Comments on: Yet More Malware Found on Gnome-Look http://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/?utm_source=rss&utm_medium=rss&utm_campaign=yet-more-malware-found-on-gnome-look Everything Ubuntu. Daily. Thu, 09 Feb 2012 15:27:00 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Remove Spywarehttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-16142 Remove Spyware Mon, 21 Jun 2010 15:38:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-16142 That's a sad news! That’s a sad news!

]]> By: Remove Spywarehttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-16143 Remove Spyware Mon, 21 Jun 2010 15:38:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-16143 That's a sad news! That’s a sad news!

]]> By: Anonymoushttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-5845 Anonymous Mon, 22 Feb 2010 22:00:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-5845 Right. Because compiling the source and installing it yourself protects you from malware, right?When was the last time the average Ubuntu user read through AND UNDERSTOOD every line of source of a package they'd just downloaded. Right. Because compiling the source and installing it yourself protects you from malware, right?

When was the last time the average Ubuntu user read through AND UNDERSTOOD every line of source of a package they’d just downloaded.

]]> By: Rahttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-4361 Ra Thu, 07 Jan 2010 20:56:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-4361 Yea right, like that would do any good. Just another ip blocked. People have dynamic ip's and you can use wifi in public places. Yea right, like that would do any good. Just another ip blocked. People have dynamic ip’s and you can use wifi in public places.

]]> By: Danielhttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-3809 Daniel Tue, 15 Dec 2009 22:14:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-3809 Aren't we going offtopic here? Aren’t we going offtopic here?

]]> By: Yfrwlfhttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-3808 Yfrwlf Tue, 15 Dec 2009 21:25:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-3808 I see and you're right, thanks. Seeing any kind of GTK improvements will be nice. Now if more programs would utilize wxWidgets or something else which helps makes programs be more cross-DE so they can look native on both GTK and Qt desktops, that would be even nicer. You haven't blogged about it yet, but I just unpacked Thunderbird 3 and found it looking completely "naked" with standard X-windows buttons it seems like, using neither GTK or Qt, but that's off-topic. I see and you’re right, thanks. Seeing any kind of GTK improvements will be nice. Now if more programs would utilize wxWidgets or something else which helps makes programs be more cross-DE so they can look native on both GTK and Qt desktops, that would be even nicer. You haven’t blogged about it yet, but I just unpacked Thunderbird 3 and found it looking completely “naked” with standard X-windows buttons it seems like, using neither GTK or Qt, but that’s off-topic.

]]> By: d0odhttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-3740 d0od Sat, 12 Dec 2009 18:37:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-3740 Emerald is a window border replacement, the RGBA stuff being included in GTK affects the look of applications themselves, not their borders. Emerald is a window border replacement, the RGBA stuff being included in GTK affects the look of applications themselves, not their borders.

]]> By: Yfrwlfhttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-3739 Yfrwlf Sat, 12 Dec 2009 14:37:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-3739 And now I read your post about the window effects they're adding to GTK. :P Still confused why they don't just use Emerald though which is, what, 7 years old now I think? And now I read your post about the window effects they’re adding to GTK. :P Still confused why they don’t just use Emerald though which is, what, 7 years old now I think?

]]> By: Yfrwlfhttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-3738 Yfrwlf Sat, 12 Dec 2009 14:32:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-3738 IMO, that's what you get for having random scripts be your method for installing things like this. Instead of trusting a script to not do something bad to you, there should be better methods for users to install theme packs. While there are theme packs you can drag into your Appearance Preferences Gnome theme window to install (or by selecting the theme pack file via the install button), they don't have an API like this for sounds and other things AFAIK, and it is either a manual process or you use scripts or packages. The two latter methods are more dangerous. Scripts you can read, but who wants to spend time doing that (nor would normal users understand 99% of it), and packages, unless they are defined as theme packages and thus confined by PolicyKit to only be allowed to modify theme-related directories, are going to be insecure as well.Linux needs to secure itself more by tightening its policies so that even if a user does download malware, it won't work, or won't work very well. While I fully agree that security is ultimately up to the user, that doesn't mean there's no point in making it easier for the user to stay protected, and that's what security is really about, what to do to protect yourself IN CASE someone is a moron or gets compromised by someone. If you have an API that only pulls specific things out of a "theme package" the system can protect itself much more easily from users installing malicious themes. They need to extend the Gnome theme package API to include all aspects of the desktop, including setting Emerald themes I think (not sure why Emerald isn't used with Compiz as the default as it has much nicer-looking effects than metacity does). IMO, that’s what you get for having random scripts be your method for installing things like this. Instead of trusting a script to not do something bad to you, there should be better methods for users to install theme packs. While there are theme packs you can drag into your Appearance Preferences Gnome theme window to install (or by selecting the theme pack file via the install button), they don’t have an API like this for sounds and other things AFAIK, and it is either a manual process or you use scripts or packages. The two latter methods are more dangerous. Scripts you can read, but who wants to spend time doing that (nor would normal users understand 99% of it), and packages, unless they are defined as theme packages and thus confined by PolicyKit to only be allowed to modify theme-related directories, are going to be insecure as well.

Linux needs to secure itself more by tightening its policies so that even if a user does download malware, it won’t work, or won’t work very well. While I fully agree that security is ultimately up to the user, that doesn’t mean there’s no point in making it easier for the user to stay protected, and that’s what security is really about, what to do to protect yourself IN CASE someone is a moron or gets compromised by someone. If you have an API that only pulls specific things out of a “theme package” the system can protect itself much more easily from users installing malicious themes. They need to extend the Gnome theme package API to include all aspects of the desktop, including setting Emerald themes I think (not sure why Emerald isn’t used with Compiz as the default as it has much nicer-looking effects than metacity does).

]]> By: d0odhttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-3698 d0od Fri, 11 Dec 2009 01:24:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-3698 No problem, thanks! =) No problem, thanks! =)

]]> By: Tommy Hehttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-3694 Tommy He Thu, 10 Dec 2009 22:37:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-3694 Hi, I put a piece of this news in Chinese on LinuxTOY with a reference to here:http://linuxtoy.org/archives/alert-malwares-appear-on-gnome-look.htmlThank you for your alert. Hi, I put a piece of this news in Chinese on LinuxTOY with a reference to here:

http://linuxtoy.org/archives/alert-malwares-appear-on-gnome-look.html

Thank you for your alert.

]]> By: d0odhttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-3690 d0od Thu, 10 Dec 2009 17:18:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-3690 I'm annoyed they've not replied to anyone that i know of that has e-mailed them. As you say the -look.org sites have a very solid reputation as THE place to go for artwork/applications and such. To ignore concerns - especially given they're not unfounded - is a bit of a, excuse my language, piss take. They make money from people using the site (through adverts) so, in a round about way, have a relative responsibility to at least reassure and reply to one user if not all. They're doing their rep no favours atm... I’m annoyed they’ve not replied to anyone that i know of that has e-mailed them. As you say the -look.org sites have a very solid reputation as THE place to go for artwork/applications and such. To ignore concerns – especially given they’re not unfounded – is a bit of a, excuse my language, piss take. They make money from people using the site (through adverts) so, in a round about way, have a relative responsibility to at least reassure and reply to one user if not all. They’re doing their rep no favours atm…

]]> By: Willhttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-3688 Will Thu, 10 Dec 2009 15:49:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-3688 I've emailed *-look.org before regarding filters/classifications/general quality control, especially given that KDE at least (don't know about gnome) hooks directly into the sites allowing you to download and install wallpapers and so on directly in the DE itself. To this date I've not recieved a reply... perhaps *-look.org websites need to be put under more scrunity before being accepted as a de-facto provider? I’ve emailed *-look.org before regarding filters/classifications/general quality control, especially given that KDE at least (don’t know about gnome) hooks directly into the sites allowing you to download and install wallpapers and so on directly in the DE itself.
To this date I’ve not recieved a reply… perhaps *-look.org websites need to be put under more scrunity before being accepted as a de-facto provider?

]]> By: Alexhttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-3684 Alex Thu, 10 Dec 2009 15:13:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-3684 I know you didn't referred to it as a virus. But I've read a lot on ubuntuforums.org and things like : "first semi-massive Linux virus/trojan?" "Keep viruses in the windows world " "what yo have there is a trojan" Ect...Wich is pretty ignorant I think... :) I know you didn’t referred to it as a virus.
But I’ve read a lot on ubuntuforums.org and things like :
“first semi-massive Linux virus/trojan?”
“Keep viruses in the windows world ”
“what yo have there is a trojan”
Ect…

Wich is pretty ignorant I think…
:)

]]> By: d0odhttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-3682 d0od Thu, 10 Dec 2009 14:44:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-3682 I certainly never referred to it as a Virus but as Malware - the definition of which is software designed to perform a malicious task without the users consent to do so. I certainly never referred to it as a Virus but as Malware – the definition of which is software designed to perform a malicious task without the users consent to do so.

]]> By: Alexhttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-3680 Alex Thu, 10 Dec 2009 14:41:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-3680 I think that it is important to say that this was no virus... Event an antivirus would have let that one untouch... It is only code run by the user.Am I wrong ? I think that it is important to say that this was no virus…
Event an antivirus would have let that one untouch…
It is only code run by the user.

Am I wrong ?

]]> By: Danielhttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-3674 Daniel Thu, 10 Dec 2009 13:59:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-3674 Reports on Linux Malware are largely exagerated =-P There`s no need for anti-virus yet, just a matter of reasonable use of the system. Reports on Linux Malware are largely exagerated =-P
There`s no need for anti-virus yet, just a matter of reasonable use of the system.

]]> By: Marco Valentehttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-3673 Marco Valente Thu, 10 Dec 2009 13:57:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-3673 I hope this isn't the inauguration of a Linux needs antivirus era! I hope this isn’t the inauguration of a Linux needs antivirus era!

]]> By: Daniel "NeoStrider" Monteirohttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-3666 Daniel "NeoStrider" Monteiro Thu, 10 Dec 2009 11:12:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-3666 Really sad. Looks like someone is trying to bring down gnome-look credibility. Too bad, as I distribute a maemo game in it. Really sad. Looks like someone is trying to bring down gnome-look credibility. Too bad, as I distribute a maemo game in it.

]]> By: KnifeySpooneyhttp://www.omgubuntu.co.uk/2009/12/yet-more-malware-found-on-gnome-look/#comment-3654 KnifeySpooney Thu, 10 Dec 2009 00:22:00 +0000 http://www.omgubuntu.dreamhosters.com/2009/12/yet-more-malware-found-on-gnome-look/#comment-3654 Could have possibly been a copycat -- the original "hacker" released a "phishing kit" on an online MMO forum as I have read in the Ubuntu Forums. The thread of his phishing kit has 5 pages and not one has a negative comment. They all say "Wow, great job!".I would link to the thread, but I don't wanna boost the PageRank. Here's the post in UF:<a href="http://ubuntuforums.org/showpost.php?p=8463890&postcount=16" rel="nofollow">http://ubuntuforums.org/showpost.php?p=8463890&...</a>Edit: Oof, according to that forum, the hacker is 14 years old... Could have possibly been a copycat — the original “hacker” released a “phishing kit” on an online MMO forum as I have read in the Ubuntu Forums. The thread of his phishing kit has 5 pages and not one has a negative comment. They all say “Wow, great job!”.I would link to the thread, but I don’t wanna boost the PageRank. Here’s the post in UF:http://ubuntuforums.org/showpost.php?p=8463890&…

Edit: Oof, according to that forum, the hacker is 14 years old…

]]>