Choose style:

Author Topic: AIO Security(Firewall, Antivirus, etc.)  (Read 6903 times)

0 Members and 1 Guest are viewing this topic.

Online PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 23938
  • Karma: 2656
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #15 on: April 23, 2015, 10:39:38 am »
Why do you think I'm hiding behind him .. mac is the only thing tougher than Chuck Norris beard :)
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Online PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 23938
  • Karma: 2656
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #16 on: April 23, 2015, 11:59:45 am »
Sorry perknh .. nothing personal meant mate, just a favourite ranting topic of mine ;)
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 3666
  • Karma: 290
  • Soy un huevo que adora Peppermint.
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin (64-bit)
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #17 on: April 23, 2015, 12:44:47 pm »
Thank you, PCNetSpec,

My wife and I used unsecured P4 for about a year without anything other than a great experience.  In fact, it was P4 that made us both Peppermint Linux OS lovers.
 
I've decided to unsubscribe to Matthew Moore's videos.  I beginning to think that video might be one of the first public clues that there is a little business spat going on between Michael Moore and Spatry, and that this business spat is being shown in the guise of sharing useful information.  I didn't want you to watch the entire thing, but there were a few digs at Spatry in that video, and I'm quite sure the two were business partners at one time.  I wouldn't be surprised if that project they had going --an alternative to DistroWatch -- might be falling apart at the seems.  Hey, who even remembers it?

What happened was I received that video last night and I brought it to you this morning precisely because of your integrity and definitely NOT to question it!

PCNetSpec, your answer was very informative, and will help keep this thread alive, and certainly will a lot of confused people down the road.  I spoke with Mac yesterday about being both dazzled and baffled within the world of Linux.  That video was a good example of how one can become baffled with bull____ while not being 100% certain how to relieve the information.  (I didn't realize I'd find such a good example of such bewilderment so quicky to share!)

I think I'll be sticking with Spatry on YouTube.  Besides, on one of his old Peppermint videos, Spatry ended the video by saying he believed he had found a winner here with Peppermint Linux OS. 

And, of course, Spatry was right about that!  ;)

Thank you,

perknh
« Last Edit: April 23, 2015, 12:49:05 pm by perknh »
We're all Peppermint users and that's what matters...
-- AndyInMokum

Online PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 23938
  • Karma: 2656
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #18 on: April 23, 2015, 01:23:38 pm »
OK further info...

The "Imagination" (a lightweight DVD slideshow maker using GTK+2) software is in the default repos .. this is the same software that he's talking about in his video (see the tooltip as he attempts to start the software from his dockbar..

So I thought it'd be interesting to test his claim against a copy from a known trusted source.

I've downloaded and installed sophos 9.9

I installed imagination

Starting Imagination it fires up without issue

checking the /var/tmp/imagination directory .. well with imagination runniing /var/tmp is empty

full system scan with sophos .. nothing

strace also showed no forked child processes.

I'd say my suspicions are right, the guy has probably specifically hunted for some infected software from a totally nefarious source to help prove a warped point .. and I don't for one minute think he got the source code to "rebuild it" from the actual authors.

If I were the authors of imagination I'd be seriously pi**esd off at this and someone should point it out to them and allow them to respond.



I think this closes the matter ?

Installing imagination from a known and trusted source was 100% safe (even according to sophos) ::0

It would not be in the repos if it were known to contain malware .. it would be spotted REALLY quickly , and if it were added by the authors the package would likely never make it in again .. remember, ALL the packages in the default repositories were when they were submitted and are still open to code review and have a lot of eyes on them.



Full system scan results from sophos 9.9 whilst imagination was running:-
Code: [Select]
mark@AA1-Blue /opt/sophos-av/bin $ sudo savscan /
SAVScan virus detection utility
Version 5.12.0 [Linux/Intel]
Virus data version 5.13, March 2015
Includes detection for 8899461 viruses, Trojans and worms
Copyright (c) 1989-2015 Sophos Limited. All rights reserved.

System time 18:30:31, System date 23 April 2015

Quick Scanning

Could not open /home/mark/.config/pulse/96bb382fb2353661ffc6b66455208483-runtime
Could not open /var/run/user/1000/gvfs
Could not open /usr/lib/firefox/hyphenation
Could not open /usr/share/doc/python-jinja2/html

23878 files scanned in 14 minutes and 6 seconds.
4 errors were encountered.
No viruses were discovered.
End of Scan.
Point proven .. now to remove sophos, though I might take a look at imagination :)
« Last Edit: April 23, 2015, 02:01:39 pm by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline rjm65

  • Veteran
  • ****
  • Posts: 1003
  • Karma: 300
  • I have Peppermint Fresh Breath. :P
    • View Profile
  • Peppermint version(s): Win-98 /Win-7/ Peppermint 9
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #19 on: April 23, 2015, 02:16:24 pm »
so why has nobody commented these facts, and tell this guy what an idiot he is...  after watching if for just a few minutes, i can see he is a complete moron?
Robert
Peppermint 9 User

Gateway Solo 9300 Pro
IBM T40

Offline perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 3666
  • Karma: 290
  • Soy un huevo que adora Peppermint.
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin (64-bit)
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #20 on: April 23, 2015, 02:46:20 pm »
Quote
I'd say my suspicions are right, the guy has probably specifically hunted for some infected software from a totally nefarious source to help prove a warped point .. and I don't for one minute think he got the source code to "rebuild it" from the actual authors. --PCNetSpec

Yes, that makes sense.

Quote
Point proven .. now to remove sophos, though I might take a look at imagination :) --PCNetSpec

And I just removed Matthew Moore's videos from my email subscriptions!  He appears to be up to no good against somebody or something.  Why?  I don't know.

Quote
so why has nobody commented these facts...rjm65

With the help of PCNetSpec, in particular, and Peppermint forum, at large, I needed help sorting truth from fiction regarding the heaps of material this fellow has been generating.  What I saw last night in that video didn't sit right with me, but I couldn't quite put my finger on what information being conveyed was wrong.

Anyway, case solved!  As far as we're concerned, thanks to the good detective work of PCNetSpec, a mystery has been solved for us here today within Peppermint forum!  :)

Thank you,

perknh

We're all Peppermint users and that's what matters...
-- AndyInMokum

Online PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 23938
  • Karma: 2656
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #21 on: April 23, 2015, 06:11:31 pm »
:) :) :) YES, Linuxmafia.com is back (including "Rick's Rants") :) :) :)

Here's what I have always pointed people at that ask about Linux and viruses

It's been offline for about a year now, Rick said linuxmafia would be back eventually (once he sorted his server issues) and I'm seriously happy it is

Anyway, this says it like it is .. a bit long and old, but  applies as much today as when it was authored.

WANNA KNOW ABOUT LINUX AND VIRUSES, HERE'S WHAT TO READ

Rick's Rants .. enjoy:
http://linuxmafia.com/~rick/faq/?page=virus



And just for completeness .. here's the other link I've always pointed people at (not as concise as Rick's Rants though)
http://www.caribyte.com/articles/short_life_hard_times_of_linux_virus
« Last Edit: April 23, 2015, 06:16:41 pm by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 3666
  • Karma: 290
  • Soy un huevo que adora Peppermint.
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin (64-bit)
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #22 on: April 23, 2015, 07:02:33 pm »
It's a great read, and a fun one too!  :)

Thank you, PCNetSpec!
We're all Peppermint users and that's what matters...
-- AndyInMokum

Online PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 23938
  • Karma: 2656
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #23 on: April 23, 2015, 07:13:12 pm »
No problem, you're most welcome :)
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline AndyInMokum

  • Global Moderator
  • Hero
  • *****
  • Posts: 4809
  • Karma: 1011
  • "Keep on Rockin' in the Free World"
    • View Profile
  • Peppermint version(s): PM 9 & PM 8 Respin-2 (64-bit)
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #24 on: April 24, 2015, 07:21:59 pm »
Hi perknh, I had a look at the video you mentioned. 
Code: [Select]
https://youtu.be/y_lhqg_p21k
This bloke has no concept of the scientific analytical process.  I admit I couldn't get too far past his blatant plug for Sophos computer security and antivirus software.  Watching him scratch his face and fiddle with his nose every 10 seconds was making me itch too.  After reading all the sycophantic replies, I felt it was time someone asked some home truths and rattled his annoying self satisfied smugness. This is what I posted: 
Quote
I have to question the validity of your malware test.  The whole test process is flawed. I have to ask where did you get the infected software from?  I seriously doubt it was from an official repository.  The video indicates that the alleged piece of malware causes Imagination not to launch. I'm sure if software with such a huge flaw was in an official repository, it would have been noticed and reported.  Why should we trust a piece of proprietary software like Sophos?  We are unable to see its source code.  What do they not want us to see?  The video doesn't show Sophos being tested against the results from other AV software.  The accuracy and reliability of Sophos is based solely on a test on a piece of software with questionable origins and your opinion. Where is the control test and what are the specifications of the the control?  What was the alleged trojan? What was it supposed to do and how was going to do it?  If malware is so prevalent in Linux systems as this video implies.  Why is it not the main topic of discussion in every Linux forum on the planet?  Your whole argument appears to lack the basic information and the processes needed to validate the results of the test.  I see nothing conclusive based on the information presented in this video.

Here's his reply, (I don't think we're ever going to be friends  ;D).
Quote
It was in the Temp directory for that program. So obviously it came from a file opened by that program.  And i don't subscribe to this concept that OpenSource means it's better, or Closed source means it's worse. Anybody that registers for a Dev program can see the source code. So who the hell cares?  This whole debate of Proprietary vs. Open, Free, and Non-Free. It's just politics as far as i'm concerned.  OS X is by reputation the most locked down platform in the industry. As a registered OS X developer, I can see any part of the code i want. OpenSource allows the general public to see the code. For the most part, the people that actually know what they are looking at, are Developers. and the developers can see the code regardless of what the software's political status is. Things like HeartBleed, and the glibc exploit that are both over a decade old prove that The ability of the OpenSource community to find issues in the system is no better then anyone else. Software is Software no matter how you try to define it. It's all the same.
As you can see, he's unable to answer simple questions.  Instead he just harps on about political differences between Open source and Closed source with a little bit of OSX thrown in for good measure.  His whole argument is based on his own unsubstantiated opinions.  He says absolutely nothing of relevance in regards to answering my questions.  As far as I can see, he's in love with the sound of his own voice.  It's garbage and misinformation like this that deters an already nervous public from using the Linux desktop.  That's my rant for the weekend  ;)!!
« Last Edit: April 24, 2015, 07:24:43 pm by AndyInMokum, Reason: Getting rid of YouTube video »
Backup! Backup! Backup! If you're missing any of these -  you ain't Backed Up!
For my system info please L/click HERE.

Offline mac

  • Global Moderator
  • Veteran
  • *****
  • Posts: 1088
  • Karma: 335
    • View Profile
  • Peppermint version(s): Peppermint 7-8-9
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #25 on: April 24, 2015, 07:45:17 pm »
Kudos, Andy  ;)
Peppermint: Standing Out from the Cloud
Reg. Linux User #432835

Offline AndyInMokum

  • Global Moderator
  • Hero
  • *****
  • Posts: 4809
  • Karma: 1011
  • "Keep on Rockin' in the Free World"
    • View Profile
  • Peppermint version(s): PM 9 & PM 8 Respin-2 (64-bit)
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #26 on: April 24, 2015, 07:54:24 pm »
Kudos, Andy  ;)

Cheers mac someone had to say something in reply to the guff this bloke is spouting  ;D!!
Backup! Backup! Backup! If you're missing any of these -  you ain't Backed Up!
For my system info please L/click HERE.

Offline perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 3666
  • Karma: 290
  • Soy un huevo que adora Peppermint.
    • View Profile
  • Peppermint version(s): Peppermint 9 Respin (64-bit)
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #27 on: April 24, 2015, 08:38:12 pm »
Hello AndyInMokum,

I have to thank you and PCNetSpec for all the help you have given me here.  PCNetSpec has proven that Matthew Moore's conclusions are invalid.  And, you took the time to ask him some important questions about his testing methods.  Matthew Moore either could not answer these questions, or his answers were a form of deflection --a way of refusing to answer your very legitimate questions.

No matter how you cut it, there's something very fishy about Matthew Moore's Linux and malware argument.

PCNetSpec and AndyInMokum, thank you for taking the time to explore this issue.  I'm so glad I asked that question yesterday, and I am more convinced than ever that Linux, and the more limited BSD-like OSes, are the safest OSes in existence.

(And, now, after reading you, AndyInMokum, I believe I should installed Firefox tonight from our repository, and not from running the terminal command sudo apt-get install firefox! But, something tells me, I didn't take too much of a risk installing Firefox through P6's terminal --but, you know, I should have used our software manager.  That's what it's there for!)

Thank you so much,

perknh
« Last Edit: April 24, 2015, 09:09:14 pm by perknh »
We're all Peppermint users and that's what matters...
-- AndyInMokum

Offline mac

  • Global Moderator
  • Veteran
  • *****
  • Posts: 1088
  • Karma: 335
    • View Profile
  • Peppermint version(s): Peppermint 7-8-9
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #28 on: April 24, 2015, 09:16:46 pm »
I should have used our software manager...

Six of one / half-dozen of the other there perknh.  Software Manager (like Synaptic) is, as I understand it, essentially a GUI front end for apt.   Installing from command line or package manager shouldn't make any difference unless you run into some kind of dependency nightmare which, installing from the default repositories, would be rare.   So, type away or click away with confidence  ;)
Peppermint: Standing Out from the Cloud
Reg. Linux User #432835

Online PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 23938
  • Karma: 2656
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 8R, 9, and 9R
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #29 on: April 24, 2015, 09:29:57 pm »
There's just so much wrong in his response that  I can't be bothered .. suffice to say it's not only deflective, but is as full of inaccuracies as his original comments on Linux and malware.

Quote
As a registered OS X developer, I can see any part of the code i want.


(stop it, it hurts)



@ perknh

When using the terminal commands "apt-get" or "apt install", you are still getting the software from the same repositories as using synaptic or the software manager, both of which are just GUI front ends for apt anyway ;)
« Last Edit: April 24, 2015, 10:34:27 pm by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec