<Scroll>
On 2019-08-27 06:18, Aaron Jones wrote:
> This is a super subjective issue.
>
> So Linux is a great OS but if you are here you probably know that. Here
> are my recommendations.
>
> 1. If you need to use Windows, then install https://www.sandboxie.com/
> and learn how to use it. Sandbox your email client, your web browser,
> and anything that can move files from the internet to your computer.
>
> 2. If you are using Linux, then install and use Firejail and apparmor
> if possible. Learn how that works and deploy it. Manjaro users will
> require a custom kernel but if you are an Ubuntu user you can use
> AppArmor out the box.
>
> 3. What delivery method are you afraid of? Javascript exploits? PDF
> files? Putting weird devices into your ports?
>
> You cannot mitigate the danger of ransomware until you understand your
> security footprint and where you are most likely to be vulnerable. You
> may be a business owner who deals with pdf invoices all day. That is a
> major vulnerability and you may want to run `firejail mupdf` to deal
> with those files.
>
> Also some malware is designed to check if it is in a VM and not run in
> the hopes you will move it out of the VM. Using a VM is a tool but not
> a catch all resolution to the problem of running bad code.
>
> What are you doing that could introduce bad code into your system?
> Browsing websites? Sharing files over email? Using the computer for
> business where you might be forced to plug a thumb drive in? Each of
> these issues require specific steps to inoculate against danger.
>
> Why not work towards eliminating the biggest virus of them all and get
> rid of your reliance on Windows?
I thought I might respond to your get rid of windows. Tried that and
had to go back to Windows. I have two issues with Linux as a
workstation O/S. One dealing with scanners and printers. Not as easy
as I would like. Windows is plug and play when it comes to printers and
scanners. The other issue I ran into that was a deal breaker was
needing to use screen share software like go to meetings. 3 or 4 years
ago the Linux support was not there, and I did not get to choose the
screen share software. I work remote and need to do lots of screen
sharing with others who are remote.
I ran Linux on my desktop twice and would like to return. In 2000 I ran
Linux on my desktop for 8 months and then returned to Windows. Again
around 2010 I ran Linux on my Desktop for 4 or 5 years. I returned to
Windows only because of my team's requirement to do screen sharing.
At this point I am running some software that is not available on Linux.
As a PHP programmer I would rather run Linux exclusively because it
would make my life much easier....
>
> Thanks,
> Aaron
>
> On Tue, Aug 27, 2019 at 5:59 AM David Schwartz
> <newsletters@thetoolwiz.com> wrote:
>
> Also curious about something in this respect:
>
> What if you took a standard Windows 10 desktop from Dell or HP or
> wherever, sucked the Windows out of it and put it into a VM (eg.,
> VirtualBox), then replaced the base install with a stripped-down Linux
> core with enough there to run VirtualBox.
>
> How secure would that be against ransomeware?
>
> I'm thinking that if something infected the Windows VM, you could
> simply delete it and restore from a recent backup.
>
> They might siphon off some of your data, but you wouldn't be locked-out
> or lose it for lack of backups.
>
> I don't know how long those viruses might sit around dormant, but it
> might help to install Malwarebytes or something to scan for them
> anyway.
>
> I also don't know how "spidery" the ransomeware code is in so far as it
> could worm its way into your DB server or otherwise corrupt your data
> there.
>
> Thoughts?
>
> -David Schwartz
>
> On Aug 27, 2019, at 4:46 AM, Aaron Jones <retro64xyz@gmail.com> wrote:
>
> Yes.
>
> https://forums.gentoo.org/viewtopic-t-1060828.html
>
> There are plenty of ransomware products that target Linux but most
> users are less affected due to the higher likelihood of backups and
> version control and all the stuff that goes along with being a Linux
> user.
>
> On Aug 26, 2019, at 10:57 PM, Joe Lowder <joe@actionline.com> wrote:
>
> Has there ever been a report of a Linux system
> being the victim of ransomware? Just curious.
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
https://lists.phxlinux.org/mailman/listinfo/plug-discuss
(text/plain)