about the ambassadors mailing list