[SATLUG] Open Source Fest ?

mark mark at kandm-solutions.com
Tue Mar 15 19:27:42 CDT 2011


Don't get me wrong I love bit-torrent.

On Tue, 2011-03-15 at 10:40 -0500, Don Wright wrote:
> mark wrote:
> 
> > ... I informed him that if they continued using bit-torrent to
> >download questionable material (they were downloading music, apps and
> >other copyrighted material) they would continue getting infections.
> 
> I agree that downloading items from sources of questionable legitimacy
> is a malware risk, but please don't confuse the technology with the
> misuse. Bittorrent is still used by most of the Linux distros because
> it's a reliable, inexpensive way to distribute popular content. If the
> original doesn't have a virus, the downloaded copy won't either.
> 
> Infestations on legitimate websites (such as the [1]BBC) account for
> many malware attacks. From the linked article: "When a site like the
> Beeb gets infected by a malicious link, the potential for many innocent
> people to be affected by malware is huge," says Carl Leonard, senior
> manager, security research, at Websense Security Labs. "Modern threats
> target places where they will find good traffic, which is why we found
> that 80 percent of the malicious sites we saw last year were actually
> legitimate sites that had been compromised." Obviously, reading HTML
> mail and reading mail with a Web browser adds to this risk.
> 
> In recent years Adobe (Flash, Reader) seems to have surpassed Microsoft
> as the exploit-friendly platform of choice. (There's an unpatched
> 'critical' flaw in [2]Flash right now.) Last week I removed a Javascript
> exploit from a Macintosh, so it can't be said Redmond is the root of
> _all_ evil.
> 
> I'm sure we all know the *nix security model, vigorously applied, goes a
> long way to prevent accidental infections like these, but remember "It
> is impossible to make anything foolproof because fools are so
> ingenious." (attrib. unknown)
> 
> --Don
> 
> [1] Infected BBC Websites:
> http://www.darkreading.com/security/attacks-breaches/229218824/bbc-sites-injected-with-malicious-iframe.html
> 
> [2] Adobe Flash: http://news.cnet.com/8301-13506_3-20043248-17.html
> 
> -- 
> Be well - or at least have interesting symptoms!




More information about the SATLUG mailing list