on this forum i've read that viruses aren't really a problem on linux machines. but what about spyware or adware?

i'm using firefox and i think it's pretty good with filtering all the baddies out, but do i need DOUBLE protection? and if so, what programs are out there for linux-based adware removal?

No, not yet. There are different reasons for this. some of them:
Linux is not popular enough
Unix has a very secure build
the fact that you work as an user and only can install software as root
most spyware in MS world is written for IE and you can't use it in Linux

So you don't need protection yet. Just don't surf as root and don't install xpi (Firefox extensions) from sources you do not trust.

no... but you can be concerned by your privacy (f.e. logging cookies etc.) and phishing attempts... also some people tend to filter crap (banners, flash, popups, weird code etc.) for their comfort.

yes, active script doesn't work with linux !!! ^_^
but one day, it may appear ....

i doubt it ever will, linux boxes are just too varied for someone to spefically target the entire community, as there are wayyy too many distro's available.

the only thing i CAN imagine getting through to the linux world is cookies.. but firefox already has put water on that fire, concidering most websites that are legit use sessions now anyway?

Cookies can be bad for tracking personal privacy issues. Also beware of some P2P apps, they are notorious for tracking some of your internet usage.......

In my case NOT YET......but have experienced in windoz only..... :D

Mostly it depends on what you are calling/considering spyware.
Tracking cookies are browser specific--and do work with Mozilla/Firefox.
Usually harmless--for now.
Some of the "torrent" type file sharing programs are loaded up with some less then desirable things--like there just might not be a "free lunch" out on the Internet--even though it might seem there is sometimes.
Alexia would be a simple port to Linux--and probably already has been.
Tighten your belt and security up and just enjoy the internet for now--there's never been and probably won't ever be (unfortunately) an un-exploitable program written yet.

i dont believe thats true due to the amount of variety that exists in the community, its impossible to say there will ever be a virus, espcially when users dont have root privledges and therefore cannot install onto you machine. even if a virus did exist,and got around all those things [which is impossible] then the community would have a fix for it within a day.

cookie trackers maybe, but a simple cache clearing or setting your browser to ask for each cookie stops this completly.

Rootkits got their name from using "ROOT" priveleges. (and the name goes way back in computer history too).
Any open to the internet server/personal computer is a possible target--any OS--any server, and even your very own personal computer--of course if you are not on 24/7 you aren't a very good target for exploiting.
If ANY OS/Server was totally safe the entire Information industry would change over to that in a heartbeat!
Anyone seen the wholesale stampede to just one OS yet?
Sypware in Linux--you bet--just tailor it to the Browser and "insert" when the page you surf to comes up, cuz it's the "browser" not the OS usually in control/writing to the cache. Your browser ID's it'self to the server when connecting to the page server and Apache and most other server software tailors the page delivered to the particular type browser you are using--workarounds, etc.
That's why the recent "exploit" of phishing in Firefox was successful--everyone did notice that BOTH Linux and Win type Firefox/Mozilla Browsers were updated didn't they?
Moral?? Don't count on Linux being totally safe or unexploitable.
But I use it and like it better then ..........whatever that other one was.....

There is currently an exploit for Firefox (not sure if it effects Mozilla but I assume so) which can allow a carefully crafted website to execute code on your machine. I guess this is more of a security issue rather than spyware but in any sence your not completely safe no matter what kind of OS you have.

Personally I think Linux is much more secure and a lot of applications dont interlock with each other (integrate) which in my belief is the problem with Windows. The more simple you make things, the more user friendly and the more things which link together to one app the more and more security holes and possibilities for exploitation you open.

Well. When I was surfing a page looking for lyrics in Xp pro, Norton detect an "application" launched by java plugin and stopped it, but this was designed for Windows (trojan virus). Should I be worry about these things on a GNU/Linux system ?

Well, to sum it up succinctly, you should always be concerned about security. Just because we enjoy relative security with our Linux boxes, we shouldn't forget to keep our firewalls active, and current to our activities. Clamav (there are others, as well) works well for screening mail if you use your linux box as a mail server. It doesn't hurt to have it to screen individual mail, either.
Basic rules of security should apply even behind the most secure firewall, router, whatever. Filter your mail. Don't open mail from unexpected sources. Don't leave ports open unnecessarily, and restrict use of them with your firewall. Never get on line as root. Never do general work as root that could be done as user. If something you need to do requires root privilages, 'su' for that operation, then exit back to user.
And never assume that you're safe just because you have a firewall, or antivirus software, or run on Linux. Most cars are stolen with the keys in them, and the doors unlocked. An incredible number of home invasions/burgleries are accomplished just by walking in through the open garage door. Common sense, folks. Just plain old common sense.
owa

Spying on the spyware makers

http://news.com.com/Spying+on+the+spyware+makers/2008-1012_3-5694455.html?tag=nefd.lede

the only thing i CAN imagine getting through to the linux world is cookies.. but firefox already has put water on that fire, concidering most websites that are legit use sessions now anyway?

what exactly are 'sessions' in this respect?



Mat

Just chiming in here. Is there a aoftware package that will allow filters based on the program attempting to gain access? Allow one to get out on a particular port, but nothing else? Although Im new, from what Ive read its not that much a problem yet to worry about it. But I countered several trojans (one or two particualy bad ones) in windows because they did try to access the internet and the firewall alerted me to what the programs were... making it easier to find. Very handy to have.

Oh... and its also good for keeping various MS programs from calling home. Well... some people say they do. Better safe than sorry ;o)

Forgive me all for not giving you all the details, but i have a found a previous posting on another linux website from someone who did have a spyware issue. it happened to him while browsing the internet while logged on as root. Of course the poor guy got a lot of heat from all those who replied to his posting for browsing the internet as root in the first place.

yea, dont login as root if you do then you arent secure
other than that linux has very good security especially if compared to windows
so rarely if not never will you get trojans(or anything else related) (from my experience)

Why would you be more insecure logged in as root while surfing? or just sitting connected to your cable/dsl modem?
If someone compromises your system while you are logged off even--it's just a little more work to be right at the heart of the system.
Either way--logged in as root/user or logged off even--Linux box toast. Would you call that a Linux box lunch?
Trojans--how would you know if you had any???? Everyone who has a Linux trojan/exploit/adware finder/squasher and uses it regularly raise their hands!!!!! Remember now--it has to squash it too--not just say -------hay!! you might have a problem here!!
Also please post what you would do if Rkhunter told you that you had a big time problem with a certain "ROOTKIT" installed and active--and your network had a tremendous amount of uncounted for traffic.....

The fact that most of the software we use is open sourced means it falls on the scrutiny of many people's eyes. Perhaps more than what closed source companies could financially attempt. That's a technical security benefit.

Something open souce software doesn't solve is the human element (e.g. user installing a piece of software that may or may not be widely distributed). Though additions like SELinux help in this department, there's an awful lot that a user-land program could do. For example, the ability to at least gather some rudimentary system information (e.g. user names, invalid system permissions, version of programs installed, etc) can also be quite helpful with regards to breaking into a system.

well--gathering just basic stuff with a keylogger will give you the "su" once in a while--parsing a network sniffer will give you the local network login names and passwords even if sent secure--cracking programs won't take long unravelling passwords unless it's a NON word type password/login name like mx56**^ login--pass--#$%olZ--
you dream something up that don't make sense and it is a better pass/login. Hard to remember though!!
This can be done just cracking a web site/personal computer with no body logged in at the time but connected to the internet--same goes for the routers--but memory thankfully here is usually limited for hardware routers/AP's etc. (y'all do know many router/AP's/firewall appliances have Linux based OS's inside didn't ya?--my router/AP (cisco) has been "exploited" 3 times when I let the sheilds down to do a little logging of that type of crud going on. Took less then 4 hours each time for "them" to find it.)
Security has to stay up with the latest exploits--or at least not far behind. Stay aware of what's going on with your computers. Keep updated/patched systems. Don't take anything for granted--no matter what you have heard repeated all over the Internet--Linux isn't bulletproof, or 9ft tall. But it's good and getting better all the while. And critical updates don't take 6 months to get out--or cost an arm and a leg.
Linux by choice--Fedora Core by preference!

well--gathering just basic stuff with a keylogger will give you the "su" once in a while--parsing a network sniffer will give you the local network login names and passwords even if sent secure--cracking programs won't take long unravelling passwords unless it's a NON word type password/login name like mx56**^ login--pass--#$%olZ--

Unless you're referring to a hardware keylogger, how exactly do you keylog on a ptty when you don't even have permissions to read it.. much less on a system with rigid policies? That's something permissions solve in a non-superuser context. In a super-user context, that'd be something SELinux could help you with.

Infact, attempting to avoid use of a super user as much as possible is the fundamental principle behind most security software. It's also a good habit to be in.

Linux by choice - Distribution is irrelevant!

Yes, spyware is a problem on Linux... and I can't believe you belong to THAT website!!!

No, just kidding, it exists but it is not the same kind of problem as Windows. There aren't so many widely used apps like IE and OE which give a good reward of exploitations for the effort. People are using all different distros, different kernels, different browsers, it's an effort to automate an attack and there are so many juicy Windows machines out there. However, there have been attempts to backdoor the kernel itself and other apps, by gaining control of servers, jerking the software around and keeping quiet while people download it. Sooner or later something widespread and horrible will happen assuming Linux continues to rise in popularity.