pica200 wrote: ↑
Sun Mar 15, 2020 11:33 pm
Most Linux viruses probably only target servers and IoT (or IoS how i like to call it. The S is left to your imagination
Repositories should be relatively safe. Packages are normally signed and if a malicious package slips through it would not take long until someone notices. Chances are much lower than downloading random executables from the net as common on Windows.
Our operating system repositories are pretty well secured and maintained.
A bigger worry is all the other package repositories we use now a days. For example the node.js guys get all their modules from NPM which has been "infected" with malicious packages in the past https://www.bleepingcomputer.com/news/s ... passwords/
. The same problems exist for Pythons PIP and the Crate system of Rust and so on.
I notice in the Raspberry Pi would there is a lot of downloading of random execuatbles from the net. For example this suggestion was posted yesterday: https://www.bleepingcomputer.com/news/s ... passwords/
Often I have seen directions here and elsewhere to add some weird source to ones Raspbian apt sources list so as to get some pre-built binary installed from God knows where. That is giving the keys to your kingdom to strangers, root permissions and all!
As I said, why write actual viruses now a days. There are much easier ways to get your malicious code into systems.
Memory in C++ is a leaky abstraction .