new spies like Flame?

[sam-c]

From what I hear this morning New Virus nicknamed "Flame" floating around is more like Spy threat as it sits on your computer undetected and when triggered Sends your Secret Information to the Those who want that info.
It was also said that it goes back to 2007!
I guess that ubuntu and linux is safer than Windows?!
Any Comments
Thanks
Uncle Sam
PS I am using 12.04 LTS

[zombifier25]

Just did some research, and, let's say I'm glad I'm on the Linux board. It only attacks computers running Windows.

However, saying that Linux is safer than Windows is not true. Linux only does not suffer from viruses like Windows, a Linux machine can be hacked like a Windows machine, just harder (and not that interesting - Windows are a more profitable target)

[Hungry Man]

I wrote this about "The Flame." It's pretty impressive.

[0011235813]

Please don't let this fuel the perpetual Linux vs Windows debate. It's a pointless to try and compare them because security is subjective and can't really be benchmarked (sorry, EAL). The best thing in making a decision as to how to secure an OS is, is by looking at the % of userbase the os has that is most likely infected (which is hard enough to figure out). But even so, there aren't many Linux desktops/laptops that are infected right now... Actually, I'm not sure there are any infected. In my time in the forums, I've yet to see a case that has sufficient concrete evidence to suggest the clients computer is infected, which is certainly more than what many Windows computers can say.
Oh, and please don't start with the "Linux users are more knowledgeable" nonsense. There are a lot of very non-technical users running Ubuntu. Neither that silliness with marketshare- cross-platform plugins anyone?

[Curtis6767]

I've just installed Win8 in Virtual Box and will need to run it for about 15-20 minutes a day.
Other than email, which I had to access to setup Win8, I won't be doing much else.

What kind of steps should I take to prevent some kind of virus, Flame or otherwise, from getting on my virtual Win8?

Also, how is it possible to know what kind of machines in the Middle East are being attacked? Are they all running Windows exclusively?

Thanks

[0011235813]

I've just installed Win8 in Virtual Box and will need to run it for about 15-20 minutes a day.
Other than email, which I had to access to setup Win8, I won't be doing much else.

What kind of steps should I take to prevent some kind of virus, Flame or otherwise, from getting on my virtual Win8?

Also, how is it possible to know what kind of machines in the Middle East are being attacked? Are they all running Windows exclusively?

Thanks

OK, well you should really start your own thread on this, but never mind. Virtual machines (even Windows ones) are generally more secure than running *real* operating systems, because any damage done to the VM affects only the VM and not the OS running it (although it's unlikely you're going to get infected on a Linux machine anyway). While it is theoretically possible to make malware that can be installed on a VM to take advantage of vulnerabilities within the virtualization program (like Virtualbox) it has yet to be done.

But general practice for avoiding malware on Windows is generally the same as on Linux; use a half-decent browser at security (IE and Safari don't do very well in this category- Chrome, Opera and Firefox are all better) with browser add-ons like WOT, adblockers and NoScript, as well as proper configuration to avoid third-party cookies and plugins. Use a firewall with no open incoming ports (unless you've got some sort of server, of course) and keep any confidential data encrypted. Naturally, don't install untrusted software, or enter your bank details into non-genuine sites. Finally, KEEP BACKUPS!

This malware only affects Windows.

PS:Why do you need a VM for email? What's wrong with Thunderbird, KMail etc. ? They are compatible with outlook you know. If you really need Outlook, have you tried wine?

[Curtis6767]

OK, well you should really start your own thread on this, but never mind. Virtual machines (even Windows ones) are generally more secure than running *real* operating systems, because any damage done to the VM affects only the VM and not the OS running it (although it's unlikely you're going to get infected on a Linux machine anyway). While it is theoretically possible to make malware that can be installed on a VM to take advantage of vulnerabilities within the virtualization program (like Virtualbox) it has yet to be done.

But general practice for avoiding malware on Windows is generally the same as on Linux; use a half-decent browser at security (IE and Safari don't do very well in this category- Chrome, Opera and Firefox are all better) with browser add-ons like WOT, adblockers and NoScript, as well as proper configuration to avoid third-party cookies and plugins. Use a firewall with no open incoming ports (unless you've got some sort of server, of course) and keep any confidential data encrypted. Naturally, don't install untrusted software, or enter your bank details into non-genuine sites. Finally, KEEP BACKUPS!

This malware only affects Windows.

PS:Why do you need a VM for email? What's wrong with Thunderbird, KMail etc. ? They are compatible with outlook you know. If you really need Outlook, have you tried wine?

Saw no need to start a new thread as my concern was about Flame, which happens to be in the topic line of this thread. This morning I received an email from Symantec stating that they're on top of Flame and not to worry, blah, blah, blah, but I don't have Norton on the VB install of Win8.

Thanks for your response. The information is helpful.

About the email within Win8: As part of the install process, MS asks for an email address and then this needs to be confirmed within Win8. I use gmail and accessed that via Firefox.

[wilee-nilee]

Saw no need to start a new thread as my concern was about Flame, which happens to be in the topic line of this thread. This morning I received an email from Symantec stating that they're on top of Flame and not to worry, blah, blah, blah, but I don't have Norton on the VB install of Win8.

Thanks for your response. The information is helpful.

About the email within Win8: As part of the install process, MS asks for an email address and then this needs to be confirmed within Win8. I use gmail and accessed that via Firefox.

You don't have to do the email to get W8, look closer on that page.

[0011235813]

Saw no need to start a new thread as my concern was about Flame, which happens to be in the topic line of this thread. This morning I received an email from Symantec stating that they're on top of Flame and not to worry, blah, blah, blah, but I don't have Norton on the VB install of Win8.

Thanks for your response. The information is helpful.

About the email within Win8: As part of the install process, MS asks for an email address and then this needs to be confirmed within Win8. I use gmail and accessed that via Firefox.

You don't have to do the email to get W8, look closer on that page.

Indeed you do not need to create an account to use W8.

As to the person who asked, I recommend you read up on some extra security wikis if you are concerned about security. I should really write something detailed about securing Linux, but many people have already done similar jobs.

[CharlesA]

I wrote this about "The Flame." It's pretty impressive.

Nice article. Thanks.

Saw no need to start a new thread as my concern was about Flame, which happens to be in the topic line of this thread. This morning I received an email from Symantec stating that they're on top of Flame and not to worry, blah, blah, blah, but I don't have Norton on the VB install of Win8.

My Aunt got an email from them asking about it. It sounds like a "just FYI" email, but most AV companies should be able to pick it up.