Fair Use Note

WARNING for European visitors: European Union laws require you to give European Union visitors information about cookies used on your blog. In many cases, these laws also require you to obtain consent. As a courtesy, we have added a notice on your blog to explain Google's use of certain Blogger and Google cookies, including use of Google Analytics and AdSense cookies. You are responsible for confirming this notice actually works for your blog, and that it displays. If you employ other cookies, for example by adding third party features, this notice may not work for you. Learn more about this notice and your responsibilities.

Thomas Paine

To argue with a person who has renounced the use of reason is like administering medicine to the dead.

Tuesday, September 22, 2009

Dr. John's Hiding Place | Ubuntu hijacked as Windows?

Linux Ubuntu - hi-jacked as Windows?
http://my.opera.com/nepmak2000/blog/2009/09/22/linux-ubuntu-hi-jacked-as-windows

Not nice what happens these days on the web.
I don't know what you do, but I look each month in search engines for my name. You never know who links to you, who uses your files and misuses your name. It happens more often than you are inclined to think. Running Linux Ubuntu I am not easily scared to collect badware that appears to live its exuberant life amongst Windows-users only. Now and then inspecting my Filesystem's 'tmp'-folder suffices to see what keeps hanging around there and isn't meant for Linux (like some .exe files). Furthermore destroying the latest 'cookies' after a session may help as well to keep the dirt out. However I was hi-jacked in an interesting way. On-screen appeared a notice that my computer had numerous viruses...
For the very daring with excellent anti-virus software here is the suspect link. It may already be blocked for you provided you have excellent protections. If you run on Linux sit back and laugh about this. That won't take long though. You'll be presented a full-blown Windows desktop with an anti-virus program running. You are invited to download (of course you don't or you hang!) some stuff to "repair" the viruses that were ostensibly found. Use the "Force Quite" panel button (which you hopefully have in your panel) to kill things, then you will never get out of here when you can't open another Tab and kill the malicious one. If you tried with a Windows box do run your best anti-virus scanners now - you may be infected already! On a Linux or Mac box it most likely will stay by this experiment unless you indeed downloaded the stuff and had it by reflex (see picture enlarged) installed by CrossOver or Wine! Mind the download screens. This demonstrates how dangerous it is to use Windows software on Linux.

Another problem rose when inspecting Norton Safe Web to find out more about this hi-jacker. The link that Google provided to 'protect-andsecure.net' appeared safe. Yet it wasn't. Only one comment indicated something was terribly wrong there (see picture). Other anti-virus sites also indicated that little danger could be expected. Delving deeper however showed that a site 'searchscan-online' was involved and that one was red marked! Apparently both suspect places caused problems since a few days only. Lucky me, just searching for my name and noticing a rather strange Google entry. But what to do against this sort of attacks? Of course I used Norton Safe Web to file my suspicions. The same for Google. Things will take their run from there. We all must assist to wipe out the badware from the Internet, I think and leave it to the experts to take care of the rest. Microsoft is currently aggressively involved in the hunt and sues scareware websites without further notice. A step in the right direction, then the plague virtually only (still) concerns their products.

Ubuntu has its 'ufw', a simple fire wall, to protect your interests in some ways. You may download the package 'gufw' from the repos to get a GUI for it under System-> Administration as 'Firewall configuration'. In fact that combination suffices to easily set-up exceptions and see if 'ufw' is running.

( At this point a YouTube video 'Host File to Block Ad Malware Websites' is linked to the Opera blog )

The LocalHost website produces a very long list of suspect websites that not only slow down your browser, but also may do other things. You can save this page as a text-file (not HTML) and read the header comments before you do anything else to install it. I shall not explain that, because you might use Windows, Mac OS-X or Linux, each having somewhat different options. It works though and that is what counts today. It even expedites browsing and sometimes considerably. The load of adware that tends to slowdown page-building falls away. I was surprised to be able to indeed block out Google (as an experiment). Using this file may contribute to a sense of security when visiting harmless-looking Url's. Maybe they aren't after all...

John

Reblog this post [with Zemanta]

No comments:

Post a Comment