[kwlug-disc] Linux viruses [was: Linus viruses]
kb at 2bits.com
Tue Jul 27 22:13:53 EDT 2010
On Tue, Jul 27, 2010 at 9:59 PM, Chris Irwin <chris at chrisirwin.ca> wrote:
> On Tue, 2010-07-27 at 20:50 -0400, Kyle Spaans wrote:
> > You've got me there. Mostly I was posting that link because it's an
> > interesting read and to show that there are least people thinking
> > about this kind of thing. It certainly does _not_ help my (admittedly
> > devil's advocate) argument much. :-)
> Here's a common vector that could be used for Ubuntu:
> "Hey everybody, I just made updated firefox/pidgin/etc packages in my
> ppa! Let me know how they work!"
> Adding a PPA is down to a single command, they are GPG signed so as to
> avoid popping up security errors, and can provide any package (say,
> firefox and gksudo). Furthermore, the firefox package may itself provide
> extra files, or a postinst script that replaces gksudo (or any other
> file) with a modified version. etc.
That is good old social engineering.
Works wonders and is cross platform! Rather platform agnostic.
Emailing an executable could work too.
Khalid M. Baheyeldin
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. -- Edsger W.Dijkstra
Simplicity is the ultimate sophistication. -- Leonardo da Vinci
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the kwlug-disc_kwlug.org