Originally posted by Julius
View Post
Linux being a moving target goes a long way to making exploits like ransomeware and NSA payloads a royal pain in the ass to develop, deploy, and keep working. Thus one piece of ransomware targettting Linux and it was itself cracked, while there are a whole bunch or Windows ransomlockers for which the only remedy is to nuke the whole system from orbit. Anyone paying ransom deserves to be hit again as they are enabling the whole situation.
Also, the NSA has used fancy hard drive firmware resident attackware that turns around and uses only a Windows payload, as Windows and the firmware are both targets that move slowly. The FBI's crack against a version of Firefox once used in Torbrowser and deployed against users of Freedom Roads hosting used only a Windows payload. The combination of a small desktop installed base and the royal pain in the ass of maintaining a payload to target at least three distros, mulitple versions, and worst of all rolling releases (like I prefer) has repeatedly deterred the development of Linux payloads for cross platform and hardware cracks.
Don't forget: most servers run Linux, so most server exploits are Linux cracks against small installs with no X server, etc! They can get in because a server has to listen to the outside world. A Linux tablet full of always-connected apps is almost the same thing, and it only takes one bad app in a cracked sandbox to let in a ransomlocker, the local cops on some anti-pornography crusade, or even a divorce lawyer with a 12 year old hacker son.
Comment