Saturday 8 December 2007

Malacious help on Linux - and how to avoid it!

Today, I read this intriguing article on dangerous or malacious code on Ubuntu. The article was quite an revealeation in terms of how someone can ensure that your life with Linux is destroyed!

The post talks about some really malacious commands that were provided as solution to questions on various Ubuntu formums. They were cleaverly disguised as simple steps for solviing dialy computing issue while the ulterrior motive was to simple make life miserable for the poor hapless soul using the forum to seek solutions. The post makes you aware of the danger of seeking online help from unknown entities. Although the help on forms are not as bad as getting infected by virus, it dows play upon one main problem - the issue of trust.

Linux/Unix traditionally has been developed from communities and an open forums. Since no formal service agreements generally exist, help is often sought and obtained from communities. If the some malacious users of the very same communities turn against the users then, it does tend to become an issue. Of course, it is wrong to blame the entire community for a few malacious users but, it does suggest one problem of the Open Source model. The issue being raised is, on an average, you get good solutions but, never trust everyone. An implying issue is - how do you know whom to trust and whom not to.

As the very same post mentions, a simple solution is a wait-and-watch approach - wait for sometime to see anyone else responds with similar help of raises concerns before jumping onto to make the change. Other solutions could be:
1. Wait for some posts to appear on reputed blogs - at least a person who maintains a long time, well visited blog will not post malacious help
2. Try and get help from Linux documentation project () or the web site of your distribution - be it Red Hat, Ubuntu, etc. These guys generally maintain the forums to ensure malacious intent is not spread.
3. Post queries on multiple places and then see if you get similar responses. If something looks suspisiously different, raise a flag.

Of course all of this is time consuming but, being safe is better than losing the entire hard-drive! Maybe this is where an idea can be taken out of Microsoft's MSDN community. If something can be created like this, a really trust-worthy site could be developed where users can be relatively well assured of getting decent help.

Reference:
Ubuntu - Global Announcement: http://ubuntuforums.org/announcement.php?a=54

1 comment:

kozmcrae said...

In my nearly 3 years using Linux exclusively, I've never posted a question a a forum. I am far, far too impatient to wait for an answer. I Google a few key words or part of an error message and see what other people got for answers. Of course that does not remove the possibility of seeing a malicious answer. And I do have to take care with old information and answers that apply to other distributions. But I have yet to find a need to post on a forum, not that I won't ever need to.