Re: 60 Minutes Conficker worm report. Symantec uses Ubuntu.
Originally Posted by
aysiu
You should be making regular backups of your data.
But in any case, erasing people's personal files isn't very lucrative, and most malware these days isn't created for the "Ah-ha! Gotcha" thrill. Most malware now is for financial profit.
You can bet one of the reasons malware thrives in Windows is that it's tied to system files and so difficult to remove. If malware lived only in the user space, you could delete it as easily as deleting a user account and creating a new one.
If we are taking into account all disaster recovery measures are in place, then who cares really what OS it is, or what the security model is. Backups are backups. This whole stance would be moot if you are going to facture that in. Anti-virus and malware is preventative maintenance to avoid using backups, regardless of the realm of attack, backups themselves are a completely different scope. With or without these preventative tools, if you don't have backups, you're playing with fire, so thats not the scenario I wanted to pitch because I felt it was pretty much assumed.
Also, it completely depends on how you would classify your personal data, whether or not you think its lucrative to exploit. Just because its in user space doesn't mean its not very critical.. I've seen it a thousand times. When it comes down to the destruction of an operating system, people don't care about that box anymore, all they care about is what was on it. They don't care if its a new box, or a new OS, as long as the data was not compromised. Without good backups, you probably just lost your job, with good backups, it doesn't make your loss of data any less critical whether its in user space or system space if its been classified as critical. My point was, if someone wanted to be malicious, it doesn't necessarily mean they have to take their system down, or exploit an OS security hole. There is a lot of damage to be done in the user space with data saved in home directories that malware would love to crawl over, or flat out corrupt or delete. Don't think that just because in most cases linux OSes can't be exploited as easily as Windows ones, that there is not plenty of havoc that can be wreaked. I think one reason we don't see many of these incidents on linux is that typically linux users have a higher awareness level of their system, but if that paradigm changes, I believe you will see this exploited much more. Your browsing history, installed app configurations, and perhaps things like your financial data and tax info are all in your $HOME. You're ships not sinking, but its a pretty pointless ship now that everything on it is gone. /bad_analogy
Last edited by toupeiro; March 31st, 2009 at 03:08 AM.
"Its easy to come up with new ideas, the hard part is letting go of what worked for you two years ago, but will soon be out of date." -Roger von Oech
Bookmarks