Trojan: Win32/Bumat!rts detected from ImgBurn

dranfu said:

Even trusted sources can be compromised.

That is why I do not recommend adding any site to the Trusted Zone in IE.

allend66 said:

pparks1 said:

Yeah, there is nothing like being 40 minutes into a build where you typically only install about 10 things and having something fishy already going on.

Guess I'm just happy that I put MSE on there prior to the rest of this stuff.

No virii on Linux...

Actually not quite true -- It's STILL a hackable OS - and in theory it should be EASIER to create a Virus since most of the source is in the public domain anyway.

Even on Linux you should scan your machine regularly.

People generally don't bother to write malware for Linux as the sorts of warped minds that play around with this stuff get their twisted pleasure from causing maximum inconvenience to the largest number of users which means Windows users.

Most Linux intrusions tend to come via insecure logon procedures or opened ports. Then with a decent knowledge of some commands the intruder can eventually get root privileges where he / she can do "the dirty".

However decent routers should have a log containing remote logon attempt info on them with the originating IP address(es) if you suspect your Linux box is being compromised.

Cheers
jimbo

*sigh*

Well, now this has started... I will put in my two cents about OS and Virii as well.

Please note, commenting about how one OS does not have virii, while true, is only true to a certain point.

Currently, all OS systems will have a level of virus focus. Back in the 90s, the popular computer was the Macintosh. PCs had viruses, but required being executed in order to really 'work'. Macintosh, on the other hand, had the easiest means of making viruses become very promiscuous due to a simple OS design concept that bit them in the rear. This being the mounting of Floppy disks and reading/writing to the disk by simply having it mounted on the computer desktop.

This viral method was VERY popular and made Macintoshes have the serious problem of dealing with it for several generations of their OS... From OS 6 to OS 8 or 9 when the Floppy was no longer used nearly as much.

Windows picked up the mantle of getting more viral attacks for several reasons:

1) Introduction of Windows 95 and the 'interoperability' coding that followed with it.
2) Popularity of PCs and Windows overshadowing the Macintosh for Home, Business and Education when they finally introduced their own networking support model that no longer required Novell for one, and also made it easy to use like the Macintosh.
3) Making the Internet accessible quickly in comparison to Macintosh (It took a year or so to get Mac into the swing of doing TCP/IP mainstream wise, I should know, I used to be on a Mac for internet and had several hokey ways of doing before it was part of the OS)
4) Coding tools for making Windows oriented programs were made readily available, thus giving more neophyte hackers a hand up in learning how to exploit Windows where as Mac and Linux relied more on people who took courses in programming.

The failure to understand here is that each OS has its history and Apple has tried to use the "We don't have problems." as a selling point. While Linux is not trying to 'sell' like that, it is also a fallacy to state that Linux does not have its problems.

Linux will still have security issues that will need to be patched, just like any other OS. While it may not have the prevailing problems of Web based viral attacks that Windows will have, it does not mean that a Linux machine can't be attacked in other ways.

Linux, even with its now improved GUI interface to be more user friendly, still has the issues of being user friendly in general for the very BASIC user. And when I say BASIC user, I am talking about the ditzy blonde girl stereotype user, the one who has NEVER used a computer beyond the simple web browser. If you expect them to understand how to install certain programs or how to work with WINE, it is like expecting a blind person to describe the world to you with colors. It just doesn't work that way.

And sadly enough, people also ignore history... As mentioned before, Macintoshes have had a serious problem with viruses due to the method in which it could be spread and also on the simple fact that the Macintosh was a popular computer model. This day and age, the PC with Windows is currently the majority market share due to volume of software, simplicity for the user and just cost effectiveness. Linux is rarely considered as the OS is only grasped by handful and generally it is those who actually spend the time with it. Macintosh, while running with a Linux Core, is hindered mostly on cost of their computer and OS and also the lack of volume of software at this time, where most of their software focuses more on, literally, desktop publishing.

Macs do have their virii, they are few and far between, but again, it does not mean they are completely immune. Even Jobs stated himself the reason Apple doesn't want to support Flash is because it is unstable and a security risk, and they want people to start using more of HTML5 coding methodology... This should tell you that even Macs with a Linux core is not necessarily immune to problems the PC has.

Lastly... In the last 20 years, coding went from people using tight code to terrible coding design, unclosed loopholes and rushed production... I remember back when I was learning ASSEMBLY coding, that the comparison of assembly code to a program written in C... To do a simple "Hello World" was night and day as far as how much an executable code was in size and memory use. Assembly coding is now almost extinct on the simple fact that coding tools are using a lot more 'black box' and high level coding' that can introduce these security problems mostly because of sloppy coding and just plain ignorance of what other people will be willing to do.

And mind you, the security flaws Linux and Macintosh patches for themselves, is for that very same reason. Hackers focus more on windows simply because they have the tools and more vectors to do so than with Linux and Macintosh. At the same time, they gain more from attacking Windows computers because again, when you throw a grenade at an enemy, you generally want to get the most effect out of it. Do you throw it at the group of 15 people or the group of 3 or 5 people?

Again, common sense is not so common for people when they only see one side of the picture.

pparks1 said:

Keiichi25 said:

And mind you, the security flaws Linux and Macintosh patches for themselves, is for that very same reason. Hackers focus more on windows simply because they have the tools and more vectors to do so than with Linux and Macintosh. At the same time, they gain more from attacking Windows computers because again, when you throw a grenade at an enemy, you generally want to get the most effect out of it. Do you throw it at the group of 15 people or the group of 3 or 5 people?

In addition to a limited number of people, these other OS's often have restrictions in place which significantly reduce the amount of damage that could be done as well. Limited user accounts, servers in chrooted environments, etc. These features stem greatly from the fact that it's been a multi-user operating system for multiple decades...unlike Windows that until recently left everybody as full admin. This certainly account for a lot.

Actually, since Windows NT4 and Windows XP, there has been a multi-user operating system and security model in place. The problem is, with the many neophyte programmers out there and the lack of actually programming on a non-Admin level case has always created the problem of not building programs in the proper access level environment, hence the many problems with various programs and complaints with the Vista Model with regards to some programs, such as World of Warcraft and other games when Vista was put into place and only partially rectified with Windows 7. The fact that the multi-user Operating system consideration was also in Windows 95, but not the security standard until XP, the permission levels were there with Windows NT 4.0 as well, but didn't get put into the other side until Windows 2000 and XP were put into play.

Macintosh sort of runs into the similar problem as well with some of its software, where it does prompt for Super User access at times, but for the most part, a lot of functionality is under the belief that there will always be 1 user on the machine and it did not include much in an enterprise level unified logon system which has been a pain for some corporate groups without investing a lot of time and resource to cludge it to work for their environment. (I should know, use to work in a company where we didn't HAVE our Macs tied uniformly with the Active Directory due to having terrible documentation on how to get Macs to join an AD environment and seeing many others having mixed or no positive results in that manner.)