View Full Version : [ubuntu] Short Question about Malware
WinzenFlyer
November 25th, 2011, 11:07 AM
I got another question for you: Is it correct that Windows Malware cannot run on ubuntu, unless it is run in WINE?
If I got a LIVE system and shut it off, the RAM will be deleted when the power is cut and thus it would take any malware with it (i.e. when the PC shuts down, and is started anew, the system is clean again). Is that correct?
Best,
WF
mastablasta
November 25th, 2011, 12:14 PM
I got another question for you: Is it correct that Windows Malware cannot run on ubuntu, unless it is run in WINE?
yes. check my link in signature on security for more info.
If I got a LIVE system and shut it off, the RAM will be deleted when the power is cut and thus it would take any malware with it (i.e. when the PC shuts down, and is started anew, the system is clean again). Is that correct?
Best,
WF
yes. live system puts everything into RAM and runs from RAM. you can even unplug all drives (well except for one where Linux loads from - e.g. CD drive). whatever happens in RAM stays in RAM and when you turn it off it is lost from ram.... almost immediatelly.
what's your plan? :)
WinzenFlyer
November 25th, 2011, 02:35 PM
I was just asking because I wanted to know if I can open suspicious E-Mails (like yesterday when I got one from DHL which surprised me and I didn't know if it was OK) without endangering the system (or to clear it up again by rebooting).
teward
November 25th, 2011, 03:42 PM
From a general information security standpoint, even in a "live" environment (even one where everything is loaded into RAM) you should not open up suspicious emails.
My general rule of thumb is: "If it seems suspicious, do not open it, because you're better safe than sorry." and I came to that rule of thumb when someone was able to hijack my email just by me opening a suspicious email. Even within Linux. :/
HermanAB
November 25th, 2011, 04:38 PM
Relax dude. Windows malware won't run in WINE either. A malware publisher who wants his program to run in WINE will have to pay Codeweavers $10,000 to make it work - fat chance of that happening...
haqking
November 25th, 2011, 04:41 PM
Relax dude. Windows malware won't run in WINE either. A malware publisher who wants his program to run in WINE will have to pay Codeweavers $10,000 to make it work - fat chance of that happening...
http://dangertux.wordpress.com/2011/09/17/the-truth-about-windows-malware-wine-and-ubuntu/
and from the winehq
http://wiki.winehq.org/FAQ#head-3cb8f054b33a63be30f98a1b6225d74e305a0459
Dangertux
November 25th, 2011, 05:51 PM
Relax dude. Windows malware won't run in WINE either. A malware publisher who wants his program to run in WINE will have to pay Codeweavers $10,000 to make it work - fat chance of that happening...
All I know is I didn't get paid 10 g's and got a shell on Linux through a windows app just fine lol.
jockyburns
November 25th, 2011, 06:38 PM
Probably the biggest danger with Linux OS's is that you could unwittingly pass on Win viruses, trojans, malware etc to Windows users, via e mail, (if your not savvy enough to know what lurks in your inbox and forward it to Win users).
WinzenFlyer
November 25th, 2011, 07:01 PM
Thank you for all your answers!
So if I extract that correctly, watching out and leaving the Spam alone is OK?
I got a specific example of a windows program that I'd need to run. For a high-altitude balloon I use the Venus GPS by SkyTraq. This company has a GPSViewer program (which can be downloaded at Sparkfun). I used it on Windows before and the detection ratio at Virustotal is 0/42. Would that be OK to run with WINE?
PS: Is it OK to install anything in the Ubuntu Software Center or are there also bad things?
Dangertux
November 25th, 2011, 07:50 PM
Thank you for all your answers!
So if I extract that correctly, watching out and leaving the Spam alone is OK?
I got a specific example of a windows program that I'd need to run. For a high-altitude balloon I use the Venus GPS by SkyTraq. This company has a GPSViewer program (which can be downloaded at Sparkfun). I used it on Windows before and the detection ratio at Virustotal is 0/42. Would that be OK to run with WINE?
PS: Is it OK to install anything in the Ubuntu Software Center or are there also bad things?
The bottom line on this is quite simple. Whenever you download and install anything you're running a risk.
Some places are more trustworthy than others. The trusted repos being more trustworthy than a PPA for example. Downloading from a vendor's trusted site is preferable to getting software from freewarez.ru (that's not a real site I don't think; if it is don't go there lol)
So it really just depends on your tolerance for risk.
WinzenFlyer
November 25th, 2011, 08:14 PM
OK, thanks :)!
But something like ubuntu-restricted-extras is OK? (I read about it being a codec pack for all the media files there are)
Dangertux
November 25th, 2011, 08:49 PM
OK, thanks :)!
But something like ubuntu-restricted-extras is OK? (I read about it being a codec pack for all the media files there are)
Restricted extras come from the Official Ubuntu Repositories, so they would be reasonable to trust, that being said nothing is perfectly secure and even the trusted repos can become compromised, though it is not very likely.
This is the best I can answer your question, since ultimately it's up to you to choose what risks you do and do not take.
WinzenFlyer
December 1st, 2011, 10:52 PM
I now use Thunderbird and receive my E-Mails only in plain text mode. Some time ago I set up my PayPal to a new email address, so I was astonished to get an advertisment from them to the address that I used on PP formerly. I didn't click any links in that e-mail, can that be dangerous? (Note: I forwarded that mail to the spoof address that PayPal has, for analysis)
Ms. Daisy
December 1st, 2011, 11:01 PM
I was just asking because I wanted to know if I can open suspicious E-Mails (like yesterday when I got one from DHL which surprised me and I didn't know if it was OK) without endangering the system (or to clear it up again by rebooting). Can you tell me please, WHY would you would want to open a suspicious email in the first place?
WinzenFlyer
December 1st, 2011, 11:11 PM
In the DHL case I was not sure why I got this one. It later turned out that the e-bay seller activated this notification option so that I could track my package. The PayPal thing was because it looked like a normal PP newsletter to me from the subject line. (Of course I leave the obvious Spam stuff alone)
Powered by vBulletin® Version 4.2.2 Copyright © 2024 vBulletin Solutions, Inc. All rights reserved.