Gogo SempaiWell that didn't go as expected...
mexicancartelAnd anti cheat don’t work…
Malware that gets into internals of windows probably fail like anti cheat
unless its just simple ransomware that will nuke your /home content if you don’t sandbox it
Windows version of rm -rf /* would work
It can still corrupt files. I knew that wine was the shut when I had to delete my wineprefix because Eve Online complained about corrupted file. Even better, a virus scanner would run and detect the malware.
technically that is only true if the malware in question does something in the kernel or relies on an unimplemented wine api call, since a lot of malware is an infostealer or ransomware, its quite likely that it’ll work just fine under wine
“Well no problem, they can’t run without root privileges!”
/home left the game
Time to go back to our “roots” then.
Well, the difference is that you can eradicate the Malware for Wine by doing a quick sudo apt-get purge wine && apt-get install wine and be done with it.
That wouldn’t remove the Wine prefix, i. e. the virtual C:\ drive where the virus most likely lives.
Uninstalling Wine wouldn’t do shit since it only removes files that your user (and thus wine) can’t even write to, and if a virus manages to get around that you have bigger problems.
somedaysoonI don’t use Wine so I’m really not sure if this would be prevented, but if Wine has read/write file access and the virus is ransomware and encrypts your files then that wouldn’t really help, right?
I don’t use Wine so I’m really not sure if this would be prevented
It is not prevented. In fact I saw a video where someone removed the Z:\ drive for wine (the path that gives windows apps access to the whole Linux rootfs) and then ran Wannacry, and it was somehow still able to encrypt all writable folders on the system.
Something Burger 🍔Even better: Wine defaults to giving access to your whole drive to new prefixes.
Though only your personal files are at risk cause of permissions.
spacesweedkid27 Just use a virtual machine to execute windows programs.
Wine is way too unstable.
Do both options require a Microsoft license?
No option really does
Nah. My windows 10 VM has been asking me to activate windows for years.
Never will.
Just use massgrave’s activation script from GitHub… works like a charm
So unstable that you can play elden ring with it
And build an entire gaming console around it (Steam Deck)!
Murdo MaclachlanImage Transcription: Meme
[Gru, the long-nosed protagonist of the “Despicable Me” franchise, presents to the camera, pointing into the air and smiling. Behind him is a flipchart with text reading:]
And the best part about using Linux: No viruses!
[Still presenting, Gru has his hand in a C shape and his head down as he peers at the gap between his fingers. The text now reads:]
Look at this, a website downloaded a malicious .exe on my machine.
[Gru now has his hands pointing down, fingers splayed, still presenting. The text now reads:]
*Double Click*
See? Nothing happe…
[Gru looks back to the flipchart in a double-take, his eyes round and wide and his mouth downturned. The text still reads:]
*Wine is launching*
[The Wine logo: a slightly tipped wine glass with red wine sloshing inside it.]
I am a human who transcribes posts to improve accessibility on Lemmy. Transcriptions help people who use screen readers or other assistive technology to use the site. For more information, see here.
Good human
Thanks human
MinnesotaGoddamOh gods I’m tired. I read:
Image Transcription: Meme
And saw the line break and thought “Wow. That was a good transcription.” I think I need to go back to bed.
paolDoes Lemmy not support alt text? I can’t add alt text from Infinity for Lemmy; is that because Lemmy doesn’t support it or just my client? Because they really should.
As far as I’m aware, Lemmy unfortunately does not provide the option to add alt text to images. Hopefully that will change, though!
Oof that sucks. Thank you for answering :)
Really? So when I write /, the alt text does nothing?
It would be great if it had proper alt text. But since an image post can have an additional text body you can put an image description there. I guess it’s a good idea to wrap it in a spoiler/<details> element.
Gru…
::: spoiler Image description Gru… :::</details>
I use Nix, so I’ll just reinstall my system if anything really bad ever happens. Sometimes I reinstall just because. My important files are on a delegate drive I have to manually mount, so I’m not too worried.
seitanicOne of the things I learned several years ago was how to set up my HD so that the system and home folder are on different partitions. It isn’t terribly hard to do, and every OS installer I’ve used gives you the option. It’s served me very well.
