Re: Linux and spyware?

From: Christopher Browne (cbbrowne_at_acm.org)
Date: 06/30/03 

Date: 30 Jun 2003 03:15:30 GMT

Quoth haynes@alumni.uark.edu (Jim Haynes):
> An article in today's paper alleges that Linux and MacOS are just as
> vulnerable to spyware as is Windows. Is this true? and if so what is
> the mechanism of action? And how can spyware be detected and eliminated
> in Linux?

Most of the "client side spyware" has tended to be embedded either in
web browser extensions or in stuff like JavaScript. The former tend
not to be available for Linux, but the latter ought to be able to
work.

And in any case, the usual _real_ form of "spyware" will mostly be on
the server side of web accesses, so that the platform you are using to
browse the web is totally irrelevant.

Consider: You get an email that points you to "Hot Young Teens."

It has a URL that points the sender to who they sent it to. That may
be as unobvious as:

ID # Email Address
-------------------------------------
1021 a@b.com
1022 your_address@wherever.com
1023 my_add@mysite.com
. and so forth ...

which turns into a URL like:
<http://www.hotteens.com/stuff+1022+intro/>

Note that there is _no_ reason for you to consider the "1022" part to be
associated in any way with your identity.

But an interesting linkage then takes place: if the web site does
basic URL access logging, they can know that someone whose email
address was <your_address@wherever.com> accessed the URL from some IP
address at some moment in time.

If your web browser quietly stores cookies, remote web sites can link
things up further, so that if you visit that web site again, they can
identify that it was you before, and you now.

They may not know much about you beyond the email address, but they'll
get to know a few things.

And note that the only thing about this that you can forcibly do
anything about is to choose not to follow the web links. 

-- 
wm(X,Y):-write(X),write('@'),write(Y). wm('aa454','freenet.carleton.ca').
http://www.ntlug.org/~cbbrowne/security.html
"As long as there are ill-defined goals, bizarre bugs, and unrealistic
schedules, there will be Real Programmers willing to jump in and Solve
The Problem, saving the documentation for later.  Long live FORTRAN!"

Relevant Pages

  • Re: Linux and spyware?
    ... >>An article in today's paper alleges that Linux and MacOS are just as ... And how can spyware be detected and eliminated ... > web browser extensions or in stuff like JavaScript. ... > things up further, so that if you visit that web site again, they can ...
    (comp.os.linux.security)
  • Re: Surf Sidekick removal...
    ... will prevent most spyware from installing: ... > manually, but even though F12 offers an option to boot off CD, it never ... You can't just copy the ISO file onto the disk as if they were regular ... After you use Knoppix to save your files, why not just install Linux? ...
    (alt.linux)
  • Re: Good reading
    ... >> "The Windows platform is not just insecure - it's patently, ... >> As a Linux desktop user himself, ... >> so fed up with spyware, trojans, viruses, and spam, that he ...
    (microsoft.public.windowsxp.general)
  • Re: Linux & Porn
    ... >>Linux you're virtually bulletproof. ... > Most porn sites are actually a cover for spyware infection. ... The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. ...
    (comp.os.linux.misc)
  • Re: spyware
    ... Spyware in Linux is really, really seldom because most software in Linux is ... allegations against Realplayer are based on facts. ... And the spyware that is common on Windows systems cannot run on Linux ...
    (alt.os.linux.suse)