Can you get spyware

Toggle sidebar Toggle sidebar
H

Hyperblaze

Lifer
May 31, 2001
10,027
1
81
It never occured to me before...but it got me wondering...

If you're using linux/unix, do you have a chance to catch spyware or is it strictly on a windows based environment that you are a target?
 
N

NikPreviousAcct

No Lifer
Aug 15, 2000
52,763
1
0
Who uses Unix? IIRC, true unix requires a specific computer called a SPARC (sp?). If you mean a home *nix user, you're probably going to be referring to some form of BSD or linux. Oh, and to answer your question, no. :)

wait... I think newer versions of unix by Sun don't require a sparc. :confused: I think...
 
H

Hyperblaze

Lifer
May 31, 2001
10,027
1
81
Originally posted by: Nik
Who uses Unix? IIRC, true unix requires a specific computer called a SPARC (sp?). If you mean a home *nix user, you're probably going to be referring to some form of BSD or linux. Oh, and to answer your question, no. :)

wait... I think newer versions of unix by Sun don't require a sparc. :confused: I think...
Click to expand...

*nod* you just answered your own question

SPARC machines are very outdated now by the way.

Had one when I worked for a high tech company a while back, I miss it....

now I just use the x86 archeciture


 
B

BlackOmen

Senior member
Aug 23, 2001
526
0
0
This is something I've been thinking about quite a bit and I've decided that it is feasible. I've decided that since Linux, the BSD's and Unix has still not widely been adopted for personal use, the userbase is pretty savvy, ie people do not run their webbrowser as root, nor does their user belong to the root group. Secondly, if you click a link, most of the time you will be prompted to save to disk or run. Not to mention that I'm not aware of any mime-type for a non-windows executable or shell script, which will always bring up the save to disk or run dialog.

If for some reason, however, a mischievous file were to be run as a regular user, there is not much you could do. I guess you could place a mischievous daemon in ~/bin and place a line to run it in ~/.bashrc. At this point there's not much it can do. It wouldn't be able to run any pop ups since it won't start when X starts. I guess you could run a scan of the home dir and send it out to the bad guys and possibly send out netstat data.

Of course, if someone were to be running as root and such a program were to be installed, it could then be installed more covertly in /usr/bin and launched from /etc/init.d. Then nothing is really safe. There are a few strikes against this though:
1) For it to totally be generic for any Unix style OS, the installer would have to be a script. A BSD executable will not run on HP-UX. Of course you could target Linux users specifically, however, you're still making certain assumptions about which libraries are installed on a target system.
2) At this point you still have to be root and allow the installer to run. If you do this, it's you're own damn fault.

As Linux becomes more widely adopted and gives the users more conveniences, this can become a problem. So as an answer to your question: in the current state of Linux, BSD and the Unices, no you cannot get spyware.
 
N

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: Nik
Who uses Unix? IIRC, true unix requires a specific computer called a SPARC (sp?). If you mean a home *nix user, you're probably going to be referring to some form of BSD or linux. Oh, and to answer your question, no. :)

wait... I think newer versions of unix by Sun don't require a sparc. :confused: I think...
Click to expand...

I have 4 SUN machines.
There are several versions of Unix, including Solaris, AIX, and HP-UX.
Solaris also runs on x86.
HP-UX runs on Itanium.
 
N

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: Jero
Originally posted by: Nik
Who uses Unix? IIRC, true unix requires a specific computer called a SPARC (sp?). If you mean a home *nix user, you're probably going to be referring to some form of BSD or linux. Oh, and to answer your question, no. :)

wait... I think newer versions of unix by Sun don't require a sparc. :confused: I think...
Click to expand...

*nod* you just answered your own question

SPARC machines are very outdated now by the way.

Had one when I worked for a high tech company a while back, I miss it....

now I just use the x86 archeciture
Click to expand...

Outdated? The SunFire machines r0x0r.
 
D

DaveSimmons

Elite Member
Aug 12, 2001
40,730
670
126
Originally posted by: Nik
Who uses Unix? IIRC, true unix requires a specific computer called a SPARC (sp?). If you mean a home *nix user, you're probably going to be referring to some form of BSD or linux. Oh, and to answer your question, no. :)

wait... I think newer versions of unix by Sun don't require a sparc. :confused: I think...
Click to expand...

But you get a more correct reply there
Click to expand...
:D

Let's see,
1. Solaris is just one flavor of unix, "true" unix variants (as opposed to FreeBSD or linux) have run on many other processors besides Sun sparcs, including mips and x86.
2. And the correct answer is "yes and no." 99% of what spyware apps find to report are tracking cookies, which will "work" on any browser that isn't running a cookie blocker regardless of the OS. It's spyware/adware programs that won't install or run on a non-Windows OS, unless it was actually written for that OS.
 
N

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: DaveSimmons
Originally posted by: Nik
Who uses Unix? IIRC, true unix requires a specific computer called a SPARC (sp?). If you mean a home *nix user, you're probably going to be referring to some form of BSD or linux. Oh, and to answer your question, no. :)

wait... I think newer versions of unix by Sun don't require a sparc. :confused: I think...
Click to expand...

But you get a more correct reply there
Click to expand...
:D

Let's see,
1. Solaris is just one flavor of unix, "true" unix variants (as opposed to FreeBSD or linux) have run on many other processors besides Sun sparcs, including mips and x86.
2. And the correct answer is "yes and no." 99% of what spyware apps find to report are tracking cookies, which will "work" on any browser that isn't running a cookie blocker regardless of the OS. It's spyware/adware programs that won't install or run on a non-Windows OS, unless it was actually written for that OS.
Click to expand...

The only thing holding *BSD back from being a Unix is money. The roots are deep enough that they were Unix before Unix cost something. ;)
 
H

Hyperblaze

Lifer
May 31, 2001
10,027
1
81
Originally posted by: BlackOmen
This is something I've been thinking about quite a bit and I've decided that it is feasible. I've decided that since Linux, the BSD's and Unix has still not widely been adopted for personal use, the userbase is pretty savvy, ie people do not run their webbrowser as root, nor does their user belong to the root group. Secondly, if you click a link, most of the time you will be prompted to save to disk or run. Not to mention that I'm not aware of any mime-type for a non-windows executable or shell script, which will always bring up the save to disk or run dialog.

If for some reason, however, a mischievous file were to be run as a regular user, there is not much you could do. I guess you could place a mischievous daemon in ~/bin and place a line to run it in ~/.bashrc. At this point there's not much it can do. It wouldn't be able to run any pop ups since it won't start when X starts. I guess you could run a scan of the home dir and send it out to the bad guys and possibly send out netstat data.

Of course, if someone were to be running as root and such a program were to be installed, it could then be installed more covertly in /usr/bin and launched from /etc/init.d. Then nothing is really safe. There are a few strikes against this though:
1) For it to totally be generic for any Unix style OS, the installer would have to be a script. A BSD executable will not run on HP-UX. Of course you could target Linux users specifically, however, you're still making certain assumptions about which libraries are installed on a target system.
2) At this point you still have to be root and allow the installer to run. If you do this, it's you're own damn fault.

As Linux becomes more widely adopted and gives the users more conveniences, this can become a problem. So as an answer to your question: in the current state of Linux, BSD and the Unices, no you cannot get spyware.
Click to expand...

There is no way you can copy a file of any sort to /bin if your a regular user, or somehow part of a group which has higher access.

Don't you just love security? :)

I'm sorry but even when Linux/Unix becomes more widespread, I sincerely doubt that they will make it less secure for the user for their convience. The unix based platform became popular for it's technical merit, not user-friendlyness. And if there is really a file out there which a user downloaded to their unix box that they are not sure they can trust.....this could be used....


#su
password: *********

#adduser testdummy
#passwd testdummy
new password: **********
verify password: **********

#cp /location of test file/testfile /home/testdummy
#su testdummy
#cd (to go into the testdummy home directory)

#./testdummy

If it tries to screw up the system, all it will do is screw up the empty account.
 
ultimatebob

ultimatebob

Lifer
Jul 1, 2001
25,134
2,450
126
Originally posted by: Nik
Who uses Unix? IIRC, true unix requires a specific computer called a SPARC (sp?). If you mean a home *nix user, you're probably going to be referring to some form of BSD or linux. Oh, and to answer your question, no. :)

wait... I think newer versions of unix by Sun don't require a sparc. :confused: I think...
Click to expand...

It depends on what you consider "UNIX". Solaris and FreeBSD are based off of UNIX, and they run on consumer Intel and AMD processors. Linux is very simular to UNIX, too, and that runs on practically anything.
 
N

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: ultimatebob
Originally posted by: Nik
Who uses Unix? IIRC, true unix requires a specific computer called a SPARC (sp?). If you mean a home *nix user, you're probably going to be referring to some form of BSD or linux. Oh, and to answer your question, no. :)

wait... I think newer versions of unix by Sun don't require a sparc. :confused: I think...
Click to expand...

It depends on what you consider "UNIX". Solaris and FreeBSD are based off of UNIX, and they run on consumer Intel and AMD processors. Linux is very simular to UNIX, too, and that runs on practically anything.
Click to expand...

There are specifics as to what qualifies as a Unix. Verious versions of Solaris are the only ones that meet them all out of the three OSes you mention.
 
B

BDawg

Lifer
Oct 31, 2000
11,631
2
0
Originally posted by: Jero
Originally posted by: BDawg
If my "using unix" what?

Oh, you mean, "*you're* using unix."
Click to expand...

who let the grammer police out of the cage? :p

Damn it, need to get a better lock!
Click to expand...

It's what you get for posting in off-topic. Besides, people are too (to? two?) lax on the basics.
 
N

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: BDawg
Originally posted by: Jero
Originally posted by: BDawg
If my "using unix" what?

Oh, you mean, "*you're* using unix."
Click to expand...

who let the grammer police out of the cage? :p

Damn it, need to get a better lock!
Click to expand...

It's what you get for posting in off-topic. Besides, people are too (to? two?) lax on the basics.
Click to expand...

Commenting on grammar goes against common nettiquette. Commenting on grammar without adding anything to the conversation wastes space and bandwidth.
 
B

BDawg

Lifer
Oct 31, 2000
11,631
2
0
Originally posted by: n0cmonkey
Originally posted by: BDawg
Originally posted by: Jero
Originally posted by: BDawg
If my "using unix" what?

Oh, you mean, "*you're* using unix."
Click to expand...

who let the grammer police out of the cage? :p

Damn it, need to get a better lock!
Click to expand...

It's what you get for posting in off-topic. Besides, people are too (to? two?) lax on the basics.
Click to expand...

Commenting on grammar goes against common nettiquette. Commenting on grammar without adding anything to the conversation wastes space and bandwidth.
Click to expand...

Sorry. Incorrect basic grammar is offensive to some readers. IMHO, it's like using all caps. Making it right the first time is easy; doing it wrong is just lazy.

Edit: I'm not above making the occasional mistake. I'll at least go back and fix it.
 
N

n0cmonkey

Elite Member
Jun 10, 2001
42,936
1
0
Originally posted by: BDawg
Sorry. Incorrect basic grammar is offensive to some readers. IMHO, it's like using all caps. Making it right the first time is easy; doing it wrong is just lazy.

Edit: I'm not above making the occasional mistake. I'll at least go back and fix it.
Click to expand...

I make plenty of mistakes. If I find them, I correct them. No big deal. I just think, if you're going to post, atleast post something interesting instead of the same "you're not your" bull we put up with all of the time. It's gotten old.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom