Language Selection

English French German Italian Portuguese Spanish

Annual Kaspersky Labs Fearmongering!

Merry Fearmongering!

Kaspersky Labs (maker of the infamous KAV for Windows), has started what I call their "annual fearmongering initiative".

It appears about this time of year, when they release their so-called "Look everyone! We found a proof of concept malware that does something nasty to *insert opensource solution name here*" press releases.

Obviously, this is designed to spread fear.
(If you know what you're doing in Linux, there's nothing to fear.)

Here's a friendly reminder...

This is from 2006.

The case of the non-viral virus
http://software.newsforge.com/article.pl?sid=06/04/10/2218210

Torvalds creates patch for cross-platform virus
http://software.newsforge.com/article.pl?sid=06/04/18/1941251

OpenOffice.org virus debunked by experts
http://software.newsforge.com/article.pl?sid=06/06/02/2136202

And for this year? (2007)

iPod virus scare stories are here
http://www.theinquirer.net/default.aspx?article=38767
(It involves Linux installed on iPod).

Notice how in BOTH cases:

(1) The malware in question are "proof of concept" ones!
Translation? They do NOTHING in real life! They don't spread by themselves. They do NOT do any widespread damage!

(2) They don't do anything until you run them with root privilages and the like. As in you intentionally or delibrately infect yourself! No one is THAT stupid!

(3) Kaspersky Labs were the only ones that happen to find this type of malware! It leads me to believe it is THEM who are delibrately writing this proof of concept nonsense to begin with!

(4) It involves opensource solutions.

While these tactics may work on the Windows crowd, don't expect the Linux crowd to fall for the same BS. Its not gonna work.

Let me end this post by suggesting you read this article.
(If you've read it before, I want you to remind yourself again this year.)

Can the malware industry be trusted?
http://software.newsforge.com/article.pl?sid=06/06/06/1832223

My response to Kaspersky...
Do you really think we're that stupid?

More in Tux Machines

Coverity Report Finds Open Source Code Quality Beats Commercial Code

Synopsys has announced the release of its annual Coverity Scan Open Source Report, which is widely followed. The 2014 report details the analysis of nearly 10 billion lines of source code through the Coverity Scan service and commercial usage of the Synopsys Testing Platform. For the report, the company analyzed code from more than 2,500 open source C/C++ projects as well as an anonymous sample of commercial projects in 2014. Additionally, the report highlights results from several popular, open source Java and C# projects that have joined the Coverity Scan service since March 2013. Here are findings. Read more Also: Coverity Scan Open Source Report Shows Commercial Code Is More Compliant to Security Standards than Open Source Code

DragonFlyBSD Has Full-Acceleration Now Working For Intel Broadwell Graphics

Francois Tigeot's latest effort on porting the Intel i915 DRM code from the Linux kernel to DragonFlyBSD has paid off in the form of full acceleration for Broadwell "Gen8" HD/Iris Graphics. Tigeot issued a call for testing a few days back of an update to the i915 DRM code that would position the DragonFlyBSD's code at the stage of the Linux 3.16 kernel. This updated code should fix some issues that previously caused X.Org Server crashes, correct outstanding bugs, improve performance for all GPU generations, and provide much improved support for Broadwell graphics. He noted that the Broadwell GPUs on DragonFlyBSD should now be fully accelerated with this new code. Read more

Elive 2.6.8 beta released

Beta versions are not so optimized as the Stable ones due to debug flags and developer profiles, you can encounter errors and incomplete things, if you want a more polished system try the Stable version instead. Read more

Leftovers: SysAdmins/Servers

  • Why Docker is Not Yet Succeeding Widely in Production
    Docker’s momentum has been increasing by the week, and from that it’s clearly touching on real problems. However, for many production users today, the pros do not outweigh the cons. Docker has done fantastically well at making containers appeal to developers for development, testing and CI environments—however, it has yet to disrupt production. In light of DockerCon 2015’s “Docker in Production” theme I’d like to discuss publicly the challenges Docker has yet to overcome to see wide adoption for the production use case. None of the issues mentioned here are new; they all exist on GitHub in some form. Most I’ve already discussed in conference talks or with the Docker team. This post is explicitly not to point out what is no longer an issue: For instance the new registry overcomes many shortcomings of the old. Many areas that remain problematic are not mentioned here, but I believe that what follows are the most important issues to address in the short term to enable more organizations to take the leap to running containers in production. The list is heavily biased from my experience of running Docker at Shopify, where we’ve been running the core platform on containers for more than a year at scale. With a technology moving as fast as Docker, it’s impossible to keep everything current. Please reach out if you spot inaccuracies.
  • A New SysAdmin Pledge in Honor of SysAdmin Day
    In fact, history is filled with examples of great people declaring a holiday for themselves. Take Christopher Columbus, for example. Upon discovering “The New World”, Columbus immediately declared the second Monday in October to be “Columbus Day” (to be celebrated with cake… and balloons… and confetti). It took a year or two to catch on, but before the decade was through, most of the world was already celebrating this new holiday. It's true. Look it up.
  • 10 Job Interview Questions for Linux System Administrators
    SysAdmins of all experience levels, then, can benefit from brushing up on their job interview skills if they want to find and land a great new job.
  • IBM to Deliver Apache Spark for Linux on Z System Mainframes
    IBM has announced support for Apache Spark for Linux on z Systems, as part of its effort to expand the reach of its mainframe platforms. Among other benefits, the z Systems will now have a lot of appeal for data scientists that can leverage Apache Spark’s advanced analytics capabilities--all running on Linux.