[TriLUG] spyware

Mike M linux-support at earthlink.net
Sat Apr 17 00:21:58 EDT 2004


On Fri, Apr 16, 2004 at 05:35:12PM -0400, Jon Carnes wrote:
> On Fri, 2004-04-16 at 15:25, Mike M wrote:
> > On Fri, Apr 16, 2004 at 02:49:56PM -0400, john mitchell wrote:
> > > Mike M. wrote:
> > > >The only solution I can think of is to use a live-cd like Knoppix todo 
> > > critical and sensitive tasks like >financial transactions.
> > > 
> > > What makes you think the Knoppix is OK?
> > 
> > Well...er...ahhhh....(doh).
> > 
> > OK. So now what?
> 
> Well, Linux has a few things going for it that preclude the use of
> spyware:
> 
>  - Intrusion detection: some folks snort at this, but linux comes with
> built-in intrusion detection (whether you use it or not is up to you);
> spyware would set the hounds bellowing!

I think the more insidious method is to invite it in with a package
install or update. It watches keystrokes and corrupts firewalls
> 
>  - Peer review of code: not only is the source open and viewable, but it
> is frequently reviewed by some very good folks all of whom know the code
> and what it does. 

I think per review happens for some packages - the majors - but what
about the minor packages?  I'll bet there are lots of packages that
don't get peer reviewed.  
<snip>
> Also, Linux (with root access anyway) is mainly used by folks with a
> clue or two about the internet and the dangers that lurk out there on
> the web. Users without root access would have a darn hard time
> installing spyware on their boxes.

All it takes is one bad package, poorly reviewed, updated from RH or
Debian or Mandrake, or installed from compiled source.  It records 
keystrokes while you log in to your bank
account and posts the results in an email to public list that you are
subscribed to.  The bad guy scans lists waiting for the goods to arrive.

-- 
Mike

Moving forward in pushing back the envelope of the corporate paradigm.



More information about the TriLUG mailing list