This is a super subjective issue.

So Linux is a great OS but if you are here you probably know that. Here are my recommendations.

1. If you need to use Windows, then install https://www.sandboxie.com/ and learn how to use it. Sandbox your email client, your web browser, and anything that can move files from the internet to your computer.

2. If you are using Linux, then install and use Firejail and apparmor if possible. Learn how that works and deploy it. Manjaro users will require a custom kernel but if you are an Ubuntu user you can use AppArmor out the box.

3. What delivery method are you afraid of? Javascript exploits? PDF files? Putting weird devices into your ports?

You cannot mitigate the danger of ransomware until you understand your security footprint and where you are most likely to be vulnerable. You may be a business owner who deals with pdf invoices all day. That is a major vulnerability and you may want to run `firejail mupdf` to deal with those files.

Also some malware is designed to check if it is in a VM and not run in the hopes you will move it out of the VM. Using a VM is a tool but not a catch all resolution to the problem of running bad code.

What are you doing that could introduce bad code into your system? Browsing websites? Sharing files over email? Using the computer for business where you might be forced to plug a thumb drive in? Each of these issues require specific steps to inoculate against danger.

Why not work towards eliminating the biggest virus of them all and get rid of your reliance on Windows?

Thanks,

Aaron

On Tue, Aug 27, 2019 at 5:59 AM David Schwartz <newsletters@thetoolwiz.com> wrote:

Also curious about something in this respect:

What if you took a standard Windows 10 desktop from Dell or HP or wherever, sucked the Windows out of it and put it into a VM (eg., VirtualBox), then replaced the base install with a stripped-down Linux core with enough there to run VirtualBox.

How secure would that be against ransomeware?

I’m thinking that if something infected the Windows VM, you could simply delete it and restore from a recent backup.

They might siphon off some of your data, but you wouldn’t be locked-out or lose it for lack of backups.

I don’t know how long those viruses might sit around dormant, but it might help to install Malwarebytes or something to scan for them anyway.

I also don’t know how “spidery” the ransomeware code is in so far as it could worm its way into your DB server or otherwise corrupt your data there.

Thoughts?

-David Schwartz

On Aug 27, 2019, at 4:46 AM, Aaron Jones <retro64xyz@gmail.com> wrote:

Yes.

https://forums.gentoo.org/viewtopic-t-1060828.html

There are plenty of ransomware products that target Linux but most users are less affected due to the higher likelihood of backups and version control and all the stuff that goes along with being a Linux user.

On Aug 26, 2019, at 10:57 PM, Joe Lowder <joe@actionline.com> wrote:

Has there ever been a report of a Linux system
being the victim of ransomware? Just curious.

---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss