[ILUG-BOM] Viruses Anyone?

jtd jtd at mtnl.net.in
Sun Dec 2 10:12:03 IST 2007


On Saturday 01 December 2007 22:55, Rony wrote:

> I want to know if all these things are connected and is there some
> major infection going around? 

It's called antivirus.  Welcome to the world of av trashware trashing 
everything which it cannot identify.

> Sourceforge could be using Linux 
> servers, but I feel too scared to download anything for a week or
> two for windows, even if it is libre software.

Whoever told you that libre software is going to protect doze machines 
from themselves. You cant secure anything above the underlying 
insecure-by-grand-design os layer. AV and similiar software is the 
finest con game invented. Particularly the concept of "cleaning". 
Once a machine is infected you dont know what it has changed. Most AV 
have a # file which can be easily edited. Hence a payload could be 
anywhere on that mc. Infact in a doze env it could be anywhere in 
your network! and that includes linux machines. While the linux 
machines will be unaffected all the doze box will be slammed to 
death. 

Besides sourceforge and similiar repos dont care whats on the server. 
You have to do the verification by checking the sigs. Debian uses md5 
hashes in a Release file and gpg for sigining the Release file. u can 
therfore be reasonably sure that what u download is ok. Similiar 
schemes should exist for other distros too.



-- 
Rgds
JTD


More information about the Linuxers mailing list