Posted on 03/16/2016 9:29:48 AM PDT by rarestia
[[Right now I’m working on a project where I’m running Mint in a VirtualBox window on a Win-7 host.]]
I’m running windows 10 as base install with no access to Internet, and linux mint alongside it in partition- I tried virtual machines, but they were too slow for me (and I have a screaming computer too)- I only allow the linux mint access to Internet, and just use the windows for windows only programs and games etc- (Linux sucks for gaming)
[[.) infect the linux box and 2.) cross-contaminate the Windows host machine. There are no cross points except hardware (the VM resides on the host hard drive and they share a USB port).]]
Interesting test- If it doesn’t infect it, try also networking the two (shared folders and such) to see if that infects both
Are you trying to infect the linux with a windows virus?
Linux, like Apple iOS, has a series of gates one must traverse before kernel-level changes can be made to the OS. Windows, esp. 8.1 and 10, have similar gates, but people often choose to turn off UAC and other safeguards, because they view it as “nagging.” The truth is that since Windows 7, Microsoft has increasingly hardened their kernel, opting instead for an API-based addressing method vs. driver-level. This means the kernel of the OS is secure.
The problem with this ransomware is that it’s not an attack on the functionality of the underlying operating system. It encrypts the entire machine and essentially throws away the key. Anyone can encrypt their hard drives, even their system drives, with something like Microsoft’s BitLocker. They know the keys that they used, though. In this case, the data is lost, because the keys aren’t available. That’s the difference.
Could this happen on an Apple or Linux machine? Absolutely. The mechanism is the same: encrypt the user’s personal files and hold them for ransom.
Are you trying to infect the linux with a windows virus?
Essentially yes. The Mint box goes anywhere but the Windows box only goes Intranet and email. The question is if something on one OS can migrate to the other OS or are they firewalled from one another? So I'm trying to steer clear of shared folders (sure fire way to catch a bug!).
[[Could this happen on an Apple or Linux machine? Absolutely.]]
How likely is it though if a password is needed and elevated privileges are needed in order to make changes? (again, i don’t know much about this stuff- but wouldn’t an act liek encrypting need root access in order to perform?)
After a few suits, they would likely go for only plain JPG ads.
An increasing number of sites (eg, Forbes.com) are detecting the use of ad-blockers, and demanding you turn it off before allowing you to see content. I just say screw-them and skip their articles.
Allow me to drop some education on FR with regards to advertising on the web.
VERY few websites use their own advertising streaming service. It’s costly and time consuming to maintain. There are professional outfits such as Intermarkets, Quantcast, Doubleclick, and RUN who provide advertising applets that run in coded sections of webpages. The requirements to run these applets are little more than inserting some JS code into a section of your web code, and the applet runs without much work on the part of the host.
The backend vendors have specific, but very loose, SLAs with the buyers, and one of the rules is that they have the ultimate say in who presents through their applet. Obviously a company like the NYT wouldn’t use a pornography advertisers, but big names like Quantcast and Doubleclick are notorious for letting their vetting process slip.
In the case of this recent outbreak, an advertiser known to the ad provider with a good reputation stopped renewing their domain name, and a hacking outfit picked up the name. Since the ad provider thought the advertiser was still legitimate, they were presenting malware-prone adverts to legitimate sites. There’s no telling how far the net was cast.
IMO, the blame here is on ICANN and the rest of the outfits managing our global networks. I’ve said for a long time that we should have a burn down period for high-traffic domain names to prevent exactly this sort of thing from happening. Sadly, since our moron of a president is ceding control of the Internet DNS and central domain name registry, this is only going to get worse and will likely cause massive issues in the very near future.
See my post #47
We’re around 1/4 of your storage and systems, but we’re in the business of finance. Something happens in our environment, our customers flee in droves.
We’ve had about a dozen “suspected” infections since yesterday, but none of them have proven out from what I’ve heard. We put some safeguards in place with group policy and bumped up our proxy monitoring.
You’re right, you can’t fix stupid, but the stupid will def. try to make you feel bad about doing your job.
Not very likely, but that’s the problem with Windows users: everyone thinks they need to run their systems as Administrators. I personally have an account I use to just use my computer. If I have to install something or perform an elevated function on my system, I have a separate administrator account I provide. It’s a bit of a pain, but it’s the safest possible way to use Windows. Microsoft’s model will move to that, they just have to work out the bugs with their widespread support model where everything just works. Get rid of that, they can start acting more like Apple and Linux.
I would argue that the ad providers should be aware that that is a possibility, and be scanning and reviewing what their advertisers are providing to them. The internet is inherently insecure, and these companies should be aware of that and taking steps to deal with it.
As far as malware people buying up expired domains, ok, so the ad-server should have noticed that the expired domain is suddenly using a different IP address, check the WHOIS to see if the owner changed, and if so then put the site on suspended status until it can be freshly checked.
From your lips to their ears, my friend, but most companies aren't going to stay that active with their monitoring of endpoints. In an industry with margins as razor thin as advertising, I doubt they spent the money on software or developed the same for that sort of functionality.
bump for later
+1!
That said, never clicked on any online ad, and never will. No, thanks!
Bookmark
[[Get rid of that, they can start acting more like Apple and Linux.]]
I’ll gladly go back to MS IF they can secure it better- I honestly didn’t want to go to linux for many reasons- but for now it does what i need online, but i do have to boot to windows on my setup if i want to run MS programs which is a bit of a pain (although I have a ‘schedule’ where i only boot to windows at end of night to work on my photos in photoshop- before I leave the computer for the night- I just wait till then to reboot now- so i only reboot once or twice a day now- run linux the rest of day-
I just hope MS will stop the spyware phone home settings they now employ, and give control over windows updates back to the user- but i do forsee MS eventfully not working with older windows programs like photoshop (cs6 and earlier) which will be an issue with me- and force me back into dual booting again just to run my programs)
Linux is ok- but that’s it- just ok- not really ready for mainstream- I’d rather not use it- but like i mentioned in post above- I just got sick of cosntsntyl running into sites with malware/trojans/viruses- even after taking precautions that i mentioned- I did run rollbackrx which was fantastic IF i caught a virus- as it would roll back system completely, to a time before the virus- but better to just not get them in the first place-
[[ I just say screw-them and skip their articles.]]
Ditto- their info isn’t more important or so exclusive that i ‘need’ to read it- you can find similar content online for free- even similar commentary- their opinions are a dime a dozen- I just move on when i see a site demanding it be turned off- There isw no way I’m ever going to be clickign an ad anyhow, so a site demanding I allow them is pure nonsense- it does noone any good- and is just a stupid power play by the website to force soemoen who will never click an ad to allow the ads to be displayed- simply allowing the ad to be displayed does Not profit the site- a person has to click the ad before the site makes anything off it-
I use AdBlock Plus, I do NOT use Java, and I keep my computer patched for Windows and Flash.
And I also get most of my news right here on FR.
You’d be 100% insulated if you ditched Flash, but I understand why you’re keeping it.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.