44
Comments
  • 25
    Not true though.

    The only reason ransomware is non existing on linux is because linux is so rare on desktops that its not worth it.

    Linux has had its share of privilege elevation bugs and more but since most linux (not counting phones or tablets that actually has been affected) are servers. And servers are much more likely to have backups and also require faster restore making paying a worse alternative.

    The crocks are just targeting the biggest market.
  • 6
    It works on wine as well
  • 0
    @Furyzer00 runs perfectly on wine Yay
  • 1
    don't be naive
  • 3
    Creating ransomware for Linux is/would be much easier and could be done via website scripts. After all nearly all desktop distributions of Linux come with encryption tools and calling them isn't that hard
  • 6
    @Jop- over the years I have read about several vulnerabilities in linux that could cause a normal user or guest to be able to run things as root.

    Most of the times the saving was that it was a server which means no one was logged in and downloading stuff that could use it.

    But most of them would have been as bad as most of the once we read about in windows.

    And many of the so called windows bugs are actually other programs like flash or drivers not built by MS. So even if MS has been more sloopy I fight any attempt to declare a platform as immune. Because that delusion is what makes bugs dangerous.

    If you understand that any platform can bee breached you at least can be vigilant in securing you backups and react to any anomalies.
  • 4
    @andros705 they already did and for all versions back to windows xp that has been discontinued for more than three years.

    The problem is that many of the old machines has updates turned of.

    And old discontinued linux dists often also get no auto updates.
  • 2
    @Jop- well the mostly gave not found the bug before ;)

    And yes since there commonly are no local logged in users on most linux (and when there are they tend to be a lot more technically competent) many of the easy attack vectors are not available.

    But we really do not know. Hackers attacking linux might be going for other targets than what little they might get in ransom. They might instead use the machines to steal credit card info from shops that run on the machine or scan internal network for vulnerable end user machines.
  • 0
    Small marketshare, and NSA just made it for windows :(
  • 0
    @Voxera But Wannacrypt is infecting Win Servers as well, especially those older ones.

    And linux is not so rare on desktops where I come from.
  • 1
    @qbasic16 That's a picture, it's fake.

    It's not even running through Wine, and it wouldn't encrypt anything if it did.
  • 1
    @Voxera if creator of wanna cry really wanted to be rich and screw the world ,he could target Linux machines which are super computers. But no he didn't. He/she knows that it will be easy to escalate security of windows rather than linux. Windows users have habit of clicking next button each time they install a software.
  • 2
    @Codebeard thx now I see it and your comment :D
    Damn you internet of fakes...
  • 4
    @tankmohit11 dont think it is viable.

    First I believe it will be hard to target supercomputers from the internet.

    Secondly they usually run specialized kernels that might have a unique set of bugs.

    Third, storage is almost guaranteed to be backed up and easily restorable.

    It is much easier to get a couple of hundred dollars from a thousand small companies than a million from a large one
  • 1
    @Voxera You sound like the iPhone users that when it came out there phones where easy to bend. That sead that any phone could bend if you try hard enough. And that this is only a big deal because iPhones are 40% of the smartphone market.
    Your not wrong. But you sound like an elitist who isn't willing to laugh at a joke about the platform you use.
    Take a joke.
    Like what did the Linux user tell there girlfriend when they found a new linux command.
    Nothing if you use linux you don't have a girlfriend.
  • 4
    @wirewolf oh I can and do laugh about platforms and code, mostly my own ;)

    Just not when security is involved, costs to much to joke about since some people with decision rights usually get it wrong :/

    And I apologize if I sound boring sometimes.

    Just that it has been a few days with many misconceptions regarding security that sooner or later will bite someone bad.
  • 1
    @Voxera THANK YOU! You are right. Thank you for not being a linux fanboy. Thank you for rational thinking.
  • 4
    @PhantomBKB linux probably has less security holes since it was developed with inspiration from unix and with security from the beginning.

    The threat is when a virus can use elevation bugs.

    For example, many daemons used to run with root permissions. If you got access to changing a file that the daemon reads and found a buffer overrun you could get the rooted process to run your code with root permisssion.

    Thats how viruses break out of the security envelope even if today they have many more options to try to get a process to do it and since fewer processes run as root you might have to chain multiple bugs to reach root permission.
Add Comment