1. Read the message,again, idiot. If you don't have the answer to the
question, you don't have to feel that you are obligated to reply.

2. Why don't you read the torrent newsgroups and when you find the
answer to the question above, come back. Otherwise, fuck-off.

Well, I can't answer for Mary but my guess is that when you download
Linux distributions, TV shows, and every day downloads, you won't find
malware.

When downloading/sharing commercial applications for windows (I don't
know of any commercial Linux applications), the story is different.
Because of the popularity of some shared windows applications, many of
them are infected, and it doesn't really matter who infects them.

The problem is, when downloading windows applications with Linux, you
won't find anything wrong with them because they only run under windows
so Linux can't detect the malware.

Once you unpack the files under windows, windows can't detect the
malware either. It takes a really good anti virus program to do the job.
I do not yet know of a Linux anti virus program that can detect malware
in such instances.So I guess the logical answer to your question is that
torrent clients such as ktorrent and the like are not really worth having.

Takes one to know one? :)

I would not use the word worry, but linux users need to be careful where
the get there software also. You may trust the creator of your
distribution, or you would not be running it. But to download random
programs from un-verifiable sources is not wise. Malware could be
included in any program from an untrusted source. Even if it is a .deb or
.rpm file it may contain stuff you do not want to run, but is not the stuff
you think you are getting.

stonerfish

Very nice explanation. Thanks! Your website looks good, too! Good luck
in school... :)

I get it now, WinTard.

There are plenty of mainstream executables and programs that are worth
infecting---for any nameable operating system that has users.

Viruses on GNU/Linux systems face many challenges in a properly
configured system. If you are using a system as a user and for example
grant yourself unlimited (and password-less) privileges to use "sudo",
you create a path that can be exploited by any virus. Remember that one
of the key pieces of functionality for a computer virus is the ability
to replicate. If you are running as a normal user, and your system is
properly buttoned down, the probability of a single computer virus
getting very far in terms of replicating is quite small. At most, one
user, on one system, will be affected, and other users will be insulated
from the effects of that virus because the virus is already contained
within the user's environment.

The most damage a computer virus for a Unix-like system can do is
limited to the most damage that a real user of the system can do. If a
user regularly runs as the root user, then it's quite likely that a
virus could take advantage of this and cause the system to act all sorts
of crazy.

However, this is not the case in the default configuration on many
distributions. This is generally accepted to be a good thing, because
there are far many more reasons that one should not regularly run as the
root user. There's just far too much potential to really screw things up.

Trojan horses, on the other hand, tend to be more of a concerted and
directed effort to compromise systems. They are not computer viruses,
because they do not tend to replicate, and because computer viruses are
small, efficient programs that do their jobs and nothing more. If a
cracker-type wants to get into an organization, one potential way to do
it is create a situation where the system administrators would be
tricked into accepting software that they think is coming from a
reliable source, but really has subroutines built into it to transmit
data back to the cracker-type that wants to get into the system.
Otherwise, the program can appear to be perfectly functional.

This can be done in any number of ways. Let's say that the Free
Software Foundation forgets to pay their annual renewal for their web
site's domain names, and someone else buys the domain gnu.org. They
might already have a completely crafted mirror of the GNU software, but
instead of the software being an exact mirror, every piece of software
contains added "functionality" that causes each program to (a) log when
it is run, (b) log all user input that passes through the program, (c)
log any transactions that are run with the program, and (d) send that
information over the Internet (most likely through an encrypted
connection to an SSL-enabled web server or an SSH server) so that they
can benefit from it.

Such distribution of trojans would be short-lived, because it would be
quickly detected. Likely, there would be all sorts of litigation in the
issue, as well, being that these actions would cause harm to the Free
Software Foundation, by harming the reputation of the GNU project.
There are, of course, other ways to plant trojan horses that are far
simpler and do not seem to require as much of a paranoid mind to come up
with. Imagine someone who merely modifies a very popular product used
in the mainstream, such as MySQL or PostgreSQL, packaging it very
conveniently and distributing it via Bittorrent. They could easily
insert code that would log and transmit, for example, all SQL queries
run on the server and the entirety of the datasets that are returned for
each query. Of course, to avoid this, it helps to only download
distributions of such software from the person, group, or business that
created the software, and to audit any extra patches before applying
them to the source tree.

Ubuntu handles much of this for us; this is a good thing. Of course, by
accepting the work that Ubuntu does on the system, we are basically
putting our trust in them that they won't do things like turn MySQL into
a trojan horse. The truly paranoid have the source code available to
build their own packages, if they do not extend such trust to the Ubuntu
developers. This is the great thing about free and open source
software. You do not have this option on Microsoft systems, and what's
more: some fundamental uses of the system (at least up through Windows
XP) require granting far more than the least amount of possible
privilege to the user. If Microsoft Windows could be audited at the
source code level, and if the system didn't require such a strange
security model to run all but the most trivial of software, these issues
might even disappear within Windows; trust in Microsoft would not be
required, and trust would be required to be earned by Microsoft.

So, the reason that you don't find programs for Linux that are infected
is actually two-fold: (a) programs that are "infected"---say, posing as
trojan horses---are likely to be very carefully crafted so that they
only raise suspicion in those who are able to read the source code, and
willing to do so, and (b) because in order to create such "infected"
programs, a significant amount of work must be done. It's far easier to
simply target Windows systems, because not as much work needs to be done
to break into the system. Just create a specially crafted DLL using
Visual Basic that a program can link to at run-time, assume (mostly
correctly) that the user is going to run the program with Administrator
privileges, and also (again, mostly correctly) assume that users aren't
going to notice, and you have yourself a veritable schload of data.

-- Mike

On Mon, 24 Sep 2007 01:24:57 -0500
Yeah, bloody MGM lawyers on my back again, I only downloaded the pilot
for a TV series that had already aired, most of it is on youtube anyway,
bunch of cnuts :-(