> While this particular attack does not appear to affect Linux
> users directly, we should not be resting on our laurels. Linux
> users likely have a higher clue level, overall, than Windows users,
> but that level is dropping. As Ubuntu and other desktop,
> newbie-oriented distributions gain ground, the average computer
> literacy of the Linux community drops. There is no defense,
> other than educating users, against folks who download random things
> and run them on their computer. If the storm botnet herders
> decide they need even more machines for their plan for total
> world domination, they might just turn to Linux.
In my experience.. "likely have a higher clue level" has never been true for Linux users over say any other population. The majority of people will click on links that they get in an email especially if they "trust" the name that the email comes from (say Monster's recent problems).
I have seen where this has been used to great effect against targeted users on Linux and Unix systems. An old trick to make sure you got shell access on a very large system later was to change the MOTD and tell people to run a command to verify account usage. The percentage of Unix savy people who would run a program called "RunMe" that appeared in their Home directory does not seem to be different than it was 10 years ago. And if the program asked for them to verify their password and useraccount for systems maintenance.. the same percentage would fill it out. The percentage of people who report such activity is not greater than it was 10 years ago either :/.
As put in the last sentances.. the only things that help are education and continual testing that people are learning from the education.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds