I've seen that in windows many of the malware & rootkits directly affect the firefox instead of the OS (windows).

So, can the firefox of ubuntu be as easily affected by malware as of windows ???....

can i trust on it ??...

I've seen that in windows many of the malware & rootkits directly affect the firefox instead the OS (windows).

So, can the firefox of ubuntu be as easily affected by malware as of windows ???....

can i trust on it ??...

I think you can trust Firefox in Ubuntu. Malware, viruses and other crap is not written for Linux, only for Windows.
Yes, it is both Firefox, but tunning on a totally different OS, using completely other program lines, other codes, other everything.
Don't be afraid, just use and enjoy it.

Yes Ubuntu can be affected by malware, The biggest way to prevent anything from attacking Firefox is to install the noscript addon and use it.

As far as security is concerned, the biggest problem is what's sitting between the back of the chair and the keybaord. :)

Yes Ubuntu can be affected by malware, The biggest way to prevent anything from attacking Firefox is to install the noscript addon and use it.

As far as security is concerned, the biggest problem is what's sitting between the back of the chair and the keybaord. :)

Ubuntu can be affected by malware? I thought Linux was so safe. Please tell me more about this.

Any OS can potentially be affected by malware, it just has to be written specifically for that OS.

The market share of Linux is so small, with most of the people who use it being more advanced users, that not much malware has been written for it. Linux viruses do exist, but usually they are just carriers to infect Windows systems the the Linux system comes in contact with (through email or directly through a local network).

If viruses start to spread big outside of Windows, the next major target would be OS X, as it has a much larger market share than Linux.

Honestly I don't worry about malware anymore. I turn on a firewall that rejects all incoming traffic and I click whatever I want whenever I want. I download .exe attachments with impunity and I have never once had an issue with any Linux system. If somehow you did manage to get a virus or something the only thing it can do is mess up the user you are using. The /root would be safe so the potential damage any malware could do is minimal. Most linux users though are very paranoid about that stuff but from experience I'll say there are far more easier targets for people to attack like an open port XP home user. Why go after a linux system? It is too much of a hassle.

... was about to start a similar thread.

I'm pretty well-versed on malware and all the other potential-evils on the web, but I've been experiencing some pretty screwy stuff lately. Using firefox 3.5b4 (updated today, 3.5b99), Adblock Plus, NoScript, and all the usual precautions. Note before this next sentence, I dislike mouse-gestures and have never had them enabled. I soon discovered I was being redirected to ad pages. AKA web-spam. It took me a bit to figure out the pattern that evoked the redirects, but it was a mouse-gesture. Mouse/cursor down + left-click. I deleted my cookies and watched closely... it wasn't long before it began again. Deleted cookies and haven't experienced it in a few weeks. Also know I don't peruse the pr0n sector of the Internet (therein exluding me from 70% of the web).

Next, another Moz adventure. I decided to install the Flock 2.5 deb package recently released over at GetDeb. The new 2.5 is pretty sweet for Social Media people - that said, I installed NoScript and began browsing. It wasn't long before the redirects started happening again - only now in the new Flock. I'm being redirected to random spam pages as well as - even more odd - Twitter-spam profiles. The pattern this time seems to be coming from using the search form embedded in the browser (ctrl + k). I've got it set to default to Google as my search engine. I'll type in a query, hit enter, and immediately get taken to the spam page. It's not with every search, far from it... they are pretty well spread out, and there doesn't seem to be a pattern in intervals between spam redirects. Again, I've deleted cookies but I'm really doubting it's a cookie issue.

Not sure if this is ultimately coming from my browsers or if it's a breached Jaunty. Either way, it's pretty annoying and I'd enjoy not having to deal with it.... very much reminding me of IE.

Any and all advice appreciated.

Ubuntu can be affected by malware? I thought Linux was so safe. Please tell me more about this.

I have had my ear to ground for several years now, and I have never heard of a successful malware infections under Linux. I have had few instances of Java script run amok and having had to clear my cache, but nothing persistent.

If someone knows of a persistent infection "in the wild" case of malware under Linux, I too would like some details.

Ubuntu can be affected by malware? I thought Linux was so safe. Please tell me more about this.
Well, any OS can be affected by malware.

can be is very different from will be, though, or even is likely to be.

It's not so black-and-white as this OS is necessarily going to get infected and that OS will never be infected. There is every shade of gray in between.

If malware weren't a potential problem, why would we have security updates? Why would Firefox? If you're at all worried, definitely use the Firefox NoScript extension, as most Firefox exploits come by way of JavaScript.

Stealing your cookies, clearing cache .. I wouldn't call it malware - kids want to have some fun :p

The coolest thing about firefox is that its very easy to repair if it gets infected, remove its personal data and it usually fixes itself

I guess if you really are worried about someone using Firefox to put malware on your computer you can always change browsers. You can use Seamonkey, Kazehakaze, Opera....etc

As far as security is concerned, the biggest problem is what's sitting between the back of the chair and the keybaord. :)

Agreed, but where would you begin looking in a situation like the one I've presented?

Any OS can potentially be affected by malware, it just has to be written specifically for that OS.

The market share of Linux is so small, with most of the people who use it being more advanced users, that not much malware has been written for it. Linux viruses do exist, but usually they are just carriers to infect Windows systems the the Linux system comes in contact with (through email or directly through a local network).

If viruses start to spread big outside of Windows, the next major target would be OS X, as it has a much larger market share than Linux.

This off-repeated argument is bogus. Linux has been about around now for ages and any miscreant worth a dime, would do it for the glory alone. Many have tried, they all have failed. Proof of concept viruses have even been written and released to public to help jump start something that would spread. Couldn't do it.

There have been worms. Ubuntu with it default install of "no open ports" can't we affected, as there is no vector.

Windows and IE have had some pretty major design flaws that made it extremely easy to for malware spread like wildfire. It keeps happening over and over..

I guess if you really are worried about someone using Firefox to put malware on your computer you can always change browsers. You can use Seamonkey, Kazehakaze, Opera....etc
I'm sorry, but that isn't a solution. Every browser has had security flaws at one point or another.

The good browsers patch those flaws quickly.

There is no such thing as a perpetually invincible web browser.

I'd still like to know where to start looking for what's going on with my system.

Comment #7, this thread.

Newest issue: Typing "gmail" into my "awesome bar" takes me to "gmail.net". And again, not every time... just randomly. Although I doubt it's truly random.

Yes Ubuntu can be affected by malware.

Have an example?

The biggest way to prevent anything from attacking Firefox is to install the noscript addon and use it.

Either that or lock Firefox down with a MAC implementation.

As far as security is concerned, the biggest problem is what's sitting between the back of the chair and the keybaord. :)

True, but it usually takes a lot more stupidity for a user to have his Linux box compromised than it does for a user to have his Windoze box compromised.

True, but it usually takes a lot more stupidity for a user to have his Linux box compromised than it does for a user to have his Windoze box compromised. Yes, but it doesn't take too much stupidity.

All you have to do is trick someone into downloading and double-clicking a malicious .deb file.

Yes, but it doesn't take too much stupidity.

All you have to do is trick someone into downloading and double-clicking a malicious .deb file.

That's why Linux has package managers.

I am opposed to making .debs so easy to install. I prefer the old days when one had to compile source code or make their own .debs. This stops newbs from wrecking their boxes with malicious code (because they are not going to go through the steps to compile -- it's not worth it to them).

In an attempt to be "more like Windows," distros like Ubuntu may be shooting themselves in the foot.

Well, there's always going to be a struggle between convenience and security.

My hope is that, as Ubuntu gets more popular, they'll start phasing out the sudo timeout.

Well, there's always going to be a struggle between convenience and security.

My hope is that, as Ubuntu gets more popular, they'll start phasing out the sudo timeout.

That was one of the first things I changed whenever I used a Debian based system. I would set timestamp_timeout=0 in the default options of the sudoers file.

Well, there's always going to be a struggle between convenience and security.


Or in the case of Microsoft, third party corporate interest and what is best for the end-user.

It seems that in the Microsoft corporate view, if you run their operating system - by extension they own your computer, while you're using their OS and they can decide what is allowed and not allowed to pass through your HDMI port or gets written to you hard drive.

I am not a MS hater, I am advocate of OS choice and of having the freedom to fix and tinker with MY OS if I what. I don't want corporate interest between me and my hardware.

I realize that this tread is about viruses and such, so lets talk about that -- Why are there effectively no real threats to Ubuntu-Linux based desktop system that don't involve good old-fashion brute force attacks and people installing services and then mis-configuring them because someone here told them that they had to do a recursive change mod with three sevens.

The answer is the UNIX toolbox philosophy and the clean separation between kernel space and user space. This is behind both the stability and security of UNIX (and Linux) server systems. When Microsoft was building NT, they choose VMS as an OS philosophic starting point, and they hired one its principle architects to help design NT. This was not a bad place to start, VMS was a stable, secure and powerful OS -- though a big PITA from a programming and user perspective.

The "toolbox philosophy" and VMS do not mesh at number different levels. Two of which are blocks vs streams and the VMS CLI (enforced though kernel) which was insanely complex. Even doing the simplest things required very long commands - And this lead to a tendency toward more monolithic programs. (less typing)

NT inherited this operating system design which necessitated, for end user convenience (seemingly never a consideration with VMS), the destruction over time of the barriers between user space and kernel space.

This is at the heart of Microsoft's virus, malware and security problems today.

And this is reason why virus and malware designers do not find fertile ground in operating systems built with UNIX design philosophy. (btw -- thank you Brian Kernighan and Dennis Ritchie and happy birthday UNIX)

I've seen that in windows many of the malware & rootkits directly affect the firefox instead of the OS (windows).

So, can the firefox of ubuntu be as easily affected by malware as of windows ???....

can i trust on it ??...

If you are going to compromise a Windows system, Internet Explorer is always the best attack vector. But the fact that you implied Firefox (which has to be downloaded and installed separately) rather than the default IE as a security risk has me wondering. But I digress.

Social engineering and stupidity can defeat even the most secure and locked down of domestic computers (business, governemnt and military have their own solutions to counter this threat). Crackers (not hackers) attack Windows and IE because it is easy (for them), and not just because of it's ubiquity.

Linux desktops and servers (and despite Microsoft's protestations to the contrary) exist in vast numbers, they would make a handsome target would they not? A cracker could make a name for him/herself by bursting Linux's supposed bullet proof reputation for both security and stability.

Unix/Linux/OSX/*BSD will never be totally impervious to people that have ulterior motives, but I know i would trust them above anything that wears a Microsoft Certified tag.

I'd still like to know where to start looking for what's going on with my system.

Comment #7, this thread.

This could be DNS cache poising. Try changing your nameservers
to the openDNS (https://www.opendns.com/start) servers.

208.67.222.222 and 208.67.220.220.