1 |
On Mon, Jul 8, 2013 at 8:24 AM, Dale <rdalek1967@×××××.com> wrote: |
2 |
> Questions. Can a virus infect the OS when running on Linux through |
3 |
> java/javascript/flash? Or would the infection at the least be limited |
4 |
> to that user? |
5 |
|
6 |
I think how they typically work, on any OS, is they exploit a bug in |
7 |
the browser (or a browser plug-in) to run code on your local machine, |
8 |
and then that code exploits the operating system in order to get |
9 |
root-level privileges. After it has that, the possibilities are |
10 |
endless... |
11 |
|
12 |
There's nothing special about Linux that would make that scenario play |
13 |
out any better than it does on Windows, but in reality the number of |
14 |
exploits found for Windows has been greater, and the number of Linux |
15 |
web browser users is far fewer, so it's pretty rare to see web pages |
16 |
that target Linux exploits (but I do read about them from time to |
17 |
time). |
18 |
|
19 |
I personally use Firefox with RequestPolicy, NoScript and Adblock |
20 |
Plus. That still won't protect me from a bug in Firefox itself. I |
21 |
suppose if I really wanted to be paranoid I would run it in a virtual |
22 |
machine (but, hey, those can be exploited, too). At some point, you |
23 |
have to just go with it and hope for the best. Either that or turn off |
24 |
the computer. :) |
25 |
|
26 |
> How is html5 going to affect this? Better or worse? |
27 |
|
28 |
HTML5 is already here and you're probably already using it. :) The |
29 |
biggest benefit to using "anything but Flash" is the idea that the |
30 |
code is not in Adobe's hands and that the community would identify and |
31 |
fix bugs sooner. But that's not guaranteed to be the case. |
32 |
|
33 |
A web browser is perhaps the most complicated piece of software most |
34 |
of us will ever run on our computers, and there's a lot of room for |
35 |
mistakes to happen in those millions of lines of code. Anything can |
36 |
happen. |