Matthew Moore gets a Virus on Arch.....?? :(

B

blackneos940

Guest
So Matthew Moore demonstrated that he did, in fact, get a Virus on Linux..... But it seems like he got it so EASILY..... :( This bothers me..... Does this mean I could have Malware running on my Inspiron with Lubuntu installed.....? :( Anyway, here's the Link....... He uses Linux pretty much EXCLUSIVELY, so it doesn't seem as if he is BASHing Linux..... See what I did there.....? :3 Anyway, what are your guys thoughts on this.....? :)

~Namaste..... :D


 


He does not provied enough information.
Ah, I see..... TBH, I never watched the entire video (short attention span FTW!!..... :D) But also, I was mainly just interested in the Virus part..... :)
 
Ok, I see..... :) This seems to have cleared up some things..... Not too fond of the name-calling one person did..... :( I actually LIKE Matt..... :) Well, I'm pretty certain my Inspiron is safe, and I don't think I'll likely EVER encounter a Virus, as long as I exhibit common sense, and use SUDO, but ONLY when I have to..... :3 But what does "SUDO SU" mean.....? And why is there a Root Account that has a hidden Password.....? :(
 
I just feel like he went out of his way to show the one of the few issues with the AUR. He doesn't really mention the large amount of safe packages nor how to spot unsafe packages or the huge RED WARNING about AUR packages. I have been using the AUR for years, even contribute a few packages, with absolutely no issue.
 
Hi,

Let's start with the malware. He showed us a couple of .dll's and an .exe. I.e. he showed us Windows malware on Linux. Yes, it is a malware but no, you don't have to worry about it. He didn't show a proof that these guys affect your Unix friend.

Defragmentation. From Wikipedia:
BSD UFS and particularly FreeBSD uses an internal reallocator that seeks to reduce fragmentation right in the moment when the information is written to disk. This effectively controls system degradation after extended use.

On Linux ext2, ext3 and ext4, much like UFS, these filesystems employ allocation techniques designed to keep fragmentation under control at all times. As a result, defragmentation is not needed in the vast majority of cases.

Reboot? No need to. You don't upgrade your kernel, libc or initscripts daily. Some even never upgrade it. Systemd has a lot of updates weekly-monthly and its components like udev too BUT this depends on whether you use it. And every system core update depends mostly on your distribution. Arch uses rolling-release model and this means that updates are frequent.

There's my two cents.
 
Hi,

Let's start with the malware. He showed us a couple of .dll's and an .exe. I.e. he showed us Windows malware on Linux. Yes, it is a malware but no, you don't have to worry about it. He didn't show a proof that these guys affect your Unix friend.

Defragmentation. From Wikipedia:

Reboot? No need to. You don't upgrade your kernel, libc or initscripts daily. Some even never upgrade it. Systemd has a lot of updates weekly-monthly and its components like udev too BUT this depends on whether you use it. And every system core update depends mostly on your distribution. Arch uses rolling-release model and this means that updates are frequent.

There's my two cents.
And starting with kernel 4.X we now have the capability to patch the kernel without rebooting...so we don't always have to reboot for minor changes either. Very good points. :)
 
And starting with kernel 4.X we now have the capability to patch the kernel without rebooting...so we don't always have to reboot for minor changes either. Very good points. :)
Don't some upgrades send a SIGHUP to restart the process after the upgrade? If true, then more of his "opinions" are incorrect. I have no desire to listen to any of his other videos.
 
Hi guys,

Thank you for your comments, I must admit I now find the video regarding the virus thing pretty bogus as I think about my own experiences I have never had a report from anyone while using Linux having sent emails that I have sent them a virus or malware infection. Nor has a program not working actually been because of malware it has been a system library issue.

Also this disabling comments thing is also suss. So again I have learned much from the comments here and will avoid his stuff now.
 
So, what I got from his video was that he debunked a few things on Why Linux is Better by generally restating what was in the individual articles on Why Linux is Better. Well, that's not entirely accurate, since he didn't really demonstrate an infection of malware, just that a computer running a Linux operating system can store virus files intended to run in Windows.

He also successfully demonstrated Sophos locating and removing those Windows virus files. This does shine a light on the potential for Linux users to innocently spread virus infections to Windows computers. Which is why it is a good idea to have some kind of antivirus software on your Linux system to help protect to your less enlightened friends. ;)

Several years ago, I attempted to execute a few Windows files using wine. Only one would do anything, but all it ended up doing was closing wine. Interesting experiment, but solidified my faith in Linux safety.
 
Don't some upgrades send a SIGHUP to restart the process after the upgrade? If true, then more of his "opinions" are incorrect. I have no desire to listen to any of his other videos.
I think it does depending on what is being patched. Going to look it up now...
 
What I noticed was that it detected a Windows virus. The so called application that wouldn't start was probably something running from Wine from the sound of it. The reason Sophos picked up the virus (I think) was because it probably detects Linux viruses as well as Windows ones.
 
Last edited:
What I noticed was that it detected a Windows virus. The so called application that wouldn't start was probably something running from Wine from the sound of it. The reason Sophos picked up the virus (I think) was because it probably detects Linux viruses as well as Windows ones.

It wasn't running in wine. Matt was very clear about that. Sophos, like any good antivirus program, detects all viruses. Clamav does too. I'm not sure why that particular application would not run, because .exe and .dll files are not used in Linux (except in wine), as far as I know.
 
It wasn't running in wine. Matt was very clear about that. Sophos, like any good antivirus program, detects all viruses. Clamav does too. I'm not sure why that particular application would not run, because .exe and .dll files are not used in Linux (except in wine), as far as I know.
Whoops, I forgot he said that. I was just recalling from memory, that's why I overlooked that. So as far as why it didn't run, it's a mystery?
 
I have a LOT of questions about this presentation!
  • What version of Imagination did he install?
  • Where did he obtain the installation from?
  • In Debian there is a version, 3.0-5
  • Another version on Sourceforge.net
  • Did the application originally work?
  • If so, what did he do AFTER it worked, and BEFORE it didn't?
  • What was the icon he clicked on linked to?
  • What else did he do BEFORE creating this video?
  • What created /var/tmp/Imagination, and put the .exe and .dll files in that directory?
  • Is tekdefense.dll in any way related to tekdefense.com?
  • 854137.exe IS available from the Maware-Samples page at tekdefense.com
I installed the Debian version and ran it. No .dll files, and no .exe files were created, and no "var/tmp/Imagination" was created.

I will hold back on my further opinions on this video, but...
 
I just took my harddrive out of my laptop (FSTAB created with genfstab -U -p ) and put it into an older laptop with AMD process and AMD graphics. Completely different hardware. Boots fine....

And you should not check the fragmentation of an EXT4 file system while the OS on it is running. Not a good idea.
 

Staff online

Members online


Top