Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 31 Jul 2014, 05:28
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Running ready-made downloaded programs
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [9 Posts]  
Author Message
8-bit


Joined: 03 Apr 2007
Posts: 3357
Location: Oregon

PostPosted: Thu 24 Dec 2009, 17:58    Post subject:  Running ready-made downloaded programs
Subject description: Do you check the code?
 

I just had a thought and was wondering.
How many of us download a program and then just run it without checking the code.
Let us just say that a program is downloaded, not checked for content, and run.
Now, lets imagine that the new on-line-once contributor has evil intentions.
He includes in the code code to gain access to the computer or intercept commands to be used by his program.

What I am getting at here is the Windows type attitude of a new user of Puppy.
They read of a great program they want to try.
They download it and run it without ever checking it out.
It crashes Puppy or their present OS.
The blame then falls on Puppy.
Is this right?
NO!
But it is not the first post that said "Puppy broke my computer"
So....
Do you check the code of a program before you run it.
Do you even know how?

I am guilty of running programs without checking them out first.
I will admit it.
But it sure makes you think.
With Puppy, you have a chance to check that code.
Windows, fat chance!
Back to top
View user's profile Send private message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 10948
Location: Arizona USA

PostPosted: Wed 13 Jan 2010, 10:00    Post subject:  

I don't bother checking. I wouldn't know what to look for if I tried. Laughing I don't worry though, because I run Puppy from a multisession DVD in a computer without a hard disk drive. If I try something that borks Puppy, or that I suspect might have compromised it, I simply shut down without saving to the DVD. If I find that I nevertheless managed to save some malware, I can tell multisession Puppy to ignore the contaminated session when it boots.
_________________
Puppy Help 101 - an interactive tutorial for Lupu 5.25
Back to top
View user's profile Send private message 
Pizzasgood


Joined: 04 May 2005
Posts: 6270
Location: Knoxville, TN, USA

PostPosted: Wed 13 Jan 2010, 20:27    Post subject:  

Quote:
If I find that I nevertheless managed to save some malware

Devil's Advocate: How do you find that you managed to save malware? Because if the person who wrote it was anything like me, it wouldn't do anything obvious like pop up windows going "I own your computer now punk". It would just sit there in the background, disguised as some legitimate process, using very little CPU time and very little network usage. Slowly spying on you from the shadows. And that's assuming the person was just too lazy to actually infect a legitimate program, which would have let the malware not even have a separate process entry. For example, if X or JWM were to be infected, the malware would run pretty much all the time, and you'd see nothing funny at all in the process list. (Of course, the malware could just modify the system so that it isn't reported in the process list in the first place, which would let it run whenever it wants without arousing suspicion, so long as it doesn't do anything intensive.)



One answer is that you could analyze your network traffic periodically at a low level to see what's going on, and hopefully notice if anything is out of whack. Or maybe have a separate box that your computer's network connection has to run through to get to the outside world. That box could then inspect your traffic looking for patterns and then display the patterns and some overall statistics for all traffic in general. Then if you start frequently sending small amounts of data to some weird IP address, you might notice.

_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send private message Visit poster's website 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Thu 14 Jan 2010, 01:04    Post subject:  

Where do we get these wonderful devils advocate programmers?

A low CPU, data collecting (perhaps key logger) trojan, morphing
etc would be great fun. Is the source code available?

Strangely you would not know if such a system
did not exist on your computer

FUD is the real trojan. Rolling Eyes

_________________
Puppy WIKI
Back to top
View user's profile Send private message Visit poster's website 
Pizzasgood


Joined: 04 May 2005
Posts: 6270
Location: Knoxville, TN, USA

PostPosted: Fri 15 Jan 2010, 18:17    Post subject:  

People who are afraid of FUD should probably stay away from topics like network security, espionage, and healthy eating.

Or perhaps they should become very close to those topics to get over their fear of FUD. That leaves UD, and if they spend time learning, they can eliminate most of the doubt too, leaving them with just Uncertainty, which is omnipresent and eternal. I think.

_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send private message Visit poster's website 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15117
Location: Paradox Realm

PostPosted: Sat 16 Jan 2010, 00:51    Post subject:  

Tronkel is one of the people who seems to compile most of the programs he uses.

At the moment I believe the biggest security problem is Flash
and its action script language.

Previously it was javascript.
I ain't going to turn either off.

I am going to download and use pets and sfs
Maybe that is the geek version of living dangerously?


_________________
Puppy WIKI
Back to top
View user's profile Send private message Visit poster's website 
Pizzasgood


Joined: 04 May 2005
Posts: 6270
Location: Knoxville, TN, USA

PostPosted: Sat 16 Jan 2010, 16:04    Post subject:  

The important thing is to know of the risks. You can still take them, just realize you are taking them. It makes a difference.

For example, take two people who always cross the street without looking. They both attempt to cross a particular street that has occasional traffic. The first person believes there is no traffic, and the second knows there is. Despite that neither looks, the first will be more likely to be struck down. The second guy will be more aware - even though he doesn't use his eyes, his ears can pick up the noise of an oncoming vehicle, and it can happen even if he isn't consciously listening for one. And his subconscious will be prepared for the possibility of needing to dodge a bus, so his reaction time will be better than the first person's.

_________________
Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib

Back to top
View user's profile Send private message Visit poster's website 
kirk

Joined: 11 Nov 2005
Posts: 1391
Location: florida

PostPosted: Tue 19 Jan 2010, 10:55    Post subject:  

Quote:
How do you find that you managed to save malware?


Devil's Devil's Advocate: You could check /initrd/pup_rw and look for the modification of any start-up scripts or programs that seem suspicious. If you haven't installed a lot of stuff it's pretty quick. It's a real nice feature of Puppy.

I agree, it's about risk assessment, if you have little to lose then you tend to take bigger risks. The inverse is true as well.
Back to top
View user's profile Send private message 
PaulBx1

Joined: 16 Jun 2006
Posts: 2308
Location: Wyoming, USA

PostPosted: Sat 23 Jan 2010, 12:10    Post subject:  

Also, any time you install programs, back up the pupsave first. That won't help with detection, but if you do detect a problem, your recovery is simple.

I have a mod to my /etc/rc.d/rc.shutdown file which makes pupsave backups automatic, so this is even easier than it normally would be.

I always thought it would be a good idea to generate and record a checksum of /initrd/pup_rw, and then to compare the current checksum with the one from the previous boot, giving a warning if they are different. But there might be enough written to the pupsave just in the ordinary course of events to make this unworkable. You'd have to exclude mail files and other similar things. I never got concerned enough to look into this.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [9 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0708s ][ Queries: 12 (0.0083s) ][ GZIP on ]