With the recent windows 10 EoL news, I was able to move my dad over to Linux mint. But he does a lot of finance stuff. Long ago, Linux had a belief that desktop Linux are not the primary target for crackers but I don’t believe that true anymore since it’s getting significantly popular lately like Europe government migration over to Linux and Libreoffice.
My question would be , given my dad is just as careful on Linux as he has been on windows, would it be fine to do finance like banking and trading (not the fastest kind )?
If not, what would be your distro of choice for that? Even browsers (I installed Firefox and Edge from Microsoft website deb file)
For example it’s something that has an Apache webserver installed and that Apache is accessible from outside… So the Apache exploit can do something. Do you have both conditions met on your laptop/desktop computer? I’m pretty sure that won’t be the case, and that’s the difference here. And yes, that’s specific.
Let me repeat my last paragraph, as you seem to have stopped reading after the first question mark:
You’re wrong. How would an Apache exploit “hack” your Steam or online banking app? That’s just not possible.
How would something that exploits the default password on a router infect my machine with a different password?
Malware uses specific attack vectors and specific vulnerabilities.
The “specific vulnerabilities” are usually in the Linux kernel, quite present on every single Linux system. Please follow the link I posted above. This is not about Apache or any other arbitrary user-facing software.
Thanks for the link. But that’s not a vulnerability or malware. It’s academic research how to hide malicious syscalls. But it can’t infect anyone’s computer. And there isn’t any vulnerability to let it in.
The RingReaper malware is literally a malware, using known vulnerabilities in the Linux kernel…?!
I’m sorry. Most I can find about “RingReaper” is that single blog post or people who rephrased it into their own articles. There seems to be zero information on how it spreads through the internet? And if anyone contracted RingReaper. And I can’t even discern how that’d get on someone’s computer unless they install it themselves (which is a form of malware, though not very pronounced on linux due to the distributions and central package repositories). There are no other methods highlighted in the post. And it can’t do privilege escalation either, just scan for other vulnerabilities. So is this a thing in reality and how can I find out? It seems like valid research to me, but I can’t see how it’s more than that… What I mean is, I can see how someone put the word “malware” in the title. But that in itself doesn’t really threaten my (or OP’s dad’s) computer.
It is one of several things in reality. Linux malware, spreading through the (mostly) same paths as Windows malware does, has been real for quite some time now.
Linux malware threatens Linux computers. It might be important to keep that in mind if you use Linux.
Can you explain how its mailware and spreads? The article doesn’t say anything except how it hides its calls.
Did you read the article? This Ringreaper thing is a method to hide something. It doesn’t have any means to infect a system. And it doesn’t really do anything except hide itself. It doesn’t delete your files, it doesn’t steal your passwords… It doesn’t spread… It’s not really what you think it is.
Edit: And congratulations for going back and appending your first comment with the wild claim you own the truth. I’m pretty sure people here downvote you because there’s almost no truth in what you spread here. I’d be willing to listen, but you don’t have any example to back it up. Instead you ramble on how servers are supposed to be desktop computers and attacks target the kernel instead of userspace applications… None of that is true. Sorry I’m not deliberately trying to be mean or hostile. But that’s how it is.