This is a super subjective issue.
So Linux is a great OS but if you are here you probably know that. Here are
my recommendations.
1. If you need to use Windows, then install
https://www.sandboxie.com/ and
learn how to use it. Sandbox your email client, your web browser, and
anything that can move files from the internet to your computer.
2. If you are using Linux, then install and use Firejail and apparmor if
possible. Learn how that works and deploy it. Manjaro users will require a
custom kernel but if you are an Ubuntu user you can use AppArmor out the
box.
3. What delivery method are you afraid of? Javascript exploits? PDF files?
Putting weird devices into your ports?
You cannot mitigate the danger of ransomware until you understand your
security footprint and where you are most likely to be vulnerable. You may
be a business owner who deals with pdf invoices all day. That is a major
vulnerability and you may want to run `firejail mupdf` to deal with those
files.
Also some malware is designed to check if it is in a VM and not run in the
hopes you will move it out of the VM. Using a VM is a tool but not a catch
all resolution to the problem of running bad code.
What are you doing that could introduce bad code into your system? Browsing
websites? Sharing files over email? Using the computer for business where
you might be forced to plug a thumb drive in? Each of these issues require
specific steps to inoculate against danger.
Why not work towards eliminating the biggest virus of them all and get rid
of your reliance on Windows?
Thanks,
Aaron
On Tue, Aug 27, 2019 at 5:59 AM David Schwartz <
newsletters@thetoolwiz.com>
wrote:
> Also curious about something in this respect:
>
> What if you took a standard Windows 10 desktop from Dell or HP or
> wherever, sucked the Windows out of it and put it into a VM (eg.,
> VirtualBox), then replaced the base install with a stripped-down Linux core
> with enough there to run VirtualBox.
>
> How secure would that be against ransomeware?
>
> I’m thinking that if something infected the Windows VM, you could simply
> delete it and restore from a recent backup.
>
> They might siphon off some of your data, but you wouldn’t be locked-out or
> lose it for lack of backups.
>
> I don’t know how long those viruses might sit around dormant, but it might
> help to install Malwarebytes or something to scan for them anyway.
>
> I also don’t know how “spidery” the ransomeware code is in so far as it
> could worm its way into your DB server or otherwise corrupt your data there.
>
> Thoughts?
>
> -David Schwartz
>
>
>
> On Aug 27, 2019, at 4:46 AM, Aaron Jones <retro64xyz@gmail.com> wrote:
>
> Yes.
>
> https://forums.gentoo.org/viewtopic-t-1060828.html
> <https://u2206659.ct.sendgrid.net/wf/click?upn=3cK2FVJjyu2N-2Bxco034fZiPGE1B0F8eZU-2BtWTy2RtpMTBnFFCqRYnwDhSoc4nGa1qj18L7srDy5uXr2GRhB0gQ-3D-3D_6lpMB7VLnN-2Fj9-2FEErg8-2F-2BMBpb5QxlByTgv2M3fbWD9ebvC-2BWrN3h7jImK8EVWYBe-2B-2FO1K4-2Fb33B0TKGBFDAIw8dTcqz5qQUVqzw7pBDygGHrzYviylKHY5WvelzuEjBJ3eng0ns4XCMXfSo4nsD9QOWKfNAND9syIRJQsY-2Ba6Pa5kS-2FM-2Bx-2Be7bgOq-2FSbnleDsWLr46vNoRASg2c-2FxeDenDMp0EIz3QjQHVyHTNC97xY-3D>
>
> There are plenty of ransomware products that target Linux but most users
> are less affected due to the higher likelihood of backups and version
> control and all the stuff that goes along with being a Linux user.
>
> On Aug 26, 2019, at 10:57 PM, Joe Lowder <joe@actionline.com> wrote:
>
> Has there ever been a report of a Linux system
> being the victim of ransomware? Just curious.
>
>
>
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> https://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss
(text/plain)