LlewellynWhat’s the purpose of having system and home folder on different positions?
You can easily install a new system if your system gets borked or you just want a new distro, and you won’t lose your files.
I don’t have a need for that atm(like I said, my laptop has a separate drive), but will look into that in case I ever need it in the future. My problem with this personally tho is that I share my drive between Windows and Linux, and Linux doesn’t exactly play well with NTFS. Sounds really cool however for having a multi boot Linux system, with all your files shared between distros.
elscallrTake the next step, and write a simple ansible playbook to configure your installed applications and services. It looks a little complicated at first but it’s pretty easy.
Then you just keep your playbook with your other files. When you decide to reinstall, you just install ansible then run it on your playbook. It’ll install and set up everything you add to your OS.
NixOS really is the next step from an ansible setup like yours imo. It can and usually is a fully declarative and immutable system outside of your nix config and whatever personal files you have.
Yeah, I get that. I’m not about to trust NixOS for my production machines at work and since I already know Ansible it’s just as easy for me to manage my home machines the same way.
Of course it’s all personal preference, but I’ve been managing my dot files from the very beginning with nix(home manager). Never tried ansible, but, just like you, don’t really need to, as everything is already set up well in Nix(including all my configs for all my programs).
I only know the Ansible as the intergalactic communication system from Ursula K Le Guins novels, so this comment is too cool to me.
That’s almost certainly where it came from. This might be hard to believe, but Linux devs are often huge nerds.
1984Impossible.
unheard of.
Oh I’m sure, that word isn’t used for a lot of other things. It’s neat how much anarchist and socialist lore is hidden inside of FOOS and Linux tech terminology, including the word Ansible. So refreshing compared to closed source devs unironically naming their products after murderous AI or what have you.
I know it is from the Ender’s Game series, personally.
Ansible was indeed used by Orson Scott Card in his Ender’s series, about 20 or so years after it was first coined by Le Guin. Funny to think of someone reading such good novels as Ursula’s and still coming out of it a bigoted asshole.
PyroThis happened to me not long ago when I found a monero miner running on my laptop. Being a highly technical person, I feel unbounded shame.
How did you figure out it was running? How did you confirm? Teach me your methods please
I might be able to find a weird service or background app at most. Figuring out what is actually happening is beyond me.
It was pretty easy to spot in
htop since it had really high CPU usage. Plus, the command line args it launched with included the word “Monero” multiple times, so that was a bit of a giveaway haha
I sometimes leave my laptop on, but the monitor turned off when I go to sleep. Sometimes when I wake up, the fans on the laptop will be running full speed, which dies down soon after I turn the monitor on and use the laptop for a little while. Do you think this might be a symptom of some covertware running on my laptop?
Perhaps.
There may be easier ways to test for this, but what comes to mind is if you install your current OS again on another partition and then leave it as you usually do, and see if the fans do the same thing. If they do, it might just be a fault with the fan control or sleep state or something.
If it doesn’t happen, I’d assume something fishy is going on. Maybe try and set up a script to log your CPU usage and what’s using the most every few minutes. That might catch something?
I’ve just now had another thought. If it’s trying to be covert, maybe just leave your task manager / htop open and don’t touch anything for a while, it might think you’re afk and start running again. If it doesn’t, it could be checking to see if common monitoring tools are running and stopping itself to avoid detection, if that’s the case you’ll have to be a bit smarter about trying to catch it.
tl;dr Maybe. Run a virus scan if you can, or try and find it yourself if you think you can. If all else fails, nuke the OS and start again.
That makes sense. In the end I guess it depends on what level any malware expects the user to search for it on. Thanks.
Was it still through WINE? I’d feel bad for the miner as well as it likely couldn’t have done the MSR mod so low hashrate lol.
Feeling bad that a scammer couldn’t scam hard enough is hilarious. Only in a Linux forum.
Tbf, if you get an OOTB distro infected, that is most definitely user error
If you (somehow) manage to get gentoo or lfs infected, I’d still consider it user error lol
LFS maybe, but gentoo or arch is understandable because you have to set the security up yourself.
Yes it was, I run Zorin (Ubuntu-based) on my laptop.
rovingnothing29This is why I always test suspicious files on my work issued PC.