Announcement

**Snowhog** · Jun 07, 2010, 11:26 AM

Re: Adobe & BBC : Linux, Windows and Mac open to attack

The reporter most likely has no real, if any, knowledge of how Linux works. As has been said many, many, many times here concerning 'security' in Linux: If you don't active the root user account; if you don't run your system 'as root'; if you don't grant root access to an 'unexpected' request for it, then an outside attacker can't get control of your system.

**miKeyBabid** · Jun 07, 2010, 11:42 AM

Re: Adobe & BBC : Linux, Windows and Mac open to attack

thanks for the reply. I guess that's why I was surpised at the Linux inclusion. As you say :

The reporter most likely has no real, if any, knowledge of how Linux works

I'm no reporter but if I were to print something I'd verify my facts before hand. I was also surprised that Linux even got a mention based on the fact that it hardly ever gets spoken about in mainstream media (unless it's in relation to security it would seem). Even Solaris gets a mention in the article. I doubt whether many people know that it's an operating system.

It seems odd that the writer would go to such lengths to warn people using OSs that have (a) so few users, and (b) such a low risk of infection, to say the least.

**oshunluvr** · Jun 07, 2010, 11:54 AM

Re: Adobe & BBC : Linux, Windows and Mac open to attack

The only "attacks" I've faced since switching to linux are from Adobe software!

**dibl** · Jun 07, 2010, 11:56 AM

Re: Adobe & BBC : Linux, Windows and Mac open to attack

Depending on how you read it:

... would give them access to a person's computer, potentially allowing them to harvest personal information or use the machine to send spam messages.

would seem to be something that could happen with a user's account (not needing root).

**GreyGeek** · Jun 07, 2010, 01:50 PM

Re: Adobe & BBC : Linux, Windows and Mac open to attack

You will notice that when the ad supported media reports what knowledgeable person recognizes is a Windows problem they always say "computers" or "PC" instead. IF there is a need to mention Windows specifically they will ALWAYS include Mac and Linux to soften the affect on Microsoft.

Those media outlets not driven by ad revenue have no problems naming names and laying blame where it is deserved.

However, in recent months I've noticed this pattern is changing as Microsoft loses favor and market share. I think we are beginning to see a "tipping point" on the horizon.

**askrieger** · Jun 07, 2010, 02:27 PM

Re: Adobe & BBC : Linux, Windows and Mac open to attack

If you want to be safe look for any file named "authplay.dll" on your Linux computer and delete it. In fact, if you want to be completely safe you should delete any file named "*.dll" from any computer, you use.

**dibl** · Jun 07, 2010, 02:40 PM

Re: Adobe & BBC : Linux, Windows and Mac open to attack

Originally posted by askrieger

In fact, if you want to be completely safe you should delete any file named "*.dll" from any computer, you use.

Heh heh heh -- there's a speedy transition to Linux (or boat anchors ....)!

**SIR_Taco** · Jun 07, 2010, 04:57 PM

Re: Adobe & BBC : Linux, Windows and Mac open to attack

Originally posted by dibl

Heh heh heh -- there's a speedy transition to Linux (or boat anchors ....)!

Maybe she/he is a sailor..... you never know

Also:
If you can't tie knots.... tie lots :P
(might be able to make some links to programming/patching/etc. there)

**toad** · Jun 08, 2010, 01:08 AM

Re: Adobe & BBC : Linux, Windows and Mac open to attack

Code:

toad@deskarch 992\3 ~ > sudo updatedb
Password: 

toad@deskarch 989\4 ~ > locate authplay.dll

toad@deskarch 990\5 ~ >

Phew.

**toad** · Jun 08, 2010, 01:09 AM

Re: Adobe & BBC : Linux, Windows and Mac open to attack

Oops, double post (trying to up my post count

)

EDIT:

Okay, found something useful to put in this post after all. Adobe have something to say on the matter: http://www.adobe.com/support/securit...apsa10-01.html

Affected software versions

Adobe Flash Player 10.0.45.2, 9.0.262, and earlier 10.0.x and 9.0.x versions for Windows, Macintosh, Linux and Solaris
Adobe Reader and Acrobat 9.3.2 and earlier 9.x versions for Windows, Macintosh and UNIX

Note:
The Flash Player 10.1 Release Candidate available at http://labs.adobe.com/technologies/flashplayer10/ is confirmed not vulnerable.
Adobe Reader and Acrobat 8.x are confirmed not vulnerable.

It goes on:

Adobe Reader 9.x- UNIX
1) Go to installation location of Reader (typically a folder named Adobe)
2) Within it browse to Reader9/Reader/intellinux/lib/ (for Linux) or Reader9/Reader/intelsolaris/lib/ (for Solaris)
3) Remove the library named "libauthplay.so.0.0.0"

HTH

**askrieger** · Jun 08, 2010, 10:00 AM

Re: Adobe & BBC : Linux, Windows and Mac open to attack

Semi-facetious posts about securing one's computer by deleting all windoze software, aside; I followed the advice posted above by Toad. Using the "find files/folders" command in Konq, I found libauthplay.so in the folder /opt/Adobe/Reader9/intellinux/lib. It has a size of 9.1 MiB. It is dated with the day I upgraded to Lucid. Because I am not a follower of Youtube or similar sites, I have deleted the file. If I feel the need to view a flash file prior to the release of Maverick, I will install the gnash package which provides a free and (presumably, but not necessarily) safe alternative to Flashplayer.

**toad** · Jun 08, 2010, 10:02 AM

Re: Adobe & BBC : Linux, Windows and Mac open to attack

Well, the file is only for the AdobeReader - and let's face it, with okular at your disposal, who needs Reader anyway?

I deleted it too, anyway - I obviously did have it installed at some stage... And my flash continues to work fine

**GreyGeek** · Jun 08, 2010, 10:15 AM

Re: Adobe & BBC : Linux, Windows and Mac open to attack

Use Okular for PDF files. As far as flash video is concerned:

A file called "authplay.dll", if it is supposed to be a Linux executable, HAS to be either a proper script file (#!/bin/bash on the first line and legal bash commands elsewhere) or it has to be a valid ELF binary file with its execute permission bit set.

I just did a hex search of the latest 9.5 MB Adobe flash installer for Linux and did not find any embedded dll libraries nor any code to save something as a dll.

I don't accept journalists "reports" of Linux vulnerabilities, especially from sites that accept Microsoft ad revenues.

"Show me the beef!" i.e., let's see the data on number of captured Linux boxes, not AV software databases claiming 400 or 800 Linux viral agents which, magically, are never found on more than 2 sites, have little or no threat, and are easy to remove.

**toad** · Jun 08, 2010, 01:01 PM

Re: Adobe & BBC : Linux, Windows and Mac open to attack

I'm not showing any beef, just chickening out by installing flashplayer 10.1 which is supposedly "safe".

Announcement

Adobe & BBC : Linux, Windows and Mac open to attack

Adobe & BBC : Linux, Windows and Mac open to attack

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment