You are reading the article Linux Malware Vs Phishing Schemes updated in February 2024 on the website Achiashop.com. We hope that the information we have shared is helpful to you. If you find the content interesting and meaningful, please share it with your friends and continue to follow and support us for the latest updates. Suggested March 2024 Linux Malware Vs Phishing Schemes
For years now, we’ve been told about the dangers of how various types of malware like worms and other threats were going to catch the growing Linux user base off guard. As of the year 2014, nothing remotely close to this has happened. Malware exists, but for desktop Linux users, it’s a non-issue.
Despite this fact, there continues to be rumors that malware “could” affect desktop Linux users. It seems the mere “threat” holds greater proof of concept than the reality that no one is actually seeing malware threats on their Linux desktop.
In this article, I’ll examine current threats to the Linux desktop and explain why I believe phishing is far more dangerous to most Linux users than malware.
One of the first things I’d like to point out is that when it comes to the exploits targeting Linux, it’s the server – not the desktop – that is at the greatest risk. Servers are front-facing appliances exposed to the web. This means patches/updates must be applied on a regular basis to minimize the risk of the server being exploited.
While it’s true that the desktop is also facing the web, it’s not the same sort of destination as a web server. See, Linux desktops are far more likely be exploited by an open port and poor firewall settings than an actual “in the wild” exploit. Obviously, there may be exceptions to this in the future. But for the time being, the most dangerous exploit I’ve found with the Linux desktop is human error and complacency, not malware.
As it turns out, the real threat is more human than machine. And the name of that threat is phishing.
I don’t care how savvy you happen to be, most of us have had close calls with phishing schemes. Some of the easiest to fall into are those shared via social media. A trusted friend shares a link on Facebook, not thinking much of it when you’re asked to log back in and then it hits you — that wasn’t really Facebook that asked you to login.
As you can see from my above example, phishing schemes aren’t something that only affect those falling for faked banking emails or spoofed PayPal alerts. Sometimes it’s stuff that’s mundane enough to seem legit, worse yet, these things can happen when you’re not paying close attention.
Where things can go from bad to worse, is when the media gets ahold of something legitimate that happens to something with technology. Cross-platform, state-sponsored spying becomes “Linux malware threat.” When we read stuff like this, it’s important to take a step back and examine the facts. More often than not, stuff being reported in this space is a non-issue or is simply taken completely out of context.
Making matters worse is when the tech media perpetuates this kind of nonsense. This is the segment of the media we like to believe knows better than to perpetuate Linux FUD. Sadly though, this isn’t always the case.
Personally, I believe the tech media has been chomping at the bit to see Desktop Linux experience one really big malware outbreak. This would serve two ways: One, it provides really juicy news stories for tech writers. And two, it does wonders for writers who have claimed that Linux is just as insecure as other operating systems.
Old code, new code, if it can be executed, the device running said code is potentially at its mercy. So while there have been great strides in OS security, app containers, and other safety layers from which to feel safe with — anything that executes code “could” be a risk. The key thing to remember however, is just because something is possible doesn’t mean it’s going to happen. It’s possible I might win the lottery and buy a small island. Yet, when we look at the odds, the numbers simply don’t add up.
You're reading Linux Malware Vs Phishing Schemes
Ask why you should use Linux, and inevitably someone will claim that it is more secure than Windows, and doesn’t need anti-virus protection, either.
Such claims sound like a wish-fulfillment, promising computing without the precautions that that have become routine in the last two decades. The only trouble is, they are half-truths at best. Like any operating system, Linux is only as secure as you make it — and the current trend is to choose convenience over security.
Once upon a recent time, Linux was more secure than it is today. Only the root user could mount external device, and in many distributions new users were automatically assigned a few groups that limited the hardware they could access. Distributions followed the principle of least privilege (aka least access), under which users, applications, and devices receive only the access to the system that they absolutely require.
Applying least privilege makes for a securer system, which is where Linux gained its reputation. However, a secure system is often an inconvenient system, and hopes of desktop domination put pressure on distributions to match the convenience of Windows. The problem was not so much that increased popularity encourages the writing of viruses and malware as that the hope of popularity encouraged the relaxation of security standards in dozens of little ways.
A few changes had mixed results. For example, the rise of Ubuntu introduced the use of sudo, which helps to reduce the amount of time that the root user is loged in. But, as implemented, it can make possible the control of a system from multiple accounts, which means that Ubuntu simultaneously increases and decreases security. More often, though, the changes were in the name of being as convenient as Window, with the cumulative effect.
Many of these relaxations were minor in themselves, such as allowing anyone to reboot the system or burn a DVD or to install extensions to software like Firefox or Vim for their personal use. However, the cumulative effect is that Linux’s reputation for security is less true today for most distributions. While complete control of the system is still likely to involve social engineering — that is, deceiving a user — personal accounts today are easier than ever to compromise.Mobile and Cloud Compromises
In the last few years, the preference for convenience has accelerated even more with the rise of mobile devices and cloud services.
You might imagine that Android, being a Linux derivative, is secure, but as phones and tablets are shipped, nothing could be farther from the truth. Most mobile devices ship with so little security that it takes hours of work to set up the basics. Even then, between the free services that come with the device and the apps that you install, you can quickly have two dozen outsider organizations with access to your device.
The overwhelming majority of these outsiders are benign, of course. To think otherwise would be paranoid. Yet the fact remains that they are strangers, and you have absolutely no idea of how well they secure the data that they store or their access to your device. From a security perspective, the arrangement is simply not a good idea. The difference is that when you follow basic security steps, you know your system is as trustworthy as you can make it, while on a mobile device, you simply have to trust that a stranger is doing their best for you.
Put in those terms, common modern practice sounds as naive as it actually is. Yet, with the rise of Chromebooks, the triumph of convenience goes one step further. Instead of checking for malware yourself, you are invited to trust the manufacturer to scan your system for you — a useful convenience, so long as the manufacturer never hires a careless or a malicious employee.
The point is, when you allow a service to access your system, you can have no idea who you are giving access to. But the convenience is so great that few of us stop to imagine the tradeoffs that can be involved, even with the best of intentions on both sides.The High-Wire Act
Realizing the extent of convenience’s victory over security, you can easily become paranoid — all the more so because your reaction is justified. Give your reaction full range, and you might quickly end up working only on a computer that has no Internet connection, and is stored down a mine shaft with three layers of security guards between it and the rest of the world.
In other words, favoring security as much as convenience is currently favored is simply going from one extreme to another, and no solution at all. The trick is to find a balance between security and convenience that allows you to get your work done.
Fortunately, there is no shortage of information online about how to strike this balance. Security hardening tools and tips for your workstation are everywhere. For mobile devices and cloud services, you can store your data encrypted, or, as Tahoe-LAFS allows, store your data in pieces across multiple clouds, so that it has to be re-assembled to use. Instead of using someone else’s cloud storage, you can create your own with ownCloud.
With mobile devices themselves, you should seriously consider rooting — altering them so that you have root access. Voided warranties and bricked devices are a possibility — or were once — but rooting remains the only way you can be completely sure of securing your mobile device. Given today’s security standards, rooting is not just a clever bit of hacking, or a technological accomplishment, but, increasingly, a necessity.
Yes, such actions take effort. In particular, you should not consider rooting until you have thoroughly investigated the possibilities on your device. But restoring basic security seems worth the effort. You may choose not to revert to the security standards of the past, but with a little effort you can do far, far better than the modern norms.
Photo courtesy of Shutterstock.
The recent history of the Amarok music player is like a scaled-down version of KDE’s recent past. Like KDE 4, the Amarok 2 series was greeted with a user revolt that has only gradually quieted. And just like KDE 4 inspired Trinity KDE for those who preferred KDE 3, so Amarok 2 inspired Clementine, a fork of Amarok 1.4.
The supporters of both Trinity KDE and Clementine make similar claims for their preferences: in both cases, the retro-apps are described as faster, easier to use, and outfitted with a better feature set than the most recent versions. But is that so?
An examination of basic features suggests that reality — as usual — is more complex than the claims. For one thing, Clementine is only at version 0.4 — hardly, really, out of alpha release. Its feature set is incomplete, so it is handicapped in a comparison from the start.
For another, despite Clementine’s unfinished state, both music players fulfill their functions extremely well. In fact, although each has details that the other lacks, their feature sets have yet to diverge in many areas. What a feature by feature comparison shows is not radical differences so much as differences in emphasis, and in what users are assumed to want.
Open Amarok and Clementine side by side, and the philosophical differences become apparent immediately.
The difference goes far beyond the fact that Clementine uses two panes — one for music sources and one for playlists — while Amarok adds a third pane for context information. The number of panes does indicate a difference in assumptions about what users have want, but it is the least of the differences.
Instead, the largest difference is that Amarok’s design philosophy is influenced by the current interface design theories, while Clementine’s are more oriented towards stone geeks, including every detail imaginable.
Some Clementine users will point to this difference by making disparaging comparisons between Amarok and OS X or Windows. However, for practical purposes, what matters is that the two music players display different assumptions about what average users want.
For instance, in Clementine, the playlist offers ever bit of information about selected tracks that is available. The default settings are Artist, Album, Length and Track (although I suspect that Title was meant to be there, too), and via the context menu, you can add another thirteen columns, including file length and the date it was created.
Similarly, Clementine’s default track controls include an equalizer and block organizer. Moreover, they are placed at the bottom of the playlist, where they can easily be mixed, alongside some basic tag controls.
Amarok’s approach, though, is minimalist. It identifies tracks by album, track number, title, and length, and does not allow additional information to be added. Just as importantly, its controls for playing a track are promoted to just below the menu, and take up the entire width of the window, making them hard to miss. Tag controls are separated out, and controls for the entire playlist — as opposed to the track — are at the bottom of the playlist pane.
The same difference is seen in the identification for the current track: Amarok simply highlights it, while Clementine highlights it and adds a notice to the bottom of the sources pane that always displays.
Verdict: Tie. Despite the fact that interface designers insist on the superiority of their strictures, whether you prefer a minimalist interface or a more geeky one is largely a matter of preference. Some users might become frustrated if Amarok’s display does not include a feature they prefer, but just as many may find Clementine cluttered.
The metatags on tracks and albums are essential for searching local libraries and — in Amarok’s case — for creating automated playlists (see below). For these purposes, the ability to edit tags is essential in any music player.
Next Page: Playlist features
Few desktop environments have benefited from the recent diversity of interfaces more than Mate and Xfce.
A year ago, Mate hadn’t even reached general release. However, since then, it has been influential in making Linux Mint the distribution of choice among experienced users. Similarly, after years of being the third most popular desktop environment, Xfce has become one of the major alternatives.
However, despite their similarities, which one is likely to appeal to you depends on what you are looking for in an interface.
The newfound popularity of the two desktops is explained largely by the fact that both are based on GNOME 2. Mate is a fork of GNOME 2, openly intended as an alternative for those dissatisfied with GNOME 3 and Ubuntu’s Unity. Having spent several years consciously imitating it, Xfce also resembles GNOME 2, down to the wording of many menu items and dialog boxes.
As a result, both Mate and Xfce can be classified as traditional desktops. They consist of a desktop display, a panel and a launcher, and both are largely free of 3-D effects, the influence of mobile devices or any effort to innovate in any major design elements. Contrariwise, each includes the technically useless screen-saver, presumably in keeping with tradition and users’ expectations.
Each is an obvious example of the type of interface that was introduced in the mid-1990s, and remained dominant until the last four years.
However, the aims of Mate and Xfce differ strongly, to judge from each project’s home page. Mate proclaims itself “the traditional desktop environment,” and so far its developers have sought to do little else than to continue to make a popular desktop environment easily available.
By contrast, Xfce’s home page summarizes the desktop environment as “fast and low on system resources, while still being visually appealing and user friendly.” Like Mate, Xfce generally lives up to its self-description.
In addition, Xfce still shows signs of its more geeky past. The project only added user-friendliness as its goal around 2006. Even a few years after that, Xfce hadn’t completed the simple, user-friendly task of adding a desktop launcher.
Instead, for the first year of its existence, Xfce emphasized speed and a small footprint. Evidence of these priorities lingers even now in the interface’s inconsistencies and the tendency towards buttons and lists in dialogs and configuration settings. One or two dialogs, such as the Setting Editor might still seem formidable to less experienced users. So might the file manager’s option to “Open Parents.”
Nor has Xfce spent as much time as modern alternatives like Unity have in worrying about such details as rounded-corners or the width of scroll and slider bars. Despite the introduction of user-friendliness as an equal goal, to this day Xfce tends to have a blocky, slightly awkward appearance.
By contrast, Mate draws upon a decade of incremental development for GNOME 2. If it is less consistent and less current than modern desktop environments, it is still more consistent and less old-fashioned in appearance than Xfce.
At the same time, if Mate is faster than GNOME 3, it is less responsive than Xfce in every way imaginable, from start time to the speed with which windows open and shut.
But these generalities are only part of the story. There may be individual features scattered through both desktop environments that influence your choice as well.
Linux Mint is on track to becoming the most popular desktop distro available. This isn’t to suggest that it’s already happened, rather that it’s on track to happen if Linux Mint continues to find its fans among Windows converts. By contrast, Debian has received almost no credit for this success whatsoever. Worse, neither does Ubuntu, which uses Debian as a base.
So are Linux Mint and Debian really all that different? After all, Linux Mint is based on Ubuntu, which is based on Debian. One might surmise that the these distros are more similar than different. Fact is stranger than fiction. Linux Mint and Debian may share a common heritage, but that’s where the similarities end.
Debian and Linux Mint each support 32- and 64-bit architectures. And while Debian technically has broader architecture support (supporting ten types), the only two relevant in my opinion for the desktop are 32- and 64-bit. Support for ARM and other architectures is great, but I honestly don’t see it lending any value to a desktop user.
When comparing Debian to Linux Mint, the differences between the installers provided is significant. Debian’s installer is indeed, more robust. It’s also extremely vexing and overwhelming for Linux newbies. So while I’m right at home using it to install Debian, the Linux Mint installer is absolutely easier for the casual user.
Hold on, isn’t Debian’s installer better as it provides greater control over the installation process? Again, it depends on the end user in question. For newbies, no. It’s just adding extra “stuff” that most folks don’t really care about. Linux Mint may be using a rebranded Ubuntu installer tool, but the end result is that the Linux Mint newcomers and enthusiasts alike prefer it this way.
Then we have the matter of desktops. It’s true that you can choose your desktop environment from the Debian installer. I hope the user running the installer also has a firm understanding of the related applications they wish to include in this installation as well. I’d argue most don’t and hence, think that choosing a distro spin with a set desktop environment as an ISO download offers a better experience.
Speaking of desktop environments, I was pleasantly surprised to see both Debian and Linux mint shared similar desktop choices. Both distros provide access to Cinnamon, MATE, KDE and Xfce. Only Debian however, also offers GNOME as a desktop choice.
It’s been said that Debian has the largest selection of packages available to any Linux distro. Despite hearing this more often than I care to admit, I personally think it depends on what packages you’re looking for. For example, Linux Mint can rely on Ubuntu’s PPAs whereas it’s really not a great idea with Debian.
When comparing the two distros default package repos, I would argue that Linux Mint offers packages based on convenience where Debian prefers to categorize them based on software philosophy. Luckily for Debian fans it’s still possible to add non-free software like Chrome. Like PPAs in Debian, you must make sure the added repository is setup as to work with your specific Debian release. Contrasting this handling of non-free software in Linux Mint, Debian does add a bit of a barrier as its philosophy is not as pragmatic.
Debian takes security very seriously. By default, you must have full root credentials in order to install or manage administrator level duties on your workstation. Comparing this to Linux Mint, which embraces a super user environment where as any user with sudo credentials is free to make system wide changes.
I personally think that using sudo credentials is perfectly safe, so long as you fully understand the changes you’re making to your system. Not only that, but if you goof something up at the user level, you’ve only affected that user. Messing up a root user is a lot messier than messing up a single user account with sudo. Obviously, messing up something at the system wide level with either user scheme may likely lead to a new installation of the distro.
Comparing Debian’s stable, unstable and testing releases must not be confused with Linux Mint’s Main, Upstream, Backport, and Romeo repositories. First of all, there is a world of difference between a distro release and a repository. A release is a complete distribution of Linux. In Debian’s case, this means releases of varied levels of stability based on age and testing.
Hold this up as a comparison to Linux Mint’s repositories and it’s easy to see where people become confused. Mint’s repos simply reflect package age and stability. And since Linux Mint is based on Long Term Support Ubuntu releases, it’s usually a safe bet that Mint will be quite stable with the default package repositories selected. There is no real benefit to running Debian stable as a desktop…unless you enjoy really old software.
When the dust settles and it’s time to decide between Debian or Linux, consider this – what matters most to you? One must choose between software philosophy or convenience. Many of us may find ourselves opting for the comfort of convenience.
While I don’t use either distro full time, I do see the value in convenience. There was a time I’d be inclined to side with a Linux distro that provided a democratic development structure. But these days I simply want the freedom to get my work done and do so without being bothered by proprietary operating systems. This means I prefer distros that lend themselves to the side of convenience over other considerations.
Phishing is a way to get you to disclose information or provide money.
Phishing is a large-scale attack of opportunity.
If you’ve been phished, stay calm, file a police report, talk to your bank (if applicable) and try to rid your computer of viruses (if applicable).
The best defense against phishing is knowing what it looks like and avoiding it if possible.
What is Phishing?
That’s pretty much it. Very simple, yet very devastating. It’s the top way that cyberattacks are started, nowadays. I’m going to get into what a phishing email looks like later, but there are a few common ways a cyberattack happens via phishing. The kind of attack is relevant for what to do next.
Request for Information or Money
Some phishing emails will request information, like a username and password, or they’ll request money. We’ve all probably heard about the Nigerian Prince scam, where a Nigerian Prince emails you saying that you’ve inherited millions of dollars, but you need to send a few thousand in processing fees. There are no millions, but you may be out thousands if you fall for it.
This is one of my personal favorites and I’m going to introduce it with an anecdote. Someone working for a company, who’s never handled a bill for the company, gets an email saying: “Bill overdue! Pay immediately!” There’s a PDF attachment. That employee then opens the bill–despite never having done so before–and malware is deployed on their computer.
This is similar to the Malicious Attachment, but instead of an attachment, there’s a link. That link can do a few things:
It can redirect to a legitimate-looking, but illegitimate site (e.g.: a site that looks like a Microsoft log-in page which isn’t).
It can download and execute a virus or other malicious payload on your computer.
It can also go to a site that locks up user input and makes it seem like you’ve downloaded something malicious and asks for payment to unlock.
What Do You Do If You’ve Been Phished?
Whatever you do, don’t panic. Keep a level head, take a few deep breaths, and think about what I’ve told you here.
Keep your expectations reasonable. People will be sympathetic and want to help you, but at the same time, there are things you just can’t do. For example, it’s difficult to recover money after it’s been transferred. Not impossible, but difficult. Another example: you can’t just change your Social Security Number (for U.S. readers). There’s a very high bar you have to meet to have that change made.
Regardless of what happens, call your local law enforcement. In the U.S. you can call the police and the FBI. Even if they can’t help you with your immediate problem, they aggregate information for trend management and investigations. Remember, they may ask for a copy of your hard drive as evidence. Evaluate whether or not you want to pursue that as an option.
If you make a payment for any of these forms of phishing, filing a police report will help with the next step, which is calling your bank or credit card fraud department to initiate a recovery action. That may not be successful, ultimately, but it’s worth a try.
Requests for Information or Money
If you provided your Social Security Number or other personally identifiable information, you can contact the three major credit agencies Equifax, Experian, and TransUnion to freeze your credit.
That prevents fraudulent lines of credit (e.g. loan, credit card, mortgage, etc.) from being taken out in your name. That is a very American-centric recommendation, so please contact the credit authorities in your country (if not the three above) to address fraudulent lines of credit in your country.
Chances are that Windows Defender, or your malware detection and response software of choice, will stop this automatically. If it doesn’t, then you’ll see very significant performance issues, inaccessible encrypted information, or deleted information.
If you can’t address the problem using endpoint malware software, then you may need to just reformat the computer and reinstall Windows. Here’s a straightforward YouTube video about how to do that.
But I’m going to lose all my important files! If you don’t have a backup, yes. Yes, you will.
Right now: start a Google, Microsoft, or iCloud account. Seriously, pause reading here, go set one up, and come back. Upload all your important files to it.
All of those services let you access your files from your computer and use them as if they were on your computer. They also provide for version control. Your worst case scenario is ransomware, where the files are encrypted. You can roll-back file versions and get back to your files.
There’s no reason not to set up cloud storage and put all your important unlosable files there.
If the Malicious Link deployed a virus or malware and you’re having problems with it, follow the directions in the previous section, Malicious Attachment.
If the Malicious Link asked you to input a username and password, you need to reset your password immediately. I would also recommend resetting your password wherever else you used that same password with the same or a similar username. The sooner you do that, the better, so don’t put it off!
How Can You Spot a Phishing Email?
There are a few things to look out for to identify a phishing email.
Is the message from a legitimate source?
Are there significant misspellings?
This isn’t telling on its own, but in combination with other things indicates that something may be a phishing email.
Is the email urgent? Is it prompting you for immediate action?
Phishing emails prey on your fight-or-flight response to get you to act. If you’re being contacted, say by the police, call the police and see if they’re actually looking for you.
Most payments you make aren’t in Google Play or iTunes gift cards.
Along the lines of the above, a lot of fraudulent schemes ask you to pay with gift cards, because they’re largely untraceable and non-refundable once used. Official organizations or law enforcement won’t ask you to pay for things with gift cards. Ever.
Is the request expected?
If you’re being told to make a payment or be arrested, have you done the thing you’re being accused of? If you’re being asked to pay a bill, are you expecting a bill?
If you’re being asked to input a password, does the site look legitimate?
If you’re redirected to a Microsoft or Google login, close the browser completely, reopen it, and then log in to Microsoft or Google. If you’re being prompted to input the password for that service after logging in, it’s not legitimate. Never input your password unless you, yourself, go to the legitimate website.
Let’s cover some of your questions about phishing links!
Follow the instructions above. The good thing about an iPhone, iPad, or Android is that there’s very little in the way of web-based or attachment-based viruses or malware for those devices. Most malicious content is delivered through the App or Play Stores.
Congratulations, you’re ok! You spotted the phish and avoided it. That’s exactly what you should do with phishing links: don’t input your data. Work towards not even interacting with them next time. Better, yet, report spam/phishing to Apple, Google, Microsoft or whoever your email provider is! All of them provide something.
Update the detailed information about Linux Malware Vs Phishing Schemes on the Achiashop.com website. We hope the article's content will meet your needs, and we will regularly update the information to provide you with the fastest and most accurate information. Have a great day!