Find the answer to your Linux question:
Page 1 of 3 1 2 3 LastLast
Results 1 to 10 of 21
There was an item on the BBC news this morning about a new sort of criminal activity. A keylogger installs itself from a fake news site (or a genuine site ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Engineer hazel's Avatar
    Join Date
    May 2004
    Location
    Harrow, UK
    Posts
    1,195

    Are keyloggers a threat to us?


    There was an item on the BBC news this morning about a new sort of criminal activity. A keylogger installs itself from a fake news site (or a genuine site that's been compromised) and it harvests your passwords and security information and passes them to its owner, who can then take over your bank account, credit card, etc.

    Of course they gave the usual advice: use anti-virus, anti-spyware and a firewall to prevent programs phoning home, and always install the latest security patches (though funnily enough they didn't say "don't use Internet Explorer").

    And I wondered if there is something like that which could be a threat to Linux users. Obviously the programs they were talking about were written for Windows but are there Linux equivalents? Could something like that install itself in $HOME/bin and be a threat to us?
    "I'm just a little old lady; don't try to dazzle me with jargon!"

  2. #2
    Linux Guru
    Join Date
    Jul 2004
    Posts
    4,593
    I noticed that the latest version of Firefox has the option to run it as a separate isolated user. I think that choosing this option will defeat something like a keylogger. That option popped up when it updated to the newest version, so I don't know how to configure it after-the-fact.
    Please do not send Private Messages to me with requests for help. I will not reply.

  3. #3
    Linux Engineer GNU-Fan's Avatar
    Join Date
    Mar 2008
    Posts
    935
    Quote Originally Posted by hazel View Post
    And I wondered if there is something like that which could be a threat to Linux users. Obviously the programs they were talking about were written for Windows but are there Linux equivalents? Could something like that install itself in $HOME/bin and be a threat to us?
    Absolutely.
    Just think about the number of browser plugins the average user has. Many of them even as proprietary as Windows.

    Statistical likelihood and heterogeneity are on our side still, but I do not see any inherent security in the Linux software to prevent such a thing.
    (The first trojans and keyloggers popped up on multiuser UNIX systems, mind you.)
    Debian GNU/Linux -- You know you want it.

  4. #4
    Linux Newbie
    Join Date
    Nov 2007
    Posts
    230
    I gave up on the idea of " computer security" long ago, I just figure that , if someone can hack into the worlds government weapons systems they won't have much problem getting into my meager little box. Ironically I logged in this morning to ask around about an email address that got returned to me this week; not that I'm worried about my machine, but that email addy is work related and there is much drama at my work right now.

  5. #5
    Linux Guru bigtomrodney's Avatar
    Join Date
    Nov 2004
    Location
    Ireland
    Posts
    6,132
    Your risk of getting one is about the same as getting any Windows virus/trojan/worm etc.

    Even Firefox plugins will only install if they are from mozilla.com, and even then only with your authorisation and a browser restart. It's good to be aware of these things but I really wouldn't lose a second's sleep over it.
    Could something like that install itself in $HOME/bin and be a threat to us?
    Thankfully there are too many "if's" there. It'd have to get into ~/bin, it'd have to set itself chmod +x and would then have to execute itself. If it had any of those powers in the first place, it wouldn't have a need to even put itself there

    Good oul Unix, eh!

  6. #6
    Penguin of trust elija's Avatar
    Join Date
    Jul 2004
    Location
    Either at home or at work or down the pub
    Posts
    3,485

    This may seem off topic but bear with me, I'll get to the point in due course

    I thought I understood umask. I did.

    My default umask is 0022 which should mean that any files created on my system have their permissions as 666 - 022 which is 644. That is world readable,, writeable by me and executable by no-one.

    This is why a chmod +x is required to make it runnable.
    This is what protects against malware. See, I told you I'd get to the point

    Why then did Firefox 3.5 beta 4 have a shell script that was automatically executable?
    Isn't this a vulnerability that could be exploited by malware?

    How do I stop it from happening?
    What do we want?
    Time machines!

    When do we want 'em?
    Doesn't really matter does it!?


    Conkybots: Interactive plugins for your Conkys!

  7. #7
    Linux Engineer hazel's Avatar
    Join Date
    May 2004
    Location
    Harrow, UK
    Posts
    1,195
    Quote Originally Posted by bigtomrodney View Post
    Thankfully there are too many "if's" there. It'd have to get into ~/bin, it'd have to set itself chmod +x and would then have to execute itself. If it had any of those powers in the first place, it wouldn't have a need to even put itself there

    Good oul Unix, eh!
    I don't see anything insuperable here. An install script could copy a keylogger binary into ~/bin with the execute bit already set, using cp -p to preserve permissions (incidently that could be the answer to Elija's question too). It could then search for startup files with names like .xinitrc, .Xsession or .XClients and write the name of the keylogger into them so that it executed each time you started a session. It wouldn't actually have to execute itself.
    "I'm just a little old lady; don't try to dazzle me with jargon!"

  8. #8
    Penguin of trust elija's Avatar
    Join Date
    Jul 2004
    Location
    Either at home or at work or down the pub
    Posts
    3,485
    Quote Originally Posted by hazel View Post
    (incidently that could be the answer to Elija's question too)
    Could be... would that work when extracting from an archive?

    And how do I stop it?
    What do we want?
    Time machines!

    When do we want 'em?
    Doesn't really matter does it!?


    Conkybots: Interactive plugins for your Conkys!

  9. #9
    Linux User
    Join Date
    May 2009
    Location
    Big River, Sask, Canada
    Posts
    342
    I believe that a good hacker can install just about anything on my computer. It only takes one vulnerability that hasn't been found and keyloggers or rootkits could be installed. The only question is: is it worth it to do the amount of work necessary to have it work under most distros? I tend to believe that if they are that good, they will likely be attacking more lucrative targets.
    All that aside, I keep all financial information off my computer.
    Registered Linux User #420832

  10. #10
    Linux Guru Jonathan183's Avatar
    Join Date
    Oct 2007
    Posts
    3,042
    I have less confidence in my ability to keep hackers out ... my approach in outline at the moment ...

    separate install for banking info only ... one user with strong password for banking, one user for online ordering with a strong password. Minimum install ... fluxbox, firefox with noscript, rkhunter, router firewall, no swap, sshd disabled, local login only, keep the system up to date - system admin can do straight system update only - chroot in if more complex tasks needing root rights required.

    This is about as good as I can do at present ... and anyway is better than the place of birth, mothers name crap that banks call security information ...

    This is about all I think I can do at the moment ... encryption determined by bank, and need to trust ISP not to implement things like phorm .

    ... and the final protection ... don't have any money to steal

Page 1 of 3 1 2 3 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •