Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[Shades]

I have a laptop with ubuntu on an a desktop with windows and I pretty much only use the desktop, even though it's nominally faster, for playing games that won't run natively under linux.

I saw an article on Slashdot a couple days back about how some distros of Linux are now vulnerable to autorun-based attacks because they keep wanting to be more usable...one of the vectors that Linux users used to always laugh at Windows because of...

I find this hard to believe, I'm pretty sure the distro I use is commonly thought to be the least secure and it doesn't appear to auto-run things for me, auto-mount and even open the directory or offer to play it if it's got a music spec or a dvd spec sure but not auto-run. I'm sure there are ways to exploit this with flaws in the video and audio codecs, but even then it would only be running as me and not root with no easily exploitable (that I've heard of at least) path to escalate privilages.

I'm also sure as (if) linux gains in popularity it will be targeted by virus writers more and we'll start seeing them in the wild.

I personally use linux more for usability reasons than anything else. I can do more, faster and cleaner in linux than I can in windows or osx. I also miss the multiple desktops thing when I'm on windows at work, although I do realise you can download an application that does a similar thing for you.

[Phmcw]

Yup, as bad standard are adopted, unsurprisingly, virus rise. I mean Linux isn't magically immune to virus, the most you et a "windows" feel, the less you are secure.

But right now, the only real weakness is still between your chair and your keyboard.

[Shades]

Yup, as bad standard are adopted, unsurprisingly, virus rise. I mean Linux isn't magically immune to virus, the most you et a "windows" feel, the less you are secure.

But right now, the only real weakness is still between your chair and your keyboard.

As long as they don't break the user model too much that will hopefully remain a weakness that can't cause to much trouble. Possibly the push to sudo while not requiring a separate superuser password by default but rather the user's one again is the main weakness here as people automatically enter passwords when they should think.

Of course you'll never stop people just installing 'viruses' but there is no much you can do if they are willing to enter a password they know is for a superuser type account.

Magically immune it will never be but while the evil process can only run in a limited user space it's much less of an issue.

[Phmcw]

All you have to do is to make an malware that pretend to be a facebook application and ask for password at the installation.
I bet you'd have quite a few poeple this way.
A real worm has been done this way (for windows, macOS and linux), but it didn't stole your password. You'd still have to type it to install it, and his effectiveness in linux was limited by the user model but still...

[Shades]

I think everyone can agree there isn't much you can do about users entering in authorisation details when they shouldn't. There is no practical way to tell the difference between a hostile program and one doing what it is meant to, best you can hope for is to educate users to check before they do such things.

Luckily this means should only need to worry about software downloaded and executed, or attempting to install which in turn is something that should not be possible without human interaction to kick it off. That is not to say there haven't been cases where flaws in things like media decoders have allowed well crafted webpages and the like to trigger code execution, it's just that the open source model allows such things to be hunted and fixed easier.

Viruses that don't require any human interaction are far rarer on linux that other operating system, despite the fact the majority of servers online are running a version a linux. A lot of this is probably also to do with the fact there are so many different distros and what works against the version of software on one may not on another, however it is also do to with the fact there is just less loop holes to exploit and those that are get fixed quicker.

Edit: Of course it's not that open source, scrutinised code is immune to flaws, or sabotage, as there is a fairly famous case of one of the unix guys managed to put a backdoor into the authorisation system which wasn't spotted because it was actually a flaw in of the of the compilers (that the guy also maintained) which meant his password was always accepted. It is only known about because he admitted it some 15 years later.

[ein]

So I'm trying to do an audio project for the first time in a long time (last one I did was still on Windows).
I only seem able to use one track in Audacity.
If I want to record another, I have to delete the first one.
Minor inconvenience, seeing as how good I am with sound, I can make one track full of horrible unnatural pauses sound natural and flow smoothly, but it's really something of the straw that broke the camel's back.
I like Linux, I really do, but none of my technomagery has gotten sound truly working.
Nothing.
ALSA has come the closest, but only USB 'phones work and it has pretty big issues with multiple programs running off the same sound device.
Come Friday and I fear I may be on Windows once again.

[Sir Finkus]

I use Ubuntu on my work machine, a Macbook.  It is fucking awesome for development, not least because gedit (Ubuntu's default text editor which has syntax highlighting for everything) can save files through an SSH tunnel like it ain't no thang.

No love for vim

[ein]

If you're going to bother with learning a more powerful editor than gedit or nano, you may as well just skip vi(m) altogether and learn emacs.

[GlyphGryph]

God I can't stand emacs.

And VIM can do everything it can do anyways, can't it?

[ein]

Pretty sure vi doesn't play games.
I don't know if you can run a terminal, check email or news, or browse the internets in vi.

[Phmcw]

Please, please, not another emac/VIM flamerwar, that topic is the textbook example for trolling. Really, I first heard of the antagonism between the two in an explanation  of the concept of troll.

[GlyphGryph]

I very much doubt it will turn into a flamewar. I honestly didn't know emacs could do those things, but I've got nothing against the people who use it.

I don't know if VIIM can do those things... but I don't particularly understand why I'd want it to anyways. I just want it to edit text. And as a text editor, I'm pretty sure they are of equal power, roughly.

[Shades]

ALSA has come the closest, but only USB 'phones work and it has pretty big issues with multiple programs running off the same sound device.
Come Friday and I fear I may be on Windows once again.

I thought this was the sort of thing that pulse audio was meant to solve (although I've had issues with that before too)

[ILikePie]

Remember kids, vi vi vi is the editor of the beast. Just let good old RMS enlighten you. Seriously though, Emacs is incredible, I use it every day, and I never regret learning to use it. It can do anything other editors can do, you just need to find the right modules (There's support for folding, smart compilation, music playback, etc.).
Also, on the topic of Linux and distros, I use both Gentoo on my desktop, and Slackware on my usb stick. Both are great, but I'd say Gentoo is far superior.

e, Emacs is incredible .

[Sir Finkus]

Sorry, didn't mean to bring up the emacs vi holy war.