Thread replies: 198
Thread images: 25
Thread images: 25
File: serveimage2.jpg (166KB, 600x315px) Image search:
[Google]
166KB, 600x315px
Is Linux at risk from this shit or not?
>>
>>60365947
Nope
>>
>>60365947
Nah linux has its own problems like the dirtycow exploit that went unpatched for 9 years
>>
>>60365955
So that user in the other thread who said he got it in Mint was trolling?
>>
File: sassycat.jpg (94KB, 780x440px) Image search:
[Google]
94KB, 780x440px
>>60365947
Yes install Windows 10 for the most secure operating system.
>>
>>60365947
No, only because the author of this malware didn't bothered to write one for Lunix because no uses it.
Linux attack surface is as bad, if not worse, than Windows. exploitable code, 0 day, backdoors, you name it.
>>
File: 17627695b86c69f91bd1b59734f8d063.png (1MB, 1000x1279px) Image search:
[Google]
1MB, 1000x1279px
>>60365978
You are aware that even windows has it's own bugs like this one that went unpatched for very long periods of time.
>>
>>60365978
was never seen in the wild so that isn't comparable to this
>>
>>60366177
Name ONE (1) exploit that hasn't already been patched in the major 4.9 release of the Linux kernel. No using CVEs.
>>
>>60365947
LMAO no, this is a wincuck only problem
>>
>>60366232
>name one exploit
>don't look at the list of exploits
I know OP was trolling but you have to be retarded.
>>
>>60366232
Yeah sure, let me go to the NSA and ask them to hand me their list of Linux 0 day exploits.
Also, this Windows ransomware was already patched you fucking imbecile. People got infected because they didn't bothered to update their computers for 8 weeks.
>>
>>60366300
>they didn't bothered to update their computers for 8 weeks.
which is kinda difficult on botnet 10
>>
YES
EXACTLY WHAT WE NEED, ANOTHER FUCKING THREAD OF THIS SHIT
>>
>wincucks on damage control
>m-muh linux exploits
>which I never experienced
>yet every single windows user I know loses data on their usb drives due to 1998 viruses
Feels so good to be white.
>>
>>60366213
That's because nobody other than autistic fucks uses lincucks.
>>
>>60365947
No. It's Winshit malware.
>>
Only windows listens with standard default services, even if you don't use it need them.
>>
File: careful.png (55KB, 625x626px) Image search:
[Google]
55KB, 625x626px
>>60366486
>>
Surprised nobody mentioned thishttps://www.bleepingcomputer.com/news/security/killdisk-ransomware-now-targets-linux-prevents-boot-up-has-faulty-encryption/
>>
http://antitrust.slated.org/www.vanwensveen.nl/IhateMS.pdf
>>
>>60365978
technically this went unpatched for years as well..
>>
>>60366003
Yes it was a troll, this is 4chan, the site is basically designed for trolling.
>>
>>60366468
>yet every single windows user I know loses data on their usb drives due to 1998 viruses
Which ones?
>>
>>60366647
i just opened this wtf is it
>>
>>60365978
This used an exploit that was in Windows 'at least' since Windows XP.
>>
>>60365947
If your stupid, yes.
https://forums.gentoo.org/viewtopic-t-1060828.html
>>
Good luck ransomaring me given the fact I can configure my bootloader myself and all my important files are backed up.
>>
>>60366686
>See link
>Click link
Is this what /g/ has become?
>>
>>60366707
>https://forums.gentoo.org/viewtopic-t-1060828.html
he ran firefox as fucking root. he deserves it.
>>
>>60366686
a 73 page document on why MS is shit. Yes, it's one guy's opinion but a lot of what he says is public record. Whether you believe it, or trust MS after reading it all, is up to you. Yes, I read all 73 pages as of yesterday.
>>
>>60366756
i run a liveCD on this system so it really can't do harm.
All it seems to do is open up the print dialogue.
>>
>>60366532
Except it's true, why would anyone bother making a working exploit against a vulnerability in something that has 0 market share.
>>
>>60366792
the document does something though.
>>
>>60365947
Is there a way to get of this without paying? Please help. I need my files but I'm short on cash.
>>
It fucking disgusts me how shit like this makes the normie fucking dipshits come crawling out of the woodwork to beg for help. You all deserve to have your shit fucked you helpless faggots, and you absolutely have no fucking place on this board.
>>
File: document.png (597KB, 3840x1080px) Image search:
[Google]
597KB, 3840x1080px
>>60366839
oh, yeah i see the print dialog open for whatever reason. here's a screenshot
>>
@60366821
Especially on server market, right?
Kill yourself out of /g/ plebbitor
>>
>>60366821
There are more devices running Linux than running windows
>>
>>60366845
No, not right now. If something is vitally important that you didn't backup than keep the drive offline and use a different one.
There's a few other similar attacks where they eventually figured out the key and released a tool to disinfect that specific worm.
Considering how crucial this one is because of the major systems it hit they might spend more resources to figure it out.
>>
>>60366848
Windows actually released a patch for Windows Xp.
I got upset when I read that
Microsoft gave everyone a 3yr heads up
>>
>>60366872
>@60366821
???!
>>
File: screenshot.jpg (69KB, 1000x533px) Image search:
[Google]
69KB, 1000x533px
>>60366845
That's ok anon. I have sent a tip to the FBI.
>>
>tfw backing all of my important shit to google drive rn
>>
>>60366884
>[AUTISTIC SCREECHING]
>>
>>60366654
Not technically, that's exactly what happened. Tech illiterates don't seem to understand that a bug has to be found before it can be patched.
>>
>>60366845
>mlp
>is it rape if she...
>>
>>60366887
Tech illiterates like you belong on >>>/x/
>>
>>60365978
Wangblows has an unpatched NSA backdoor since NT4. Winkiddies should have their fingers cut off so they can't point at anyone else.
>>
>>60366177
yup, but more pratical for analys, no .exe all we download is source and then WE make it.. so, you juste have to be aware, right ?
>>
File: the linux experience.png (748KB, 1080x675px) Image search:
[Google]
748KB, 1080x675px
FUCK
>>
File: 1338148122890.jpg (8KB, 280x290px) Image search:
[Google]
8KB, 280x290px
>>60365978
>>60367053
>unironically arguing over which OS is more insecure while running it on Intel ME enabled CPUs.
>>
File: 1471029536917.png (116KB, 426x491px) Image search:
[Google]
116KB, 426x491px
>>60367072
>tfw no Ransomware/GNU/linux OS
>>
>>60366184
https://www.bleepingcomputer.com/news/security/linux-flaw-allows-root-shell-during-boot-up-for-luks-disk-encrypted-systems/
https://www.theregister.co.uk/2017/02/23/linux_kernel_gets_patch_against_12yearold_bug/
im just trolling
>>
>>60367082
>He didn't use me_cleaner
lol
>>
>>60366986
>google drive
Good goyim, cloud storage is perfectly safe!
>>
>have an os where it's literally not possible to not automatically update
>blame users when the autoupdate is completely broken and never works, and neither does manual update
>>
>>60367147
Goyim is the plural. Please don't be a Philistine.
>>
>>60367147
It is so long as you encrypt everything prior to storage desu senpai.
>>
>>60367072
kek dat horrible shoop
>>
>>60367100
>local exploit
(((you)))
>>
>>60365947
Yes.
https://twitter.com/hackerfantastic/status/863359375787925505
>>
>>60367175
So in other words, it isn't.
>>
>>60367168
Atah ivri, ish?
>>
>>60367104
>muh placebo tool that gives me a false sense of security.
Literally kill yourself.
>>
>>60367193
>allows an attacker to bypass the authentication procedures on some Linux systems just by pressing the Enter key for around 70 seconds. This results in the attacked system opening a shell with root privileges.
also
>The issue, tracked as CVE-2016-4484, was discovered by Spanish security researcher Hector Marco, who also found last year that you could bypass GRUB2 authentication on Linux systems just by pressing Backspace in the username field 28 times.
>>
>>60367193
Only works if you manually download and run it because smb doesn't exist on GNU (samba is a custom implementation without the flaws).
>>
>>60367202
it's ivrit you piece of shit.
>>
>>60367212
wew lad
grub2 sure is some E-1337 h4x0r security to keep dem blackhats nsa terrorists away from my dataz
you sure know how to bait
1/10
>>
>>60366993
No greentext needed
>>
>>60367212
>having local access to a system
It's compromised by default then.
>>
>>60367346
if you reply to bait its already rated at least a 3/10.
i'd give myself a 4/10 because i said i was trolling
>>60367100
>im just trolling
>>
>>60367212
>when someone has physical access to your computer they can hax ur leenux!
gee kiddo, amazing
>>
>>60367396
>>60367385
i guess a vulnerability that went unpatched for a half a decade is not a big deal because it only requires physical access.
>>
>>60367396
Windowsfags are desperate for any ammo they can use
>>
>>60365947
Could someone give me a quick run down about this?
How do you get it
>>
>>60367430
it's a worm.
you get it by simply running an outdated OS.
MS issued a patch for this back in march.
windows10 forced auto update should've fixed this.
running automatic updates in windows 7 should've fixed this.
>>
>>60367428
Yeah, pretty much... There is no way you can protect your PC if the attacker has physical access anyway. Not sure why that is so difficult to understand for you.
>>
>>60367481
So you dont have to download anything. It just happens.
>>
>>60367481
>windows10 forced auto update should've fixed this.
Windows 10 foced auto update is the reason lots of people don't update at all.
>>
>>60365947
if you're running a samba server yes.
>>
>>60365947
No problems here
>>
>>60367493
not sure why its hard for you to understand that something as simple as pressing a button on a keyboard for 70 seconds or pressing it 28 times can grant you root access, is bad.
i just leveled up to 5/10 troll because you keep responding
5/10 troll
>>
>>60367539
Since it's an utter crap. Delaying for a reasonable time should be available.
>>60367550
>samba is 100% compatible with smb
Time to die, mr. active directory :^)
>>
>>60366956
>pays FBI with tax money
>still has to tip
USA, everyone
>>
>>60367539
"i want to disable updates....for 2 months"
whats the worst that could happen
>>
>>60367636
if it was a torrent server then seeding will happen
>>
>>60367619
>>60367619
>get shot by US police
>has to pay bullet fees
>still has to tip
>>
>>60367598
Nobody said it isn't bad though? That's why they fixed it... It just isn't really a big deal.
>le trole hahahaha XDD
OK.
>>
>>60367100
The first one is really uninteresting though. You get dropped into a root shell, your disks are still locked. Same effect as booting Linux from USB.
>>
>>60366707
this could only happen to a /g/entooman who refused to use desktop shortcuts
I had a hearty kek
>>
>>60367481
Except windows updates keeps failing (fails to EVEN FIND THE UPDATE, if it finds it, fails to install, if it finds it and installs it, fails to restart out of business hours).
>>
>>60366050
go back to ponychan, CIA
>>
>>60367905
most people don't have a problem.
not sure what you did.
guessing you googled "how to disable telemetry" and "how to disable forced updates"
>>
>>60368016
>most people don't have a problem.
0.02 rupees were deposited in your account. Thank you pajeet.
>>
File: screenshot-2017-05-13_081322.png (1MB, 1152x2048px) Image search:
[Google]
1MB, 1152x2048px
>>60365947
SHIT
>>
>>60365947
Arguably not even Windows is "at risk from this shit". You'd have to be an absolute idiot to get and run ransomware.
>>
>>60366003
Are you fucking retarded or baiting? Look at the picture. It's literally Linux Mint image from google and he gimp'd it.
>>
where do you get this worm? I want a copy of it
>>
It's over guys
>>
>>60370402
kek
>>
>>60365978
>dirtycow
That doesn't allow remote code execution, try again winbaby.
>>
>>60366671
Not him, but shit, every few weeks I get asked by a family member to """recover""" their data from a usb drive. It isn't even a serious malware, its just a .dll exploit in a shortcut that hides all files in a hidden alt-[255] (alt code for whitespace which can be a filename for itself) and makes a shortcut to the dll exploit that looks legit to noobs so they ALWAYS click on it and infect all the other usb drives plugged in.
I always charge them 5-10[localcurrency] for the service and make up a story about how I've run a forensic recovery on the usb and how they're lucky that they didn't overwrite much data or something like that.
>>
>>60367200
It is so long as you encrypt everything prior to storage desu senpai.
>>
>>60365947
Only if you enable the testing repos.
>>
>>60372588
Why are you gay, anon.
>>
>>60367072
>Going through the trouble of shopping the window buttons
>But not shopping the rest of the titlebar
>>
>>60370402
>Watching apple keynote on a Mac
Kek
>>
>>60372859
Not to mention mint isn't even installed yet.
>install icon on desktop.
>>
>>60372916
>we have now encrypted your live-CD
>>
>>60373106
oh noes
>>
>>60365947
Linux doesn't have this problem
>>
File: windows-1.png (344KB, 1200x800px) Image search:
[Google]
344KB, 1200x800px
>>60366792
>a 73 page document on why MS is shit
It seems most of the arguments stem from the 90s or early 2000s, though. I haven't even used Windows since about then, but even I have to admit that Windows has gotten a lot better in terms of performance and reliability since then. Not a great record to beat, but nonetheless.
>>
>>60373106
>oh fuck, better use one of these 9000 free USB drives the university gave me at the start of the year
>>
>>60365947
What's up with all the sudden mentions of ransomware? Has Windows had some new remote exploit or something?
>>
File: 1459609445143.png (1MB, 1300x4704px) Image search:
[Google]
1MB, 1300x4704px
>>60375454
Yeah, it was released around the time of Vista being new. That doesn't mean MS has changed their practices at all, and I'd argue it's only gotten worse
see:
>forcing W10 onto users, even after they said they didn't want it
>forcing 'features' that users turned off to be reenabled when MS feels they should be turned on
>many vendors are STILL under contract with MS to only sell Windows on their systems
>they claim to like open source, yet the only things they release to open source projects with any fanfare is stuff that easily bind open source developers to MS
Also, wasn't it found out that font functionality was embedded into the windows kernel? That still hasn't been removed, I'd bet.
>>
>>60377271
I don't disagree with any of that, I'm just saying that it's not like Windows systems crash once a week just from being turned on these days.
>>
>>60377313
Oh right, sorry. I just woke up and am nursing a small hangover. Yeah, I didn't agree with that bit of the paper either. My W7 machine crashes for distinct reasons, but it hasn't crashed in over a year of me using it.
>>
>>60375504
Are you living in a cave?
Yesterday ransomware took down:
>German train system
>Britain's entire National Health System
>Brazilian EBT is down (or whatever they call it)
>Mexico also had health care systems affected
This was the biggest 'cyber-attack' in years.
>>
>>60377550
>Are you living in a cave?
Nah, just not using Windows, so I don't care a great deal.
>German train system
>Britain's entire National Health System
>Brazilian EBT is down (or whatever they call it)
>Mexico also had health care systems affected
None of which affected me.
>>
>>60365978
WannCry is going for 15 years
>>
>>60377550
>This was the biggest 'cyber-attack' in years.
Yes, but why all of a sudden? Ransomware has been around forever.
>>
>>60367072
Can I make this run under WINE?
>>
>>60377605
You probably could, but wouldn't it just encrypt your whole system anyways?
What i want to know is If you ran a windows machine in a VM and got the ransomware, would it encrypt the host as well?
>>
>>60366319
>not using gpos to make them manual.
All windows can do is beg me with a dialog that I can close
>>
All of the Linux desktop environments still feel like a downgrade, compared to Windows 7.
When you go to do something that is easy in Windows 7 and turns out to be tedious and frustrating in Linux, it's a terrible feeling.
I really want desktop environments to feel superior to the Windows 7 experience. To the point where it becomes the new standard for how I want a computer GUI to be.
>>
>>60377581
Shadow Brokers tools and vulns.
>>
>>60375465
>>60373106
if they encrypted the live cd you'd just have to reboot
>>
That's it, I'm switching to WORM drives.
>>
>>60366588
companies that make antivirus products for windows always "discover linux malware/viruses" yet never explain how it gets onto a linux machine in the first place and the articles usually end by saying to mitigate you should download and install <insert-AV-company-name> AntiVirus for Linux
>>
>>60378138
Same with Macs, there isn't shit for either platform in the way of malware or viruses.
That's not to say that there aren't exploits every now and again but nothing like what we've seen recently.
>>
>>60377699
well, there's your problem
http://linux.oneandoneis2.org/LNW.htm
>>
>>60377699
>vague "it doesn't do my thing" shilling
we've seen this before
>>
>>60365978
>dirtycow
Maybe if the malware grew legs and started breaking into people's houses to infect their computers.
>>
>>60378254
KDE does the "turn programs into launcher buttons" thing that Windows 7 does, but right clicking these items doesn't have all of the context menu options that you'd find doing that on Windows 7
Immediately, this is incredibly jarring.
>>
>>60365978
Oh shit nigga!
>>
>>
>>60378461
Because nobody fucking uses Linux!
Cant infect Linux if litterary nobody uses linux!
>>
>>60378254
Yes but that's precisely it..
Linux is not initial user friendly, I'd love to make it my main OS (as i did when I was in university) but i'm not wasting time with dual boot and still play games now and again. Fucking devs not putting games over to it, fucking MS and dx.
>>
>>60378486
windows controls marketshare on pc's
linux controls marketshare on servers
why would a criminal hacker go after john doe and his trap porn when corporations and governments run on linux
hackers target windows because it's child's play to exploit although in saying that not even linux is 100% secure but compared to windows.....fuck off kid
>>
File: FB_IMG_1480837254867.jpg (60KB, 480x720px) Image search:
[Google]
60KB, 480x720px
>>60378580
>why would a criminal go after john doe and his trap porn
>corporations and governments use linux
>criminal still goes after john and his trap porn apparently huh?
>>
>>60378790
you're a special kind of retard, anon
read my last line why the criminal still goes after john and his trap porn
>>
>>60378790
>target millions of tech illiterate normies
High deployment rate, make bank, only have to outsmart a handful of local cyberpopo departments.
>target globalist megacorp
Fail to deploy because of actually competent elder-wizard-tier networking and in-house patching, attempted intrusion investigated by feds anyway because muh 2big2fail meme.
>target any first world government
Get skullfucked within ~12h by actual black ops fags because muh rooskie h4x0rz meme.
>>
>>60368245
Okay anon, I'm a bit of a retard so I laughed.
>>
>>60377550
>Huehue u gib neet bux prz
>HUE HUE HUE HUE HUE HUE
>HUE HUE HUE HUE HUE HUE
>HUE HUE I ENCRYPT U!! HUE HEU HUE HEU
>>
>>60367082
this
>>
>>60365947
i use win10 and never had any problems since i've had it. but then again i only use it for playing games on steam/origin/blizzard. talk to friends/family on facebook and banking.
i use my laptop for other browsing and fapping needs.
>>
>>60366845
>using IE
fucking got me
>>
File: 1458873369814.jpg (20KB, 310x156px) Image search:
[Google]
20KB, 310x156px
>>60367100
>physical access
You know, a hammer would work wonders too. Retard.
>>
File: 4tM96JI.png (33KB, 1138x626px) Image search:
[Google]
33KB, 1138x626px
>>60367072
bad bait dude
>>
>>60366845
There's no way to get your files back, period. After you've paid up, what incentive do these faggots have to take the time to email you the decryption key? More than likely, they're just going to take the money and run. Just format your hard drive and remember to keep backups next time.
>>
>>60365947
it does not spread anymore.
http://www.bbc.com/news/technology-39907049
>>
>>60383148
>After you've paid up, what incentive do these faggots have
Repeat customers. If someone falls victim once, they will likely become infected with the next one as well.
>>
File: InfiniteChan.png (58KB, 1280x977px) Image search:
[Google]
58KB, 1280x977px
The amount of microsoft shills on this board nowadays i swear.
Anyone that isn't a shill or a twelve year old please go to pic related /tech/ board, you are welcome.
>>
File: Screen Shot 2017-05-14 at 4.13.33 pm.png (482KB, 1856x1274px) Image search:
[Google]
482KB, 1856x1274px
>>60366232
>Total number of vulnerabilities found in 2017:
273
https://www.cvedetails.com/vulnerability-list/vendor_id-33/product_id-47/year-2017/Linux-Linux-Kernel.html
>>
>>60383198
Odd. I couldn't find any that said, FUCKING RANSOMWARE!
>>
>>60366666
dore dore
>>
>>60383198
>DoS
comfy
>>
>>60367082
this
/thread
>>
>>60366884
But none worth getting into besides servers that aren't likely to be exploited this way in the first place, it's easier just to set up a port scanning bot that bruteforces login credentials on SSH servers and the like.
>>
>>60365947
Not this particular malware, no.
It is still potentially at risk from ransomware attacks, if anyone could be bothered to write some malware for Linux.
>>
>>60366184
its
>>
>>60383474
Ransomware isn't a vulnerability, it is a type of malware.
