Comments by "Anony Mousse" (@anon_y_mousse) on "This New Malware Targets Linux Job Seekers" video.

  1. You need another edit, it doesn't treat files without extensions as executables, but rather solely when they have the executable bit set. The behavior of interpreting the file extension is down to the GUI file browser that you use on your system. From the terminal the only way to execute a file in the current directory is to have the executable bit set and to have it as the command to run with the prefix of ./ unless you do something really dumb like adding the local directory into your path. I specifically add a .x to the end of the filenames for binaries generated from my own source code so I know that it's executable whether I've got colors enabled at the terminal or not.
    3
  2. Since you asked, I freelance, so I could do just about anything from one day/week/month/year to the next and back again. I don't explicitly look for Linux specific jobs, but if a job is listed specifically as Windows I more often than not reject it. I also open files from the terminal so character sets matter little, but I also also rename files I download to a name of my choice which is always ASCII only.
    2
  3.  @UltimatePerfection  That's what I was wondering, but the zip/unzip utilities on my system do save permissions and executable files have that flag preserved. A simple `touch foo bar; chmod +x foo; zip ba.zip foo bar; mv ba.zip ..; cd ..; unzip ba.zip; ls -lh foo bar` will demonstrate it if your system is setup in a similar way.
    2
  4. Except that `file` would catch it because it reads the file signature. Try it out with `cp /bin/bash bash.pdf; file bash.pdf`.
    2
  5.  @poissonpuerile8897  Constant vigilance is the best way, though. Could setup a shell script to check files and add it to the right click menu. I don't browse my files from a GUI program so someone else would have to give tips on that, but checking for absolute paths before extraction and looking for executable permissions once a downloaded archive is extracted are pretty easy to do from the terminal.
    2
  6.  @blinking_dodo  Indeed, it depends on the settings of whatever GUI program you're using. As someone who practically lives in the terminal my PDF viewer will print an error message when given an executable as input.
    1
  7. Weird take since this issue has nothing to do with Xorg or any program specifically for it. You can set Dolphin to not immediately run binaries, or you can do the opposite and be unsafe. I'm sure other FM's can as well, but Dolphin runs perfectly fine with Wayland and you can still turn that extra step of security off.
    1
  8.  @Immudzen  If you know how to do something then it's easy to do that something, and Windows is just as insecure, except that it uses obscurity as a security measure. If you had no clue how Linux worked, it'd be the same as your average Windows user trying to break in.
    1
  9.  @Immudzen  While that aspect isn't great, you can bypass the login screen on Windows regardless of its crash security. And if you don't know how to crash the screen locker on Linux you wouldn't be able to bypass that. Again, security through obscurity isn't a proper way to do security. However, this also still depends on you having X actively running at startup, which need not be the case, and you need not keep it running to maintain the security. For instance, if I don't login when I first boot up the system and call startx from an alternate virtual terminal and logout between uses, it's more secure than Windows.
    1
  10.  @bigbay1159  Considering that he didn't contradict him, why should he? If you're using a GUI FM then you'll merely double click the zip file to open it with an archive viewer and once the "pdf" is extracted you'll double click it to view it. If the FM you're using isn't set up with the default behavior that Dolphin uses, which is to say that it asks if you're sure you want to execute it when you double click a binary, then you'll expect the PDF browser to open and the program will indeed open it, but it'll do something else in the background as well. It'll be the same double click action regardless of whether you're opening it for browsing in a PDF browser or executing it and since the execute permissions will be saved by the zip file it'll at least try to run it.
    1
  11. Yes and no. It would only sometimes work, especially if the user's language includes that same dot character. If you're using a GUI file manager, Dolphin at least has options to not immediately execute programs that you double click, and others might too. If you're at the terminal you can just do a quick `ls -l` to check the permissions and/or `file` to check that it's not a binary.
    1
  12. Personally, I wouldn't mind if file names were restricted to ASCII, but people that use languages other than English would not. For my part I only ever name my own files with that limited character set, except for some weird tests that I tried out, even when downloading things from the internet I make sure they have a name I've given them, but not everyone bothers to do such things.
    1
  13.  @bigpod  Indeed, the different character sets do pose a problem. The only way it could be different is if everyone adopted the Latin alphabet and we never used other characters. There is precedent for that with Tagalog which uses a Latin alphabet despite its decidedly non-Latin roots, but I very much doubt that even a majority would be willing to go that route.
    1
  14.  @bigpod  For any language to convert to such an alphabet they'd have to use letter combinations to denote different sounds. A common one is "zh", and they might not have exact corollaries either, so for a lot of languages they'd probably lose something. But like I said, there's no way that a majority of people would even accept that. I'd wager most Asian language speakers would be offended at even the suggestion. Can you imagine what Japanese would look like?
    1
  15.  @bigpod  Yeah, that's exactly the point. Most people would refuse to accept that.
    1
  16.  @ryannicholl8661  That would be nice. Unicode has gone insane, adding "emojis" and other nonsense like that, but duplicate characters is taking it too far, IMO. Although, I do like ASCII as a backup, which UTF-8 allows and hopefully, if something replaces it, it would allow that as well.
    1
  17. Most documents are contained in zip files anyway, so I'm not entirely sure that makes anything safer, but at least downloading a PDF from the internet directly won't have the execute permission set.
    1
  18. You can use a file extension for your binaries if you want, and for the programs I write I always add a .x so I can tell what it is with or without terminal colors displayed. Secondly, the problem here is because unzip is resetting permissions to what they were as zip will preserve such permissions when creating an archive. You could just always open files you download from the internet from the terminal or you could make sure they don't have execute permissions set, either would be safer if your FM isn't set to double check if you want to run a program when you double click it.
    1
  19. It'll just spit out an error message, as does okular which I use.
    1
  20. You can easily setup colors in the terminal, I don't know about any GUI file managers, but `ls` can show permissions that are set and `find` can be used to find all the executable files, say with `find . -maxdepth 1 -type f -perm /111` to list all the files in the current directory only. Dolphin by default is even setup to not execute programs when double clicked until you click a button saying you're sure, unless you turn that feature off anyway.
    1
  21.  @mattheww797  Anything that "your currently logged in user profile has the ability to do" that it wants. So for starters, never log in as root, and maybe if you want to download random zip files, don't.
    1