is spyware a problem on linux?

[hien]

on this forum i've read that viruses aren't really a problem on linux machines. but what about spyware or adware?

i'm using firefox and i think it's pretty good with filtering all the baddies out, but do i need DOUBLE protection? and if so, what programs are out there for linux-based adware removal?

[ilja]

No, not yet. There are different reasons for this. some of them:
Linux is not popular enough
Unix has a very secure build
the fact that you work as an user and only can install software as root
most spyware in MS world is written for IE and you can't use it in Linux

So you don't need protection yet. Just don't surf as root and don't install xpi (Firefox extensions) from sources you do not trust.

[kosmosik]

no... but you can be concerned by your privacy (f.e. logging cookies etc.) and phishing attempts... also some people tend to filter crap (banners, flash, popups, weird code etc.) for their comfort.

[krisnalada]

yes, active script doesn't work with linux !!! ^_^
but one day, it may appear ....

[Trendkill]

i doubt it ever will, linux boxes are just too varied for someone to spefically target the entire community, as there are wayyy too many distro's available.

the only thing i CAN imagine getting through to the linux world is cookies.. but firefox already has put water on that fire, concidering most websites that are legit use sessions now anyway?

[james_in_denver]

Cookies can be bad for tracking personal privacy issues. Also beware of some P2P apps, they are notorious for tracking some of your internet usage.......

[imdeemvp]

In my case NOT YET......but have experienced in windoz only.....

[w5set]

Mostly it depends on what you are calling/considering spyware.
Tracking cookies are browser specific--and do work with Mozilla/Firefox.
Usually harmless--for now.
Some of the "torrent" type file sharing programs are loaded up with some less then desirable things--like there just might not be a "free lunch" out on the Internet--even though it might seem there is sometimes.
Alexia would be a simple port to Linux--and probably already has been.
Tighten your belt and security up and just enjoy the internet for now--there's never been and probably won't ever be (unfortunately) an un-exploitable program written yet.

[Trendkill]

i dont believe thats true due to the amount of variety that exists in the community, its impossible to say there will ever be a virus, espcially when users dont have root privledges and therefore cannot install onto you machine. even if a virus did exist,and got around all those things [which is impossible] then the community would have a fix for it within a day.

cookie trackers maybe, but a simple cache clearing or setting your browser to ask for each cookie stops this completly.

[w5set]

Rootkits got their name from using "ROOT" priveleges. (and the name goes way back in computer history too).
Any open to the internet server/personal computer is a possible target--any OS--any server, and even your very own personal computer--of course if you are not on 24/7 you aren't a very good target for exploiting.
If ANY OS/Server was totally safe the entire Information industry would change over to that in a heartbeat!
Anyone seen the wholesale stampede to just one OS yet?
Sypware in Linux--you bet--just tailor it to the Browser and "insert" when the page you surf to comes up, cuz it's the "browser" not the OS usually in control/writing to the cache. Your browser ID's it'self to the server when connecting to the page server and Apache and most other server software tailors the page delivered to the particular type browser you are using--workarounds, etc.
That's why the recent "exploit" of phishing in Firefox was successful--everyone did notice that BOTH Linux and Win type Firefox/Mozilla Browsers were updated didn't they?
Moral?? Don't count on Linux being totally safe or unexploitable.
But I use it and like it better then ..........whatever that other one was.....

[DRE.ORGY.NET]

There is currently an exploit for Firefox (not sure if it effects Mozilla but I assume so) which can allow a carefully crafted website to execute code on your machine. I guess this is more of a security issue rather than spyware but in any sence your not completely safe no matter what kind of OS you have.

Personally I think Linux is much more secure and a lot of applications dont interlock with each other (integrate) which in my belief is the problem with Windows. The more simple you make things, the more user friendly and the more things which link together to one app the more and more security holes and possibilities for exploitation you open.

[crossfire]

Well. When I was surfing a page looking for lyrics in Xp pro, Norton detect an "application" launched by java plugin and stopped it, but this was designed for Windows (trojan virus). Should I be worry about these things on a GNU/Linux system ?

[owakroeger]

Well, to sum it up succinctly, you should always be concerned about security. Just because we enjoy relative security with our Linux boxes, we shouldn't forget to keep our firewalls active, and current to our activities. Clamav (there are others, as well) works well for screening mail if you use your linux box as a mail server. It doesn't hurt to have it to screen individual mail, either.
Basic rules of security should apply even behind the most secure firewall, router, whatever. Filter your mail. Don't open mail from unexpected sources. Don't leave ports open unnecessarily, and restrict use of them with your firewall. Never get on line as root. Never do general work as root that could be done as user. If something you need to do requires root privilages, 'su' for that operation, then exit back to user.
And never assume that you're safe just because you have a firewall, or antivirus software, or run on Linux. Most cars are stolen with the keys in them, and the doors unlocked. An incredible number of home invasions/burgleries are accomplished just by walking in through the open garage door. Common sense, folks. Just plain old common sense.
owa

[Raafi]

Spying on the spyware makers

http://news.com.com/Spying+on+the+sp...?tag=nefd.lede

[Mat]

Quote:

Originally Posted by Trendkill

the only thing i CAN imagine getting through to the linux world is cookies.. but firefox already has put water on that fire, concidering most websites that are legit use sessions now anyway?

what exactly are 'sessions' in this respect?



Mat