>>
>>60365978
>this triggers the linoouxe fags
>>
>>60383775
The real reason no one does is because they'd also need physical access to the machine to use any exploits.
>>
>>60370586
Matias!?
>>
>>60383198
That list is far more interesting when you sort it by CVSS score descending.
Turns out Qualcomm is a piece of shit with many remote exec vulnerabilities, as is Nvidia and Mediatek, but there was also a lovely UDP packet remote code execution vulnerability slipped in there.
>>
>>60366177
>No, only because the author of this malware didn't bothered to write one for Lunix because no uses it.
This is wrong but even if it were true...
>no spying
>no one bothers targeting with malware
seems pretty good, still glad I switched to linux
>>
>>60383803
>The real reason no one does is because they'd also need physical access to the machine to use any exploits.
No you fucking idiot.
Linux has had its share of remote code exec vulnerabilities.
>>
This particular malware program only affects Windows, and even then, only affects versions of Windows that have not been updated since March. You had the entire month of April to update your computer, and you didn't, so now you get to either lose your data or pay $300.
Ransomware software does not attack only Windows machines, and there have been versions in the past that have been multi-platform. That all said, there is an inherent advantage Linux has over Windows security-wise that has nothing to do with its obscurity (there is certainly reason to target Linux, given how many webservers use it). Namely, it is very trivial to keep a Linux machine up to date with security updates, as it does not typically require the machine to be reset. Furthermore, updates are released immediately, instead of waiting for the next Tuesday.
>>
>>60383198
>comparing a remote fuck-me-in-the-ass exploit to local privilege escalation
t. Microsoft pejet shill
>>
>>60383855
>he thinks that all linux vulnerabilities are local exploits
>>
>>60383845
Name 10
>>
File: screencapture-cvedetails-vulnerability-list-php-1494746997730.png (355KB, 1321x1971px) Image search:
[Google]
355KB, 1321x1971px
>>60383803
>>60383855
Seeing you are too inept to click a single hyperlink.
>>
>>60383926
Oh shit, you're right. Let me uninstall fucking Android running a version 3 kernel from my desktop and install Gentoo instead.
You
fucking
dumbass
>>
>>60383911
https://www.cvedetails.com/product/47/Linux-Linux-Kernel.html?vendor_id=33
Pick 10 out of the 207 available from this table.
>>
>>60383958
Can't say that I don't agree that the vast majority of these vulnerabilities over the last two years have been in drivers for the Android Linux kernel, but there are still a few in the last couple years that were in the mainline kernel and plenty before that.
>>
>>60383845
Still none named in this thread yet.
>>
>>60384272
https://www.cvedetails.com/cve/CVE-2016-10229/
>udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.
https://www.cvedetails.com/cve/CVE-2015-4002/
>drivers/staging/ozwpan/ozusbsvc1.c in the OZWPAN driver in the Linux kernel through 4.0.5 does not ensure that certain length values are sufficiently large, which allows remote attackers to cause a denial of service (system crash or large loop) or possibly execute arbitrary code via a crafted packet, related to the (1) oz_usb_rx and (2) oz_usb_handle_ep_data functions.
https://www.cvedetails.com/cve/CVE-2015-3331/
>The __driver_rfc4106_decrypt function in arch/x86/crypto/aesni-intel_glue.c in the Linux kernel before 3.19.3 does not properly determine the memory locations used for encrypted data, which allows context-dependent attackers to cause a denial of service (buffer overflow and system crash) or possibly execute arbitrary code by triggering a crypto API call, as demonstrated by use of a libkcapi test program with an AF_ALG(aead) socket.
https://www.cvedetails.com/cve/CVE-2014-2523/
>net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function.
These are all patched now of course, but the point remains that Linux is not inherently free of remote code exec exploits. And the CVE list is a reactive list, so vulnerabilities can be lurking around.
>>
>>60383958
here's RHEL and Ubuntu
https://www.cvedetails.com/vulnerability-list.php?vendor_id=25&product_id=78&version_id=&page=1&hasexp=0&opdos=0&opec=0&opov=0&opcsrf=0&opgpriv=0&opsqli=0&opxss=0&opdirt=0&opmemc=0&ophttprs=0&opbyp=0&opfileinc=0&opginf=0&cvssscoremin=0&cvssscoremax=0&year=0&month=0&cweid=0&order=3&trc=420&sha=1ff6be42f792b7cf78e0796ffb7ecdb1ad6d7084
https://www.cvedetails.com/vulnerability-list.php?vendor_id=51&product_id=&version_id=&page=1&hasexp=0&opdos=0&opec=0&opov=0&opcsrf=0&opgpriv=0&opsqli=0&opxss=0&opdirt=0&opmemc=0&ophttprs=0&opbyp=0&opfileinc=0&opginf=0&cvssscoremin=0&cvssscoremax=0&year=0&month=0&cweid=0&order=3&trc=89&sha=8237390084e629dfe89c8a328f07c06bdd1c8a8f
>>
>>60384373
No OS is free from exploits. Point is exploits that are actually easy to exploit get patched lightening fast. The ones that stick around for years are usually shitty exploits that rely on unlikely circumstances.
>>
>>60384373
Notice how none of these have catchy names like "Gonna cry"? It's because Linux users don't GET viruses like windows users do, we IDENTIFY it and NOTIFY the dev team, they PATCH it before anyone builds an exploit. Because we pride ourselves on our nearly invulnerable system instead of mindlessly getting spoonfed whatever we can get from a corporation.
>>
>>60377626
No it couldn't encrypt the host unless it knows how to exploit the host kernel.
If your host OS is Linux, for example, the kernel would tell it to fuck off unless you know how to exploit Linux. Especially if the kernel is hardened with MAC stuff.
If you ran it with a vulnerable host aka a Windows that hasn't been updated, it really is the choice of the program to do it or not, and whether or not the program can figure out that it is in a VM
>>
>>60384481
Well if you could trick a user into running something it could act on the files that your user account can access, and do something sneaky like change your path and put in a spoiled program or something for next time you su to root.
>>
>>60384443
>>60384470
Or it could be because targeting exploits at Linux users is more difficult because there are so few of them.
Sure, servers are a good target too, and they have been targeted in the past (Heartbleed etc) but you generally need a really good vector to get at servers because properly setup Internet facing ones are usually well contained and non-Internet facing ones need a vector through the internal network.
>>
>>60365947
Ransomware, like most other forms of malware, targets security weaknesses in existing computer systems. Linux, and all the software written for it, has its' share of problems just like any other piece of software written by human beings, but exploits written targetting Windows aren't likely to affect Linux in most cases. Edge case where it does would be on a system with wine, since an ideal wine implementation could technically have the same security implications. And remember that the biggest security weakness on any computer system sits approximately 3 feet infront of the monitor, and linux won't protect against that.
>>
>>60384373
>go to africa
>have unprotected sex with prostitutes
>get aids
>complain in public
>get told you should have worn a condom
>BUT CONDOMS AREN'T 100% THEY'RE JUST AS RISKY AS UNPROTECTED SEX
>>
>>60384616
Not sure what point you're making but I'm sure you made one.
>>
>>60365947
If Linux ran anything important, it would of been.
>>
>>60383830
Seems like most of critical vulnerabilities are Android related
>>
File: 1456781854099.gif (579KB, 300x168px) Image search:
[Google]
579KB, 300x168px
>>60367082
/thread
also ryzen fags, you're not safe either
>>
>payment is accepted in bitcoin only
It's like these retards don't even want money?? normies wouldn't even understand a thing about bitcoin or how to get some
>>
>>60384891
The malware includes a link to a handy guide for normies on that.
>>
File: e206522221cb9ee7811fb04db24eae56.jpg (32KB, 500x403px) Image search:
[Google]
32KB, 500x403px
>>60384983
normies be like e206522221cb9ee7811fb04db24eae56.jpg
>>
>>60385034
It's a guide for normies. Written in a language they can understand.
>>
>>60384891
It's not targeted at normies, you spastic
It specifically works its way through a local network. How many normies have networked drives at home?
>>
>>60385094
That's how it spreads inside a network.
It can be delivered any way malware can be delivered.
>>
I am head of it at a small business and last Monday when I came into work our web server which was running Ubuntu was locked up with ransomware. It had encoded all the files into .enc files and the login showed a bit text message describing how to pay. Of course I had backups so we were only offline for about an hour but I don't think it's a coincidence. I think their are Unix ones going around too, but the news just isn't showing it cos they have a nice picture already. It is on Linux though, cos I got it.
Thread posts: 198
Thread images: 25
Thread images: 25