Language Selection

English French German Italian Portuguese Spanish

The Malware Problem (and a solution)

Filed under

So, there have been some discussions about possible solutions for this issue. Some have proposed that we add a review process to all of this, so that anything that gets uploaded gets a security check from some KDE developers. That's a neat idea on paper. But only there. This couldn't possibly work out, for two reasons: 1) Manpower - We simply don't have enough of that. 2) Responsibility - Who wants to be responsible for letting Malware slip through your fingers? This can happen to anyone, and it would be pretty embarrassing. I certainly wouldn't want to be responsible for anything.

Back when we designed the scripting system for Amarok 2 (QtScript, in-process), Ian Monroe and I realized that there isn't really any way to make it secure on a technical level. Sandboxing, automatic malware detection, flying cars - all this works somehow in theory, but in reality it requires some Bruce Schneier to do it, which we don't have (there is only only one Schneier, I guess). So basically we realized that the system would be unsafe, and that we would have to live with it. Amarok is very vulnerable to Malware scripts, because scripts can access most of Amarok, and Qt, and whatnot. Any Joe Schmoe could hack up a two-liner script that deletes your $HOME. So we accepted that reality, and tried to think of some other methods for making it all safer. What we came up with is this:

Rest here

More in Tux Machines

Clonezilla Live 2.4.2-59 Arrives with Updated Debian Base

Clonezilla Live, a Linux distribution based on DRBL, Partclone, and udpcast, which allows users to do a lot of maintenance and recovery work, is now at version 2.4.2-59 and is available for download and testing. Read more

Running Some Fresh BSD vs. Linux Benchmarks

Given the recent releases of FreeBSD 10.2 and NetBSD 7.0, plus the H2'2015 Linux distribution updates rolling around, I've just started work on a new BSD vs. Linux operating system performance comparison. First up are the BSD distributions for testing... The test system being used for this comparison is an Intel Xeon E5-2687W v3 Haswell-E plus AMD FirePro system. Given the new release of NetBSD 7.0, I decided to try that out first. Read more

Android 6.0 Marshmallow review

Android, Google’s mobile operating system, has matured a lot over the past year. It’s running on 1.4 billion devices (up from 1 billion last year) and its most popular app store, Google Play, has more than 1 billion active users. In the last quarter, IDC estimates that Android held 82.8 percent of the global smartphone market. As its newest iteration, 6.0 Marshmallow, rolls out, Android’s going incredibly, undeniably strong. Read more

At the Heart of OpenStack Evolution

As it matures, OpenStack's parallel to Linux is clearer. Linux emerged 20 years ago as a somewhat exotic challenger to proprietary operating systems. Today, it is one of the most popular and widely used OSes. However, Linux still exists in a market of mixed use. It's likely that OpenStack will be subject to the same effect, becoming a viable option among a number of cloud infrastructures. Read more