Re: File sharing with Bittorrent: what possible security threads?

[Alexander Klimov <alserkli () inbox ru>]

On Thu, 27 Mar 2008, Adam Pal wrote:
> i see no difference between the usual Windows-user and the
> linux-user who stays logged in as root on his KDE and surfs on the
> web (yes, such behavioral patterns exists *G* ), so from this point
> of view, in certain circumstances linux viruses propagate similar to
> windows-viruses.

Probably they can, but do they really?

Consider, for example, an attack described by F-secure
<http://www.f-secure.com/weblog/archives/00001406.html>.

  When you open the attached PDF file, you actually get a real
  PDF document with a relevant statement. However, this is not
  a normal PDF document. It contains a modified version of
  a PDF-Encode vulnerability to exploit Adobe Acrobat when the
  document is opened. The exploit silently drops and runs a file
  called C:\Program Files\Update\winkey.exe. This is a
  keylogger that collects and sends everything typed on the
  affected machine

Is it possible to write a keylogger for Linux and construct such
an attack? Sure. Are where enough Linux users to justify the cost
of development? No! And, by the way, almost for sure an exploit
against Adobe Acrobat will not work with xpdf, plus there is
a good chance that an attack developed for Red Hat will not work
on Debian (or vice versa).

-- 
Regards,
ASK