scarecrow Posted June 1, 2006 Report Share Posted June 1, 2006 http://www.betanews.com/article/First_Star...ound/1149104057 As you see, being a macro virus it can potentially affect every OS in which OOo is running, and not just windblows... Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted June 1, 2006 Report Share Posted June 1, 2006 Just a matter of time when something gets popular. At least it's nothing destructive as of yet, but more a proof-of-concept that it can happen. I wonder what the adult-content is :P Quote Link to comment Share on other sites More sharing options...
Reiver_Fluffi Posted June 1, 2006 Report Share Posted June 1, 2006 Be interesting to see how quickly this is patched up, be more interesting if there is a public display praising a quick resolution, should that be the case. And yes, i'm interested about the "content" :P Quote Link to comment Share on other sites More sharing options...
neddie Posted June 1, 2006 Report Share Posted June 1, 2006 Weird, I can't find any details about this which even hints at it being a virus. It's on slashdot, it's on theregister, but it doesn't say anywhere what it actually demonstrates that's a 'vulnerability'. From Kaspersky, this macro they've written is: theoretically capable of infecting StarOffice and/ or OpenOffice. It's written in Star Basic. It downloads an image file (with adult content) from the Internet and then opens this file in a new document. So it sounds like they've written a macro which downloads an image file. Well woop-de-doop, hardly a revolution. Probably took them a good half-hour. But it doesn't say anywhere that it does this without permission, and it doesn't say it exploits any bug or requires a patch. It's a macro. And most importantly it doesn't say it can spread itself, which would really make it a virus. Sounds like an antivirus manufacturer wants to make some news by hyping a threat. No, surely not ;) Quote Link to comment Share on other sites More sharing options...
tyme Posted June 1, 2006 Report Share Posted June 1, 2006 *shrug* it'll be fixed in a few days, if it's an actual security hole. besides, you're still safer in linux than windows... Quote Link to comment Share on other sites More sharing options...
Ixthusdan Posted June 1, 2006 Report Share Posted June 1, 2006 Curiously, the article talks about the great success of finding vulnerabilities in linux, yet it fails to mention anything at all like a windows machine attack. Theoretical attacks are nice, but windows attacks are real everyday and wreck havoc in the computing world. I thought I was going to read about a real threat. B) Quote Link to comment Share on other sites More sharing options...
ianw1974 Posted June 2, 2006 Report Share Posted June 2, 2006 I thought about this last night. With Linux, and now it seems OpenOffice, they gave a hint that a virus was possible and demonstrated so that we get the chance to fix it before it has the chance to get worse. With Microsoft however, they usually just get infected without any actual warning of "hey we found something, just letting you know" kind of thing. Funny that :o Quote Link to comment Share on other sites More sharing options...
arthur Posted June 2, 2006 Report Share Posted June 2, 2006 it's been mentioned before, but losing $HOME is potentially more damaging for a single user linux system than losing the root partition. for me, that's very true, so I make regular backups. And I never click on shell scripts which say "rm -rf ~/" :P Quote Link to comment Share on other sites More sharing options...
tyme Posted June 3, 2006 Report Share Posted June 3, 2006 losing home can be pretty annoying, but at least it's still bootable ;) and if you use a journalised FS, you can probably get your data back. Quote Link to comment Share on other sites More sharing options...
solarian Posted June 3, 2006 Report Share Posted June 3, 2006 (edited) losing home can be pretty annoying, but at least it's still bootable lol, I imagined how this might sound to someone outside Linux /solarian does a /home backup Edited June 3, 2006 by solarian Quote Link to comment Share on other sites More sharing options...
neddie Posted June 3, 2006 Report Share Posted June 3, 2006 ...and if you use a journalised FS, you can probably get your data back.Erm... I think it depends a lot on what happened.Correct me if I'm wrong, but even a file system with a journal doesn't store the old contents of files. If a malicious program writes a gig of zeroes over your /home directory, nothing in the journal will be able to get you your files back. Journaling helps a lot if a write operation failed halfway, and you'll be able to reperform the write operation, but if it succeeded then I think it would be extremely difficult to recover overwritten data. Arthur's right. True for a corporate, critical server the most important thing is compromising the root, but for a single-user home machine that just means a bit of downtime and a quick reinstall - a signficant but only temporary annoyance. Losing all the personal stuff on /home could be a major nightmare if you haven't got backups - whether the machine is bootable or not.. Quote Link to comment Share on other sites More sharing options...
iphitus Posted June 3, 2006 Report Share Posted June 3, 2006 (edited) http://lwn.net/Articles/186096/rss Press release and commentary. Seems that this has been sensationalised, which seems about right. This 'virus' doesnt actually do anything 'virulent'. it has no propagation mechanism of any sort, nor does it exploit anything. Nothing to see here folks, please move along quietly and dont disturb the nesting penguins. Edited June 3, 2006 by iphitus Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.