-
Using Kubuntu Linux since March 23, 2007
"It is a capital mistake to theorize before one has data." - Sherlock Holmes
-
It's being over hyped. LWN has a good debunking of its supposed "stealthy" nature.
Also check the comments threads on the articles at The Register and Ars Technica. It takes a human doing something stupid to obtain the malware.Both Ars Technica and El Reg have now said it is ultra-stealthy. From what the Kaspersky report says, I don't think so: it runs as non-root and thus cannot stop even a simple ps from finding it. Its only 'stealthy' feature that I've heard of is to open a promiscuous socket using libpcap and only open a port when a particular set of packets with specific sequence numbers turn up: that's not very stealthy given that both ss and ip can show who opened that just fine.
The other suspicious feature given is that its symbols are stripped! Oh no! /bin/ls on most distributions has stripped symbols too, does that mean that Linux distributors are distributing dangerous stealthy tools?! -
I guess then that it would only infect/affect seriously Linux systems that are natively ROOT open? Like Puppy? Then really not much of a story and yes based on poor setup and user lack of awareness and knowledge.Comment
-
You're correct. Well maintained systems have nothing to fear from this.Comment
- Please do not use the CODE tag when pasting content that contains formatting (colored, bold, underline, italic, etc) Use the QUOTE tag instead.
The CODE tag displays all content as plain text, including the formatting tags, making it difficult to read. - The following Topic Prefixes are designated for use in Community Cafe:
DS (Distribution Showdown) GN (Geek News) KLD (Kubuntu or Linux Discussion) TWC (The Water Cooler) KUT (Kubuntu User Testimony) NRD (Next Release Discussion)
While use is not required, doing so allows for efficient Filtering.
Comment