darxus: (Default)
darxus ([personal profile] darxus) wrote2010-02-01 07:00 pm
  • Add Memory
  • Share This Entry

Why aren't you running Linux?

It's a sincere question. I'm curious what I can do to help reduce dependence on closed operating systems.

And I'm not saying there's anything wrong with not running Linux, I understand it's not best for everybody. I'm just curious about making it best for more people.

Ubuntu is the most user friendly Linux distribution. It's also the one I use for both desktops and servers. You can download and burn a CD image, and boot into it off the CD without installing, to try it out without installing it. It is very slow that way, because CD drives are slower than hard drives, and everything in the image needs to be decompressed as it's read.

[livejournal.com profile] cathijosephine did the install herself when Windows etc. got too slow on her computer.

http://www.ubuntu.com/ (CD image link is right at the top - download.)

Let me know if you would like me to burn an install CD for you or look over your shoulder while you install.

Freeing up hard drive space under Windows and then repartitioning it for Linux will probably be the hardest part.
Flat | Top-Level Comments Only

[identity profile] darxus.livejournal.com 2010-02-02 01:40 am (UTC)(link)
Mail clients aren't the only way for a Windows machine to get infected.
wotw: (Default)

[personal profile] wotw 2010-02-02 01:45 pm (UTC)(link)
But in the absence of a mail client, would those infections be dangerous to others?

[identity profile] milktree.livejournal.com 2010-02-02 03:20 pm (UTC)(link)
If the virus installed on your system is a mail client you don't know about, yes.

[identity profile] darxus.livejournal.com 2010-02-02 04:02 pm (UTC)(link)
Absolutely. I'm curious how you think it wouldn't.

There could be a security bug in, for example, the Windows graphics libraries. Somebody could craft a malicious jpeg and put it on a web site. Maybe distributed as a free livejournal userpic. You load the web site (in any browser), your browser tells your operating system to display the jpeg in the page, the jpeg exploits (for example) a buffer overrun bug, and now has all the authority of whatever process was responsible for displaying the jpeg. Then it installs whatever it wants on your computer, including software to send spam, and to get information from anywhere on the internet on who to send what spam to.
wotw: (Default)

[personal profile] wotw 2010-02-02 04:38 pm (UTC)(link)
Then it installs whatever it wants on your computer, including software

This was the step I hadn't thought of. Thanks.

[identity profile] darxus.livejournal.com 2010-02-02 05:31 pm (UTC)(link)
You are quite welcome.
wotw: (Default)

[personal profile] wotw 2010-03-03 11:02 am (UTC)(link)
With apologies for the month-long lag in returning to this (and apologies for my ignorance, which I'm sure is considerable), I realize I still don't quite get this:

Then it installs whatever it wants on your computer, including software to send spam, and to get information from anywhere on the internet on who to send what spam to.

So...the malicious bug installs a mail client on my machine. But before it can send mail from my machine, it needs to connect to a server, no? And since my machine doesn't know about any servers (because I run no mail software), it's going to need its own account on a server someplace---or an account it's hijacked from someone other than me. But once it's got that server account, what does it need my machine for?

The perpetrator of the malicious software presumably owns a computer, on which he can install a mail client that connects to a server. Or he can install a client on *my* machine that connects to the same server. Any mail he sends will come from that server, and presumably will look the same no matter where the client was, no? So what advantage does he derive from installing a client on my machine instead of his own?

[identity profile] darxus.livejournal.com 2010-03-03 12:31 pm (UTC)(link)
It just connects to the mail server of the recipient. The protocol was created when nobody had any reason to consider security.

I could connect to your mail server using the "telnet" command, type in an email to you, and tell it I'm anybody I want.

I'll try to remember to send you a demonstration later.

With a couple exceptions. I don't know how much detail you're interested in. Feel free to come back to this paragraph later. The only thing in an email that can't be forged is the sender's IP. Often receiving mail servers will verify that the sending IP has a valid hostname, and sometimes that that hostname has an IP that matches the sender's IP. Also, SPF was created specifically to address this issue, so if you're server is doing SPF validation and I try forging a From: address from a domain with an SPF record, it'll get rejected. There's also a cryptographic signature thing called DKIM, which I believe has a way of saying "reject all email from this domain that isn't signed."

I'm glad you asked. I should probably make a post about the subject.
wotw: (Default)

[personal profile] wotw 2010-03-03 12:34 pm (UTC)(link)
This was extremely informative and helpful. Thank you.

[identity profile] darxus.livejournal.com 2010-03-03 06:34 pm (UTC)(link)
You're welcome.

It may also help to think of your computer as an internet server as much as any other computer on the internet is an internet server.

The most relevant distinctions being that there's a decent chance your ISP has blocked some ports (like TCP port 25, for email) due to these spam problems, and your IP address is likely to be on a list of dynamic IPs that should not be sending email. Nobody can block port 80 (web) because everybody uses it, which is where web forum etc. spam comes from.

The fact that your computer isn't shaped like a pizza box and one of many in a rack somewhere isn't terribly relevant.


Oh, and that SPF thing that sounded potentially brilliant has a major flaw that breaks automatic email forwarding.
Flat | Top-Level Comments Only