Are malware attacks against Linux OSs on the upswing? I did a search of this forum and there don't appear to be any current discussions about this. A general web search finds some headlines such as this https://www.zdnet.com/article/linux...n-the-rise-and-businesses-arent-ready-for-it/ suggesting this is so. What does the Linux community think about this?
Linux Malware
- Thread starter willyum
- Start date
The may help to explain.
easylinuxtipsproject.blogspot.com
You can secure your browser using Firejail Sandbox.
Security in Linux Mint and Ubuntu: an Explanation and Some Tips
Easy tips, tweaks and tricks for Linux Mint and Ubuntu, both for beginners and for advanced users. Complete starter's guide with simple how-to's.
easylinuxtipsproject.blogspot.com
You can secure your browser using Firejail Sandbox.
It only stands to reason. As Linux targets are valuable targets, they're going to be attacked.
Keep your stuff updated, don't install dodgy software, and pay attention to what's going on.
Keep your stuff updated, don't install dodgy software, and pay attention to what's going on.
My post would have been similar to @KGIII's post above.
-> What kind of response are you expecting?
With respect, the "Security in Mint and Ubuntu" article suggested by @The Duck is a good general security overview and won't hurt, but it is not the best I have seen. I dislike the style and flow of it. There are many statements of fact that lack sources and details (and sometimes accuracy). Among other things that it lacks is a good, ordered checklist for readers to use and follow.
I wish I could offer better for Linux desktop users. I need to find a document that I like and can share with others that is suitable for Linux users at various levels, including beginners. If I encounter one, I will post a link here. Perhaps others have good suggestions.
In case it helps, I have my own checklist with notes that I use for Linux servers. It does not have much, but it has the basic steps that I follow to lock down a Linux server at initial startup. Many people with servers run their own initial setup shell scripts to automate the work.
Brickwizard
Well-Known Member
Linux is considered inherently safer than other OS's, but at the end of the day as with any system, the biggest failing comes between the seat back and keyboard.
Keep your system up to date
Don't install 3rd party [non repository] apps unless you are sure they are safe,
Avoid opening 3rd party attachments on forwarded e-mails
be extremely careful of opening/using social media clickbait
Keep your system up to date
Don't install 3rd party [non repository] apps unless you are sure they are safe,
Avoid opening 3rd party attachments on forwarded e-mails
be extremely careful of opening/using social media clickbait
Whether or not malware attacks are on the upswing, as asked in post #1, the znet article linked to in that post has pointed to the relative weaknesses of such attacks in any case. One could venture it's answered the query in relation to the consequences of such attacks to a degree with comments such as:
Some more info in this thread: https://linux.org/threads/how-to-scan-for-viruses.41485/#post-167489
Some more info in this thread: https://linux.org/threads/how-to-scan-for-viruses.41485/#post-167489
Most attacks need to gain 'root' access - don't use it on a regular basis, & definitely not online whilst browsing.
Data is 'currency' these days, so hackers, or to be more precise crackers, will try to get their hands on it - such as peoples bank details, etc. It doesn't matter what the O/S is, they will try, so just be very careful with your details when online.
Data is 'currency' these days, so hackers, or to be more precise crackers, will try to get their hands on it - such as peoples bank details, etc. It doesn't matter what the O/S is, they will try, so just be very careful with your details when online.
My question was intended to be open ended mostly to find out if the current state of malware and bad actors was causing any increased concerns or changes in standard practice. For instance, does improving capabilities of AI cause any new concerns? Also, to be a bit more specific, should I be any more concerned about using the cloud base password manager that I have used for a couple of years. Is the cloud, in general, untrustworthy? I'm not asking so much about the security of this laptop I'm using as I am about the rest of the world I occasionally connect to.
I'm not looking for a technical dissertation; just generalities.
Personally, I keep all my passwords to myself, in a little notebook.
It's on the back burner, but I someday plan on writing a 'Basic Linux Security' article.
If you're interested, you can write one. I've had a number of 'guest' articles from folks over here.
I have some small experience in this area. The day the internet sync feature first appeared, I warned my colleagues never to use it. I never did and I never regretted it. Others may disagree and I respect their opinions, but I respectfully say that they are wrong. You asked to avoid the dissertation but suffice it to say that every reason I gave back then has been shown correct, and the types of incidents I predicted have occurred.
The recent LastPass breach is a fine example. This Linux.org thread talks about the huge LastPass' data breach last August (2022). It was the breach that kept on giving as additional details (and continued data thefts) trickled out. Start here. I think it is an interesting read:
https://www.linux.org/threads/notice-of-recent-security-incident-lastpass.42950/
Whatever you decide, nobody here will judge you for it, including me, so don't worry about that.
(Noted: @KGIII's comment/offer above.)
Same. When a user relies on software that holds their password or passkey, or they surrender their means of verification to any form of electronic method, they are a step removed from the control of their password than they otherwise would be. It's a bit like the difference between remote control and direct hands on "pencil and paper". Reliable and robust electronic controls can be more reliable if they work in the sense that they're not so subject to human memory or finger lapses, but for careful people, it may be a mite unnecessary.Personally, I keep all my passwords to myself, in a little notebook.
I respect @osprey. They know their stuff, but the paper and pencil scheme is impractical for me. I use strong unique random passwords. Considering the number of unique passwords I use, it would be too difficult to manage them manually with paper, especially considering their length and randomness. Before password managers emerged, I kept them in a spreadsheet. The spreadsheet was password protected (not secure), and stored in a separate encrypted partition that remained unmounted by default. The computer also used whole disk encryption. From my point of view, the spreadsheet in an encrypted partition was a primitive password manager with local-only storage, which is what I use now.
-> One thing I agree with Osprey - keeping passwords electronically on a system is far riskier than the "air gapped" pencil and paper approach.
Has anyone considered buying one of the many two-factor security tokens that are on the market? They are starting to target ordinary consumers. I picked up a few Yubico tokens ("Yubikey") recently to try as a possible solution to Osprey's concerns. I need to upgrade my OS to the latest before trying them out. I may try some other tokens too.
Not personal systems but most of your servers are Unix or Linux based so sometimes it sounds like it. Just keep an eye your iptables or ufw or whatever you use for security. Make sure you don't have public facing open ports that could show up on a scan and you should be fine.
