Linked by Thom Holwerda on Sun 7th Aug 2005 12:20 UTC, submitted by bsnipes
Privacy, Security, Encryption Researchers from a little-known security software company named Sunbelt Software have seemingly uncovered a criminal identity theft ring of massive proportions. According to one of their employees, Alex Eckelberry, during the course of one of their recent investigations into a particular Spyware application - rumored to be called CoolWebSearch - they've discovered that the personal information of those "infected" was being captured and uploaded to a server.
Thread beginning with comment 14738
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: spyware on linux
by Thom_Holwerda on Sun 7th Aug 2005 13:29 UTC in reply to "spyware on linux"
Thom_Holwerda
Member since:
2005-06-29

Agreed. A Spyware app isn't out to destroy your computer, so there's no need for it to have root access. A Spyware app in user-mode on Linux can send just as much important data as a spyware app on Windows.

It's just that your average Linux user is more aware of security and spyware issues.

Reply Parent Score: 5

RE[2]: spyware on linux
by on Mon 8th Aug 2005 16:43 in reply to "RE: spyware on linux"
Member since:

Disagreed. Most linux software is GPL or other open source linux. Spyware apps will be immediately identifiable as harmfull and can be altered to remove the malicous intent. Also. ftp.debian.org isn't going to host spyware apps so the user will never be able to apt-get them. The windows software intallation method is flawed. And remember, never install any free software that is not open source.

Reply Parent Score: 0

RE[3]: spyware on linux
by on Mon 8th Aug 2005 17:27 in reply to "RE[2]: spyware on linux"
Member since:

"Disagreed. Most linux software is GPL or other open source linux. Spyware apps will be immediately identifiable as harmfull and can be altered to remove the malicous intent."

This is basically the "thousand eyes make bugs shallow" argument. Now how many people have actually tested this article of faith?*

Plus you have to keep in mind one thing about the bad guys verses the good guys. The bad guys only have to succeed once, the good guys have to succeed every time.


*Note I'm not just talking about spyware, but any malicious software.

"Also. ftp.debian.org isn't going to host spyware apps so the user will never be able to apt-get them."

This assumes that all users are going to get all their software from the Debian repository. I can tell you that a lot of Linux users wander outside the domain of their distro's repository.

Once again people, security comes down to people, not technological solutions.

Reply Parent Score: 0