Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[tlug] Anybody read the CACM special issue on "Spyware"? Worrying....



I found it *really* disappointing.  There seemed to be no awareness
that there are personal computers that don't run Windows, or that
classifying "any bundled program" as spyware doesn't make any sense
(why, /lib/modules is just FULL of the little mutherz!), and on and
on....  Enough bitching, on to the contentful part of our program.

(1) Rick Moen (who may not be an authority but sure talks like one ;)
sez about malware (http://www.linuxmafia.com/~rick/faq/):

    "Hostile" executables (including viruses) are almost unfindable in
    the Linux world -- and no real threat to it -- because they lack
    root-user authority [...].

I think it's uncontestable that the host-and-Internet-destroying
aspect of viruses is 99.44% alleviated by lack of root authority.
However, when it comes to privacy invasion, that ain't so.

Does Linux provide "natural immunity" to spyware the way it does to
system-erasing viruses?  How about other OSes?  (Yo, VT Hacker!)

(2) Has anybody heard of any "spyware for Linux?"  N.B. You've all
used some, I'd bet---most definitions of spyware include crash
reporters like the one bundled with Mozilla products because (a) it's
not advertised as part of the product and (b) it collects information
about your system without your permission.  Evidently it's pretty
benign because (c) it doesn't actually send anything without your
permission, but obviously it _could_ (anything that the system permits
to do HTTP GET can send arbitrary information encoded in the URL,
nyet?)

Any malwares in the wild yet?

(3) How about systems like the Mac (and some Internet-aware game
boxes) that are niche markets, so aren't a big fat target for
commercial outfits or spamhauses?  Still, autobogitification of the
system seems to be an important selling point, so, I would guess there
out there.

(4) For those of you sentenced to cruel but all-too-usual punishment
in environments ruled from Redmond, I'm curious what you or your
employers are doing about this threat.  (I haven't been paying much
attention to Windows problems for obvious reasons, but I plan to
investigate this for Scuba Dai.)

-- 
School of Systems and Information Engineering http://turnbull.sk.tsukuba.ac.jp
University of Tsukuba                    Tennodai 1-1-1 Tsukuba 305-8573 JAPAN
               Ask not how you can "do" free software business;
              ask what your business can "do for" free software.



Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links