ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    InfoWorld on Why Linux on the Desktop is Still Better than Windows 10

    Scheduled Pinned Locked Moved News
    linuxlinux desktopfedorawindowswindows 10infoworldfedora 23
    43 Posts 6 Posters 9.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • DashrenderD
      Dashrender @stacksofplates
      last edited by

      @johnhooks said:

      @Dashrender said:

      @johnhooks said:

      When has this happened?

      http://www.ibtimes.co.uk/google-removes-13-android-apps-play-store-infected-brain-test-malware-1537049

      http://www.pcworld.com/article/2991011/security/apple-removes-apps-from-store-that-could-spy-on-your-data-traffic.html

      The malicious app basically attempts to detect if a device is rooted, and then it copies several files to the/system partition

      The devices have to be rooted. Which removes all security that was given.

      That definitely wasn't the case for bad apps that were released in china. There was an infected compiler running around china that was being used to create apps, those apps did make their way into the apple store, later to be removed.

      stacksofplatesS 1 Reply Last reply Reply Quote 0
      • stacksofplatesS
        stacksofplates @Deleted74295
        last edited by

        @Breffni-Potter said:

        Linux repos have been breached as early as 2010/2011.

        No platform has 100% track record of reliability, lot of us like Linux but let's not ignore the past.

        You're right, I shouldn't say you can't. It's just super hard. And with the number of servers running critical and important data, you would have think it would have happened more frequently than it does on Windows home computers running goofy software.

        1 Reply Last reply Reply Quote 1
        • stacksofplatesS
          stacksofplates @Dashrender
          last edited by

          @Dashrender said:

          @johnhooks said:

          @Dashrender said:

          @johnhooks said:

          When has this happened?

          http://www.ibtimes.co.uk/google-removes-13-android-apps-play-store-infected-brain-test-malware-1537049

          http://www.pcworld.com/article/2991011/security/apple-removes-apps-from-store-that-could-spy-on-your-data-traffic.html

          The malicious app basically attempts to detect if a device is rooted, and then it copies several files to the/system partition

          The devices have to be rooted. Which removes all security that was given.

          That definitely wasn't the case for bad apps that were released in china. There was an infected compiler running around china that was being used to create apps, those apps did make their way into the apple store, later to be removed.

          The apps in question installed their own digital certificates on a person's Apple mobile device. It would enable the apps to terminate an encrypted connection between a device and a service and view the traffic, which is a potential security risk.

          That's all it did.

          1 Reply Last reply Reply Quote 0
          • DashrenderD
            Dashrender
            last edited by

            @johnhooks I think servers don't suffer this because how often are server admins pushing out some unknown package? They are using newer versions of things that have been around for a long time. There is probably some kind of chain of custody that makes those things less likely to make their way into the repo in an infected state, unless the vendor making the software was penetrated and the code infected.

            Server admins are not home users - home users install all kinds of crazy things - they want card maker programs, and soduko, crossword, crazy smiley faces, etc.

            stacksofplatesS 1 Reply Last reply Reply Quote 0
            • stacksofplatesS
              stacksofplates @Dashrender
              last edited by

              @Dashrender said:

              @johnhooks I think servers don't suffer this because how often are server admins pushing out some unknown package? They are using newer versions of things that have been around for a long time. There is probably some kind of chain of custody that makes those things less likely to make their way into the repo in an infected state, unless the vendor making the software was penetrated and the code infected.

              Server admins are not home users - home users install all kinds of crazy things - they want card maker programs, and soduko, crossword, crazy smiley faces, etc.

              But being in the repo or store means its not unknown. The software stores use the same repos. If you can install it on Ubuntu with Unity, you can install it on Ubuntu server.

              DashrenderD 1 Reply Last reply Reply Quote 0
              • DashrenderD
                Dashrender @stacksofplates
                last edited by

                @johnhooks said:

                The devices have to be rooted. Which removes all security that was given.

                That article didn't actually say they had to be rooted, but if it was rooted, it would right itself to the file system making it difficult to remove.. not the same thing at all.

                It's like javascript in your browser, stuff can be downloaded that can do all kinds of crazy things... like attempting to log into your router (now from the LAN side) and making changes, etc.
                Root, admin level privileges aren't needed to do those things.

                stacksofplatesS 2 Replies Last reply Reply Quote 0
                • DashrenderD
                  Dashrender @stacksofplates
                  last edited by

                  @johnhooks said:

                  @Dashrender said:

                  @johnhooks I think servers don't suffer this because how often are server admins pushing out some unknown package? They are using newer versions of things that have been around for a long time. There is probably some kind of chain of custody that makes those things less likely to make their way into the repo in an infected state, unless the vendor making the software was penetrated and the code infected.

                  Server admins are not home users - home users install all kinds of crazy things - they want card maker programs, and soduko, crossword, crazy smiley faces, etc.

                  But being in the repo or store means its not unknown. The software stores use the same repos. If you can install it on Ubuntu with Unity, you can install it on Ubuntu server.

                  A brand new game, in the repo is an unknown - to you. that's my point. Brand new things in the repo have no reputation. I'm surprised you haven't heard about the dozens of things being pulled from both Google/Apple stores for doing improper things.

                  If you want to find more, I guess you can google it.

                  stacksofplatesS 1 Reply Last reply Reply Quote 0
                  • stacksofplatesS
                    stacksofplates @Dashrender
                    last edited by

                    @Dashrender said:

                    @johnhooks said:

                    The devices have to be rooted. Which removes all security that was given.

                    That article didn't actually say they had to be rooted, but if it was rooted, it would right itself to the file system making it difficult to remove.. not the same thing at all.

                    It's like javascript in your browser, stuff can be downloaded that can do all kinds of crazy things... like attempting to log into your router (now from the LAN side) and making changes, etc.
                    Root, admin level privileges aren't needed to do those things.

                    You don't have filesystem access without root access on Android.

                    DashrenderD 1 Reply Last reply Reply Quote 0
                    • DashrenderD
                      Dashrender @stacksofplates
                      last edited by

                      @johnhooks said:

                      @Dashrender said:

                      @johnhooks said:

                      The devices have to be rooted. Which removes all security that was given.

                      That article didn't actually say they had to be rooted, but if it was rooted, it would right itself to the file system making it difficult to remove.. not the same thing at all.

                      It's like javascript in your browser, stuff can be downloaded that can do all kinds of crazy things... like attempting to log into your router (now from the LAN side) and making changes, etc.
                      Root, admin level privileges aren't needed to do those things.

                      You don't have filesystem access without root access on Android.

                      but you don't need it to do what that program was doing.. only to keep itself from being uninstalled/removed completely.

                      It's like a virus that runs in user space on Windows, you don't need local admin rights, but it can still do plenty of damage.

                      stacksofplatesS 1 Reply Last reply Reply Quote 0
                      • stacksofplatesS
                        stacksofplates @Dashrender
                        last edited by stacksofplates

                        @Dashrender said:

                        @johnhooks said:

                        @Dashrender said:

                        @johnhooks said:

                        The devices have to be rooted. Which removes all security that was given.

                        That article didn't actually say they had to be rooted, but if it was rooted, it would right itself to the file system making it difficult to remove.. not the same thing at all.

                        It's like javascript in your browser, stuff can be downloaded that can do all kinds of crazy things... like attempting to log into your router (now from the LAN side) and making changes, etc.
                        Root, admin level privileges aren't needed to do those things.

                        You don't have filesystem access without root access on Android.

                        but you don't need it to do what that program was doing.. only to keep itself from being uninstalled/removed completely.

                        It's like a virus that runs in user space on Windows, you don't need local admin rights, but it can still do plenty of damage.

                        I apologize, I was told we were going on a family walk and I was trying to read while walking down the road and didn't read your comment correctly.

                        1 Reply Last reply Reply Quote 0
                        • stacksofplatesS
                          stacksofplates @Dashrender
                          last edited by stacksofplates

                          @Dashrender said:

                          @johnhooks said:

                          @Dashrender said:

                          @johnhooks I think servers don't suffer this because how often are server admins pushing out some unknown package? They are using newer versions of things that have been around for a long time. There is probably some kind of chain of custody that makes those things less likely to make their way into the repo in an infected state, unless the vendor making the software was penetrated and the code infected.

                          Server admins are not home users - home users install all kinds of crazy things - they want card maker programs, and soduko, crossword, crazy smiley faces, etc.

                          But being in the repo or store means its not unknown. The software stores use the same repos. If you can install it on Ubuntu with Unity, you can install it on Ubuntu server.

                          A brand new game, in the repo is an unknown - to you. that's my point. Brand new things in the repo have no reputation. I'm surprised you haven't heard about the dozens of things being pulled from both Google/Apple stores for doing improper things.

                          If you want to find more, I guess you can google it.

                          From my experience, things in the repos aren't usually brand new, unless you enable a repo that has that. That is one gripe people have with Ubuntu. PPAs make it trivial to install software from a repo that could possibly not be maintained 10 months down the road and now has security issues. It's easy to add Jimbob's super drawing app repo, but it's likely that will never be maintained.

                          You don't really run into unknown software to anyone in the main repos.

                          I guess my whole point is this, if you have root access to your device, all bets are off (especially if you have no clue what you are doing). Things like Chromebooks have done away with a lot of problems (and still run Linux). So desktop space, I'm sure if the market takes off there will be virus issues. However, the platform itself makes it so much easier to take care of that, both in being open and in design.

                          For example, if I download a file that was malicious on my laptop I'm using right now, I can keep my whole system in tact, and just blow away my home folder and create a new one without ever turning it off. As long as I didn't give it root permissions.

                          1 Reply Last reply Reply Quote 0
                          • stacksofplatesS
                            stacksofplates @Dashrender
                            last edited by

                            @Dashrender said:

                            @johnhooks said:

                            The devices have to be rooted. Which removes all security that was given.

                            That article didn't actually say they had to be rooted, but if it was rooted, it would right itself to the file system making it difficult to remove.. not the same thing at all.

                            It's like javascript in your browser, stuff can be downloaded that can do all kinds of crazy things... like attempting to log into your router (now from the LAN side) and making changes, etc.
                            Root, admin level privileges aren't needed to do those things.

                            https://blog.lookout.com/blog/2016/01/06/brain-test-re-emerges/

                            That link is pretty much saying it does need to be rooted for the malware to do anything. If it doesn't have root access, then it can't install any other applications.

                            1 Reply Last reply Reply Quote 0
                            • DashrenderD
                              Dashrender
                              last edited by

                              Microsoft with their store apps is trying to move to the Google/Apple model, but there is so much legacy software that people want/need that will never be converted.

                              When you are talking about Ubuntu, you're talking about admins using it.. not home users. As such the lack of new things making would never be acceptable to home users - they are constantly looking for new things.. and if they can't find it in the normal store.. they will go elsewhere if it's possible at all.

                              Apple makes this nearly impossible, but Android makes side loading pretty easy in fact. So sure, people could go outside of the store and install non vetted things.

                              The exact same thing would happen if Linux got a foot hold on the desktop, unless the ability to side load was more or less completely removed, or the app store was always being renewed with latest crap.

                              stacksofplatesS scottalanmillerS 2 Replies Last reply Reply Quote 0
                              • stacksofplatesS
                                stacksofplates @Dashrender
                                last edited by

                                @Dashrender said:

                                Microsoft with their store apps is trying to move to the Google/Apple model, but there is so much legacy software that people want/need that will never be converted.

                                When you are talking about Ubuntu, you're talking about admins using it.. not home users. As such the lack of new things making would never be acceptable to home users - they are constantly looking for new things.. and if they can't find it in the normal store.. they will go elsewhere if it's possible at all.

                                Apple makes this nearly impossible, but Android makes side loading pretty easy in fact. So sure, people could go outside of the store and install non vetted things.

                                The exact same thing would happen if Linux got a foot hold on the desktop, unless the ability to side load was more or less completely removed, or the app store was always being renewed with latest crap.

                                I'm still talking about home users for Ubuntu. You can use PPAs with any version of ubuntu. The software center (picture below), by default it has right now 81,735 packages, it isn't lacking in any way. BUT, if you do decide to install something outside of it, you can add more repos, or even download the file. It's just as easy on a Mac, just disable gatekeeper.

                                0_1454276205889_software center.png

                                1 Reply Last reply Reply Quote 0
                                • Bob BeattyB
                                  Bob Beatty
                                  last edited by

                                  The last insurance company I worked for had hundreds of thousands of dollars invested in their accounting software that could only run, and was built to run in IE. Windows it is. Sometimes business dictates and overrules the "everything can run on Linux" theory....

                                  stacksofplatesS 1 Reply Last reply Reply Quote 0
                                  • stacksofplatesS
                                    stacksofplates @Bob Beatty
                                    last edited by

                                    @Bob-Beatty said:

                                    The last insurance company I worked for had hundreds of thousands of dollars invested in their accounting software that could only run, and was built to run in IE. Windows it is. Sometimes business dictates and overrules the "everything can run on Linux" theory....

                                    Did it only run on IE because it was dependent on something like ActiveX or was it because they just added a line to the header to only allow IE?

                                    1 Reply Last reply Reply Quote 1
                                    • scottalanmillerS
                                      scottalanmiller @Dashrender
                                      last edited by

                                      @Dashrender said:

                                      When you are talking about Ubuntu, you're talking about admins using it.. not home users. As such the lack of new things making would never be acceptable to home users - they are constantly looking for new things.. and if they can't find it in the normal store.. they will go elsewhere if it's possible at all.

                                      I've never met those home users. What things are they looking for? I rarely see home users install anything but malware. All they use are web browsers.

                                      1 Reply Last reply Reply Quote 1
                                      • 1
                                      • 2
                                      • 3
                                      • 1 / 3
                                      • First post
                                        Last post