1 |
Paul Hartman wrote: |
2 |
> On Mon, Jul 8, 2013 at 8:24 AM, Dale <rdalek1967@×××××.com> wrote: |
3 |
>> Questions. Can a virus infect the OS when running on Linux through |
4 |
>> java/javascript/flash? Or would the infection at the least be limited |
5 |
>> to that user? |
6 |
> I think how they typically work, on any OS, is they exploit a bug in |
7 |
> the browser (or a browser plug-in) to run code on your local machine, |
8 |
> and then that code exploits the operating system in order to get |
9 |
> root-level privileges. After it has that, the possibilities are |
10 |
> endless... |
11 |
> |
12 |
> There's nothing special about Linux that would make that scenario play |
13 |
> out any better than it does on Windows, but in reality the number of |
14 |
> exploits found for Windows has been greater, and the number of Linux |
15 |
> web browser users is far fewer, so it's pretty rare to see web pages |
16 |
> that target Linux exploits (but I do read about them from time to |
17 |
> time). |
18 |
> |
19 |
> I personally use Firefox with RequestPolicy, NoScript and Adblock |
20 |
> Plus. That still won't protect me from a bug in Firefox itself. I |
21 |
> suppose if I really wanted to be paranoid I would run it in a virtual |
22 |
> machine (but, hey, those can be exploited, too). At some point, you |
23 |
> have to just go with it and hope for the best. Either that or turn off |
24 |
> the computer. :) |
25 |
> |
26 |
|
27 |
That's my thinking to but also see my reply to Walter. I use Linux for |
28 |
several reasons and security is one of them. Linux is more security |
29 |
oriented and faster with fixes be it a browser or some other package. |
30 |
Gentoo works with upstream to get serious issues fixed pretty fast. |
31 |
|
32 |
|
33 |
>> How is html5 going to affect this? Better or worse? |
34 |
> HTML5 is already here and you're probably already using it. :) The |
35 |
> biggest benefit to using "anything but Flash" is the idea that the |
36 |
> code is not in Adobe's hands and that the community would identify and |
37 |
> fix bugs sooner. But that's not guaranteed to be the case. |
38 |
> |
39 |
> A web browser is perhaps the most complicated piece of software most |
40 |
> of us will ever run on our computers, and there's a lot of room for |
41 |
> mistakes to happen in those millions of lines of code. Anything can |
42 |
> happen. |
43 |
> |
44 |
> . |
45 |
> |
46 |
|
47 |
I have opted in for html5 on youtube. I think I also have a plugin that |
48 |
enables html5 as well when available. I have one for https as well. |
49 |
Given this NSA mess, may help a little anyway. O_O |
50 |
|
51 |
Dale |
52 |
|
53 |
:-) :-) |
54 |
|
55 |
-- |
56 |
I am only responsible for what I said ... Not for what you understood or how you interpreted my words! |