I wonder sometimes just how critical some of these viruses are to general activities. I have one computer that is absolutely rotten, if you believe malwarebytes, but it has a number of indispensable applications on it that I just can't replace without anti-virus software deleting them. I do nothing important on this computer such as money activities and storing important passwords, but I need to keep it running as a daily workhorse.
A good anti malware application would be a program that actually cleans the files instead of just deleting them.
So create exceptions in the AV software to tell it that you are aware of the potential risk, but would like to accept it.
Have you checked what software it is complaining about and why?
You also need to distinguish between classes of malware. Many system level utility programs may be classed as Potentially Unwanted Programs - but it all depends on context.
Say your AV platform warns you about a potential hacking application like an encrypted password recovery tool. It might be because you downloaded MailPass from Nirsoft to recover your forgotten password from outlook. Or it might be that you have remote access trojan installed that you did not know about, and the bot herder driving it has decided to do a full scan of your PC to recover any passwords and account details it can find.
How you feel about the associated risk may very significantly - so don't shoot the messenger.
Does it need to be connected to the internet? If not, keep it "air gapped".
Yeah right... think about that for a moment! How does it repair an altered file back to its initial state? Using an infinite database of every version of every executable from every manufacturer?
I have occasionally had an anti-virus scan which picked up a new high-profile virus/trojan horse. The files it points at are tucked away on an 'archive' HDD, approx 10 years old, and haven't been run in nearly as long. Hmm.
Malwarebytes detects 192 infected files, but superspyware with a 175MB up to date database, only detects one and that is an adware tracker, all seems a bit arbitrary to me. I know the antivirus companies want to make money, but wonder how much they use scare tactics.
Although that is mainly used where I am to scan attachments to and from
*Windows* PCs.
Some people think it's a weight of numbers issue. If 90% of the world ran linux desktops, then maybe they'd be as vulnerable.
For myself, I think it's more fundamental than that. Linux was built from the ground up (like *nix) with a damn good model of security and understanding that the user at the console is more likely than not, *not* an admin.
However having just wasted half a day with a ****ing wifi issue with Jammy Jellyfish that may not ever be fixed, I don't think we are there yet.
A lot of Windows users run with admin privileges, which saves them time and allows malware to be installed on their machines. Apart from some Ubuntu users, most Linux users have more sense.
We can divide the Windows users into three groups.
1) Most users don't know how to use the computer. They can get the browser open. And that gives a feeling of accomplishment. Some will manage to click the UAC prompt, but they may lack the ability to discriminate when they should *refuse* such a request. UAC only works, if the user knows when to click Cancel.
2) Some users learn things. Here is my Notes file entry.
net user administrator /active:yes # This enables the "Real Administrator" account Set a password # Guess what. No additional privs are the result. Doesn't really help # Uh huh.
What the users notice, is this does not help in the least. There are still lots of things, that don't "tip over" when you "bump them as the Administrator".
This attempt, to "do a Windows 98" to the OS, simply does not work. The results are disappointing.
A user in this environment, can use DropMyRights, to return an operation to the unelevated state. You can run inverted this way, in your Sopwith Camel.
DropMyRights.exe Firefox.exe # Run Firefox un-elevated, from the Real Administrator account
3) Applications like psexec and RunFromToken, are the next level.
psexec64.exe -hsi cmd <=== 64 bit OS, opens SYSTEM cmd.exe window
RunFromToken.exe trustedinstaller.exe 1 cmd <=== Opens a TrustedInstaller window. Run Regedit from here. This does not work, unless you start the msiexec service less than five seconds before issuing the command. TrustedInstaller is not a real account, and exists as a token.
When a permission problem arises (even the Registry has permissions inside), there are ways to get there. I think the last time I tried to use psexec there was a problem with it.
Since these methods (3) are transient, there is little risk of the user starting Firefox as TrustedInstaller. It's (2), where a dumbass can get in a lot of trouble. And there really aren't that many people headstrong enough to stay at (2). There is one IT level guy who does this (2) though <eyeroll!>. I don't think you get a Cert doing that.
I would dispute that the number of (2) people is significant. I know that many have tried. But there's really no reason to continue running that way.
*******
To tip over a Windows machine with malware *does not* require Administrator. The malware is perfectly capable of defeating all protections. It's the *users* who cannot operate their own machine, because of the security features is has. The malware cares not about such foolishness.
Linux has repeatedly had exploits. The community values the quick repair to fix such things, as a means of looking Lilly White later. But if there was money involved in tipping over Linux users, we would get a real measure of the holes. After all, we had some idiots prove how easy it was to infiltrate kernel.org work.
While the concept of "many eyes" and open source is attractive, it does not actually scale. The first program I got off the Internet that was FOSS, I read the entire 1 megabyte of source files. I did it, to see "what does it take to be a many-eyes". Today, Firefox has something like four hundred thousand text files. And a single human could not read all of them, before passing from old age. The kernel, similarly, has a large footprint.
There *is* money and there *are* attacks on big linux servers, but guess what, they are not administered by windows numpties. Windows are a target for three reasons
- there are lots and lots of pcs on the internet running it
- its users are generally just as technically clueless as MAC users
- its built to sell, not to work, or be secure.
Contrariwise Linux is less prevalent, far harder to crack and its users tend to be able at least to do a basic install.
And ALL the flaws are made public immediately so that users can watch out, patch, , reconfigure, or upgrade.
Just look at 'the register' ..
It is simply that Linux demands a little competence to install and use, has nothing to lose and everything to gain by patching vulnerabilities quickly, and is late to the table and incorporates all the (Unix) lessons learnt from script kiddies on campus abusing their telnet logins etc. And, today, as it is THE Big Iron operating system of choice - and Big Blue's - its damn well tested to make sure it is safe.
We get it free on the desktop, but IBM , Red Hat and others spend millions of pounds a year making it work better, on the understanding that they too, can use it for free.
Maybe Debian ? No sudoers set up ? When that happens, you get to learn how to set up sudoers (like you would in the old days).
And there is one distro, with a red Terminal icon on the taskbar, and you run as root. Which is fine, as long as you know enough about 'nix to recognize the flora and fauna. That's a distro intended only for live usage, and not really intended for hard drive install.
And the Wifi modules, like some new RealTek one, they eventually get drivers. It all depends on how cooperative the hardware company is, to how quickly that gets resolved. People who reverse-engineer, they need samples of hardware, to do their best work.
Some hardware has "too many" drivers, and the secret to end-user bring-up is blacklisting the drivers that don't belong. Only certain people have big enough brain-pans to memorize all these quirk-cases. If I were to expect trouble, maybe it would be a Broadcom.
Whereas Atheros, used to have a good reputation in the Linux community. And they have been acquired by Qualcomm (the Borg).
Any time smaller companies are bought, and passed between larger companies like after-dinner mints, that's when the driver situation for the hardware goes to hell. No web page any more, no easy driver downloads, and so on. One semiconductor company, it might have had four or five owners by now, and "everyone owns it for two years, for the tax writeoff".
It does mean the occasional bit of hard work. It builds character.
Well not so odd that Windows - for all it's flaws - has zero problems with it.
Luckily in this case the bug manifests itself by the wifi adapter being incapable of getting an IP address - and in my case we are using fixed IPs. But it would have made it useless for general use.
If there is no default sudoer access applied to the initial system and no root password, then root access is impossible. And you cant set up sudoers.
That remains one of the issues. I am not majoring on very vanilla ex commercial refurbed HP desk and laptops. They use bog standard chips, and linux 'just worked' on them to date.
I had problems in the past with Broadcomm hardware on older machines from the noughties. As well as video hardware from that era, but stuff from 2010 onwards all seems to play nice.
That was my experience 15 years ago, not today. Linux Mint, in particular has spent time and effort eliminating all that with intelligent 'driver select' software . If it needs need drivers you run that, it scans the system and say 'yep. we have proprietary drivers for that that are recommended'
Fuck the 'linux community'
That's as specious a bunch of wankers as the 'transgender community'
The fact is that Linux at the core kernel and base level system apps is maintained by very serious money and its streets ahead of toy OSes like Windows or OSX.
However they don't put time into making it noob friendly. Mint and Ubuntu did and do.
You have to have fairly peculiar hardware or be extremely fat fingered to not be able to install those successfully.
Linux isn't a geeks hobby any more. Its the no 1 operating system in the world, for phones, tablets, servers, embedded hardware, routers, supercomputers..all the way from a £6 Pi Zero to a million pound Cray. It's designed to work, because hardware manufacturers make no money out of selling it, only their hardware, so naturally its in their interest to make sure it showcases that hardware optimally.
Since there is no money to be made from it, no one in the consumer world is interested in selling it preinstalled on domestics PCs, when they can make more selling windows or Macs. Only Chromebooks have it by default.
So it simply isn't widely known among that target market. Except as android, on phones.
It was an obscure default in systemd that wants to rename the wireless interface to something obscure, which then isnt recognised by other parts of the system, namely the DHCP client side.
look here /lib/systemd/network/ and you may see some files
tell me what's there and what is in them, and how the wifi is connected
HomeOwnersHub website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.