• Vilian@lemmy.ca
      link
      fedilink
      arrow-up
      31
      arrow-down
      3
      ·
      edit-2
      1 year ago

      that’s why i support flatpak as the universal package manager, vírus can’t work there

      • Hovenko@iusearchlinux.fyi
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        Attacker will steal your browser cookie the same way it does without flatpak. If you have poor security hygiene and bad habits, flatpak nor anything else will save you.

        • Vilian@lemmy.ca
          link
          fedilink
          arrow-up
          2
          arrow-down
          1
          ·
          1 year ago

          if yoy fuck over with the default package manager, the attacker has your system, if you fuck over with flatpak, they have your browser cookie, my point still stand

          sure, nothing beats good security hygiene and habits, but another security layer(plus others flatpak benefits) are a good thing

          • Hovenko@iusearchlinux.fyi
            link
            fedilink
            arrow-up
            3
            ·
            1 year ago

            What you are describing here is fase feeling of security. Many flatpaks have access to your home dir by default. This is already security flushed down the toilet. Browser is the biggest attack vector nowadays and this is where your accounts reside. Worrying about package manager while not giving a shit sbout bank account seems out of place.

  • carpelbridgesyndrome@sh.itjust.works
    link
    fedilink
    arrow-up
    90
    ·
    1 year ago

    I feel personally attacked. Yes I’ve actually done this (minus sending them money). I had a server (that I am pretty sure sent headers to the effect that it ran x86) which had some logs indicating someone had tried to download an arm IOT botnet onto it. So I downloaded it and tried running it through a decompiler. I found a UPX stub. The rest was compressed. So I tried the UPX unpacker. This didn’t work because it was built with a modified copy of UPX. So I hauled out a raspberry pi, reflashed the OS and tried running it in GDB in hopes of just dumping the unpacked bit from memory. Nothing. So I downloaded qemu and set up an aarch 64 arm 9 image still nothing. So I tried 32 bit arm again in qemu. At this point I gave up

  • Kecessa@sh.itjust.works
    link
    fedilink
    arrow-up
    22
    arrow-down
    33
    ·
    1 year ago

    It’s funny cuz it’s a virus, but then you realise that it’s the same thing for shit you actually want to run and that’s the funniest part! 🤡

    • Johanno@feddit.de
      link
      fedilink
      arrow-up
      16
      arrow-down
      1
      ·
      1 year ago

      While it is true everytime I want to install some weird Software, 90% just runs out of the box