Puppy Linux Discussion Forum

[2byte]

Special Report: U.S. cyberwar strategy stokes fear of blowback

http://www.reuters.com/article/2013/05/10/us-usa-cyberweapons-specialreport-idUSBRE9490EL20130510

[nooby]

Good that you told us. We have to encourage the devs
to look into it and see if there is any way to improve Puppy
if it is vulnerable in same way or worse. Due to how different it is
maybe their general ways to approach standard Linux maybe their
script has not inclided Puppy on the other hand if we are number ten
most popular they include Puppy differences in the script.

If standard Linux do this.
If Puppy Linux ask for help from operator

[8-bit]

I recently visited a web site that downloaded a partial file to /tmp before I caught it.
It was an EXE file and I assume it was an attempt to infiltrate Windows.
I cannot remember the site. But the appearance of an unrequested file got to me.

Also, at a site called 4Shared, I tried to download a game tar.gz file.
The site wanted me to download and run a file downloader that happened to be an EXE file.

And when I did a search of their site for the game file name, I was told it did not exist!

So what has happened to you lately that you would consider suspicious?

[Sylvander]

[jpeps]

[Sylvander]

[jpeps]

[linuxbear]

... might be true, but it is not that easy to get in my system. My router does not broadcast it's name and protected by a complex password.

my user account is protected by a complicated password
my important personal files are encrypted and my machines are turned off daily

[Edwardo]

[linuxbear]

I am aware that someone with good skills can get in. That's why everything important is encrypted and the machine is completely scrubbed with bleachbit at least 3 times a week.

[Moose On The Loose]

[redandwhitestripes]

[quote="Edwardo"]

[wibble]

If someone with the skills and tools and time wants to then sure its possible. But consider how often that will happen... The probability unless you are a political dissident, or subject to a government or corporate investigation are pretty slim.

now improving security to prevent everyday exploits from script kiddies and mail-ware that makes a whole lot of sense. Linux is pretty secure as long as precautions are taken, firewall ect..

I would sweat more on a windows box to be honest. There is a lot more development of exploits for that platform just because of the shear amount of users.

If you think 12 character password strings are bad... IBM mainframes have a maximum length of 8... and also cannot contain spaces or special characters. So from a security point of view they are far more vulnerable platforms when connected to the Internet.

The really scary one for me is wireless, there are so many potential holes and exploits that are inbuilt into the standard. I would not trust it for my sensitive data. And once the 'Internet of things' takes off you will have an even larger problem.

That said I think as time goes on and Linux gets more acceptance there will be more tools and exploits developed for the platform - look at Zeus you don't even need to have a great deal of technical skill to use it.

However I really would like to be able to password the system, I noticed I could do that with attack puppy. would be nice to have that ability with precise.

[Sky Aisling]

“Hand of Thief” banking trojan doesn’t do Windows—but it does Linux

http://arstechnica.com/security/2013/08/hand-of-thief-banking-trojan-doesnt-do-windows-but-it-does-linux/

[Ibidem]