James Knott wrote:
Hans van der Merwe wrote:
Why is this not an issue with anyone? Deleting a normal users data is a big thing. They consider the PC broken if their files disappear.
That's a minor issue, compared to some of the other things malware can do. Stuff such as stealing passwords and other personal info, spam generators, corrupting the entire computer etc.
Exactly. And Hans argument is that "stealing passwords and other personal info, spam generators" and such are important issues as well and don't require root rights. They can be done with user-level exploits. Here, you seem to agree; though your other posts don't look like it. The fanboys here concentrate on the point that malware will have more difficulties in corrupting the entire computer. For granted, but they don't admit that stolen user data, arbitrary actions under the user's account (the attack vector here are not executable mail attachments, but wrong interpretation of data files; just look up recent CVEs) and corrupted user files are as bad for normal desktop users as corrupted systems. (Maybe even worse, come to think of it.) Some guys here tell that one should have backups and just restore the corrupted or damaged files. For first, that doesn't protect against stolen passwords or turning one's computer into a spam spouter. Second, how can you be sure that the malware is not already in the backup? If one has multi-generation backup (and few have this on private desktop systems), one has the problem to select the proper version that is not infected. As the CEO of a company that does security consulting, I can confirm that malware is not restricted to Windows in its effectivity. Windows malware volume is larger, but it's frightening to see the mindset "we're safe because we run Unix/Linux/MacOS/take your pick" that appears in many posts in this thread. We have been called quite some time to clean up security incidents with Unix systems (Linux included) at customers -- and these were folks with enterprise-level IT processes. I shudder when I think about the perceived security of private users. But obviously this real-life experience and the untold man-hours that were needed for cleanup can not happen because they must not happen. Joachim -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Joachim Schrod Email: jschrod@acm.org Roedermark, Germany -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org