<article>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#article09_12_09_2215253</id>
	<title>Malware Found Hidden In Screensaver On Gnome-Look</title>
	<author>timothy</author>
	<datestamp>1260355140000</datestamp>
	<htmltext><a href="http://blog.sageek.co.za/" rel="nofollow">AndGodSed</a> writes <i>"OMG! UBUNTU! Reports the following: '<a href="http://www.omgubuntu.co.uk/2009/12/malware-found-in-screensaver-for-ubuntu.html">Malware has been found hidden inside an innocuous 'waterfall' screensaver</a> .deb file made available on popular artwork sharing site Gnome-Look.org. The .deb file installs a script with elevated privileges designed to perform a DDoS attack as well as keep itself updated via downloads. The dodgy screensaver in question has since been removed from gnome-look, and this incident was a very basic, if potentially successful, attempt.'"</i> A similar report at Digitizor.com says that <a href="http://digitizor.com/2009/12/10/ubuntu-malware-for-ddos-attack-found-in-screensaver/">similar malware was also found in a theme called Ninja Black</a>. For those affected, both sites also provide instruction on cleansing your system.</htmltext>
<tokenext>AndGodSed writes " OMG !
UBUNTU ! Reports the following : 'Malware has been found hidden inside an innocuous 'waterfall ' screensaver .deb file made available on popular artwork sharing site Gnome-Look.org .
The .deb file installs a script with elevated privileges designed to perform a DDoS attack as well as keep itself updated via downloads .
The dodgy screensaver in question has since been removed from gnome-look , and this incident was a very basic , if potentially successful , attempt .
' " A similar report at Digitizor.com says that similar malware was also found in a theme called Ninja Black .
For those affected , both sites also provide instruction on cleansing your system .</tokentext>
<sentencetext>AndGodSed writes "OMG!
UBUNTU! Reports the following: 'Malware has been found hidden inside an innocuous 'waterfall' screensaver .deb file made available on popular artwork sharing site Gnome-Look.org.
The .deb file installs a script with elevated privileges designed to perform a DDoS attack as well as keep itself updated via downloads.
The dodgy screensaver in question has since been removed from gnome-look, and this incident was a very basic, if potentially successful, attempt.
'" A similar report at Digitizor.com says that similar malware was also found in a theme called Ninja Black.
For those affected, both sites also provide instruction on cleansing your system.</sentencetext>
</article>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30385950</id>
	<title>And?</title>
	<author>chucklebutte</author>
	<datestamp>1260439020000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>So this makes what now 10 or so if that Viri/Mal/Spy/Trashware on *nix distro's to the 10,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 on the Windows X series? Just checking.</htmltext>
<tokenext>So this makes what now 10 or so if that Viri/Mal/Spy/Trashware on * nix distro 's to the 10,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 on the Windows X series ?
Just checking .</tokentext>
<sentencetext>So this makes what now 10 or so if that Viri/Mal/Spy/Trashware on *nix distro's to the 10,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000,000 on the Windows X series?
Just checking.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382536</id>
	<title>old chinese proverb</title>
	<author>Anonymous</author>
	<datestamp>1259583120000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>You can't patch stupid!</p></htmltext>
<tokenext>You ca n't patch stupid !</tokentext>
<sentencetext>You can't patch stupid!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30385112</id>
	<title>Trusted sources</title>
	<author>arcofile</author>
	<datestamp>1259604120000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Spank me. Weren't those "free" screensavers a big source of malware for Windows users?

If you install any file on Linux, you've got to say "yes". If you get it from a dodgy source, it can be malware, just like in Windows, and you are the one who gave it permission to do what it wants. DEBs, RPMs, it doesn't matter, they are just like "setup.exe" files on Windows. Get them from a sleazy source and install them and you are just asking for trouble.

The problem here is the source. Gnome-look is trusted by many people and is almost always safe, but something slipped past their radar here.

I only use respectable repos and sources. I'd have thought Gnome-look to be one of them. Maybe they need to be more careful. They can lose that trust if they let things like this happen. I guess I'm glad I am happy with the normal screensavers available on Linux.</htmltext>
<tokenext>Spank me .
Were n't those " free " screensavers a big source of malware for Windows users ?
If you install any file on Linux , you 've got to say " yes " .
If you get it from a dodgy source , it can be malware , just like in Windows , and you are the one who gave it permission to do what it wants .
DEBs , RPMs , it does n't matter , they are just like " setup.exe " files on Windows .
Get them from a sleazy source and install them and you are just asking for trouble .
The problem here is the source .
Gnome-look is trusted by many people and is almost always safe , but something slipped past their radar here .
I only use respectable repos and sources .
I 'd have thought Gnome-look to be one of them .
Maybe they need to be more careful .
They can lose that trust if they let things like this happen .
I guess I 'm glad I am happy with the normal screensavers available on Linux .</tokentext>
<sentencetext>Spank me.
Weren't those "free" screensavers a big source of malware for Windows users?
If you install any file on Linux, you've got to say "yes".
If you get it from a dodgy source, it can be malware, just like in Windows, and you are the one who gave it permission to do what it wants.
DEBs, RPMs, it doesn't matter, they are just like "setup.exe" files on Windows.
Get them from a sleazy source and install them and you are just asking for trouble.
The problem here is the source.
Gnome-look is trusted by many people and is almost always safe, but something slipped past their radar here.
I only use respectable repos and sources.
I'd have thought Gnome-look to be one of them.
Maybe they need to be more careful.
They can lose that trust if they let things like this happen.
I guess I'm glad I am happy with the normal screensavers available on Linux.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383462</id>
	<title>Re:At least it was fixable.</title>
	<author>LordLimecat</author>
	<datestamp>1259588760000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>You dont think a specially designed package could work its way into the innards of your system?<p><div class="quote"><p>On Windows and the like, things are so complicated that Anti-virus software is almost required to remove some of their malware.</p></div><p>This shows me that you really dont know that much about it; most AV software is rubbish once a successful infection has occured.  The best way to remove viruses is either by hand with tools such as Autoruns, Process Explorer, or recovery console, or using automated kits like SDFix, Combofix, or (so ive heard) Malwarebytes.<br> <br>

Once theres real money in doing deep down infections of linux boxes, youll start seeing packages which install rootkit drivers, and require live-booting to remove.</p></div>
	</htmltext>
<tokenext>You dont think a specially designed package could work its way into the innards of your system ? On Windows and the like , things are so complicated that Anti-virus software is almost required to remove some of their malware.This shows me that you really dont know that much about it ; most AV software is rubbish once a successful infection has occured .
The best way to remove viruses is either by hand with tools such as Autoruns , Process Explorer , or recovery console , or using automated kits like SDFix , Combofix , or ( so ive heard ) Malwarebytes .
Once theres real money in doing deep down infections of linux boxes , youll start seeing packages which install rootkit drivers , and require live-booting to remove .</tokentext>
<sentencetext>You dont think a specially designed package could work its way into the innards of your system?On Windows and the like, things are so complicated that Anti-virus software is almost required to remove some of their malware.This shows me that you really dont know that much about it; most AV software is rubbish once a successful infection has occured.
The best way to remove viruses is either by hand with tools such as Autoruns, Process Explorer, or recovery console, or using automated kits like SDFix, Combofix, or (so ive heard) Malwarebytes.
Once theres real money in doing deep down infections of linux boxes, youll start seeing packages which install rootkit drivers, and require live-booting to remove.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30388542</id>
	<title>Re:Security is like sex</title>
	<author>BlueParrot</author>
	<datestamp>1260463140000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Did we not establish a while back that "abstinence only" doesn't work ?</htmltext>
<tokenext>Did we not establish a while back that " abstinence only " does n't work ?</tokentext>
<sentencetext>Did we not establish a while back that "abstinence only" doesn't work ?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383502</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382502</id>
	<title>What the summary didn't mention...</title>
	<author>AlgorithMan</author>
	<datestamp>1259582880000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>5</modscore>
	<htmltext>What the summary didn't mention: the screensaver has been there less than 24 hours.<br>
see <a href="http://www.pro-linux.de/news/2009/15056.html" title="pro-linux.de">pro-linux.de</a> [pro-linux.de] (german)</htmltext>
<tokenext>What the summary did n't mention : the screensaver has been there less than 24 hours .
see pro-linux.de [ pro-linux.de ] ( german )</tokentext>
<sentencetext>What the summary didn't mention: the screensaver has been there less than 24 hours.
see pro-linux.de [pro-linux.de] (german)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382128</id>
	<title>Not more safe</title>
	<author>Anonymous</author>
	<datestamp>1259581140000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>It's been told to all the linux zealots so many times that Linux itself isn't really more secure against malware than Windows. It's only so because it's marketshare is like 0.5\%, if even that, and it makes much more sense to make malware where the (non-geeky) users are.</p><p>This just shows that if ever linux did gain marketshare with casual people enough, the malware problem will be there too. Repositories won't help with that, because people want 3rd party programs and games.</p><p>The funny thing about this is the same that as with Mac OS X users. All of the zealots yelling that Linux/Mac OSX are secure about malware, which results in normal people thinking they can run whatever downloaded "because my OS is secure!".</p><p>And before everyone jumps on the "but you can't get infected by just browsing on porn sites on linux!", why not? What was the last time you got infected by Windows vulnerability? Those attacks are usually against 3rd party programs like PDF or Flash. And guess what, those apps are on Linux too and are just as well exploitable.</p><p>The <i>only</i> reason malware problems are smaller on Linux than Windows is because of the almost-non-existing desktop marketshare and that those who use it on desktop are usually more tech savvy.</p><p>This just shows that if Linux had 95\% marketshare on desktop, and Windows 0.5\%, it would be the same thing but just turned around.</p></htmltext>
<tokenext>It 's been told to all the linux zealots so many times that Linux itself is n't really more secure against malware than Windows .
It 's only so because it 's marketshare is like 0.5 \ % , if even that , and it makes much more sense to make malware where the ( non-geeky ) users are.This just shows that if ever linux did gain marketshare with casual people enough , the malware problem will be there too .
Repositories wo n't help with that , because people want 3rd party programs and games.The funny thing about this is the same that as with Mac OS X users .
All of the zealots yelling that Linux/Mac OSX are secure about malware , which results in normal people thinking they can run whatever downloaded " because my OS is secure !
" .And before everyone jumps on the " but you ca n't get infected by just browsing on porn sites on linux !
" , why not ?
What was the last time you got infected by Windows vulnerability ?
Those attacks are usually against 3rd party programs like PDF or Flash .
And guess what , those apps are on Linux too and are just as well exploitable.The only reason malware problems are smaller on Linux than Windows is because of the almost-non-existing desktop marketshare and that those who use it on desktop are usually more tech savvy.This just shows that if Linux had 95 \ % marketshare on desktop , and Windows 0.5 \ % , it would be the same thing but just turned around .</tokentext>
<sentencetext>It's been told to all the linux zealots so many times that Linux itself isn't really more secure against malware than Windows.
It's only so because it's marketshare is like 0.5\%, if even that, and it makes much more sense to make malware where the (non-geeky) users are.This just shows that if ever linux did gain marketshare with casual people enough, the malware problem will be there too.
Repositories won't help with that, because people want 3rd party programs and games.The funny thing about this is the same that as with Mac OS X users.
All of the zealots yelling that Linux/Mac OSX are secure about malware, which results in normal people thinking they can run whatever downloaded "because my OS is secure!
".And before everyone jumps on the "but you can't get infected by just browsing on porn sites on linux!
", why not?
What was the last time you got infected by Windows vulnerability?
Those attacks are usually against 3rd party programs like PDF or Flash.
And guess what, those apps are on Linux too and are just as well exploitable.The only reason malware problems are smaller on Linux than Windows is because of the almost-non-existing desktop marketshare and that those who use it on desktop are usually more tech savvy.This just shows that if Linux had 95\% marketshare on desktop, and Windows 0.5\%, it would be the same thing but just turned around.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382778</id>
	<title>That just goes to show</title>
	<author>dandart</author>
	<datestamp>1259584560000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>Use your repos or you'll be as defenceless as the rest of them!</htmltext>
<tokenext>Use your repos or you 'll be as defenceless as the rest of them !</tokentext>
<sentencetext>Use your repos or you'll be as defenceless as the rest of them!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382910</id>
	<title>Re:At least it was fixable.</title>
	<author>imerso</author>
	<datestamp>1259585340000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext>Although I like Linux as well, I think you are somewhat wrong here.

This specific malware is a basic one. Wait for the upcoming Linux malware generations, and try to keep your statement that it'll be easier to get rid from Linux...

I can't see any difference, the malware author could patch your bin executables, wreak havok on your etc configuration files, and what not, considering the installer was running as admin.

Think more about that.</htmltext>
<tokenext>Although I like Linux as well , I think you are somewhat wrong here .
This specific malware is a basic one .
Wait for the upcoming Linux malware generations , and try to keep your statement that it 'll be easier to get rid from Linux.. . I ca n't see any difference , the malware author could patch your bin executables , wreak havok on your etc configuration files , and what not , considering the installer was running as admin .
Think more about that .</tokentext>
<sentencetext>Although I like Linux as well, I think you are somewhat wrong here.
This specific malware is a basic one.
Wait for the upcoming Linux malware generations, and try to keep your statement that it'll be easier to get rid from Linux...

I can't see any difference, the malware author could patch your bin executables, wreak havok on your etc configuration files, and what not, considering the installer was running as admin.
Think more about that.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383538</id>
	<title>Re:At least it was fixable.</title>
	<author>ShadowFlyP</author>
	<datestamp>1259589120000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Open and configurable has nothing to do with this.  A sufficiently intelligent malware could have made things as bad as a virus on Windows.  Think of a malware that infects your libc to catch certain system function calls (such as those done by the "remove instructions") and redirects them to innocuous behavior.  Even on a system that provides SHA1 checksum verification of all libraries and binaries installed through the package manager, you are still susceptible to a ill-behaving fopen/fread.  The only way around something like that would be to boot from a clean boot disk with a known-good libc, which is pretty similar to the only way to be sure to clean a virus off Windows.
<br> <br>
The fact of the matter is if you have root access and you run programs without knowing what they do, you are exposed to nasty things irrespective of what OS you are running.</htmltext>
<tokenext>Open and configurable has nothing to do with this .
A sufficiently intelligent malware could have made things as bad as a virus on Windows .
Think of a malware that infects your libc to catch certain system function calls ( such as those done by the " remove instructions " ) and redirects them to innocuous behavior .
Even on a system that provides SHA1 checksum verification of all libraries and binaries installed through the package manager , you are still susceptible to a ill-behaving fopen/fread .
The only way around something like that would be to boot from a clean boot disk with a known-good libc , which is pretty similar to the only way to be sure to clean a virus off Windows .
The fact of the matter is if you have root access and you run programs without knowing what they do , you are exposed to nasty things irrespective of what OS you are running .</tokentext>
<sentencetext>Open and configurable has nothing to do with this.
A sufficiently intelligent malware could have made things as bad as a virus on Windows.
Think of a malware that infects your libc to catch certain system function calls (such as those done by the "remove instructions") and redirects them to innocuous behavior.
Even on a system that provides SHA1 checksum verification of all libraries and binaries installed through the package manager, you are still susceptible to a ill-behaving fopen/fread.
The only way around something like that would be to boot from a clean boot disk with a known-good libc, which is pretty similar to the only way to be sure to clean a virus off Windows.
The fact of the matter is if you have root access and you run programs without knowing what they do, you are exposed to nasty things irrespective of what OS you are running.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382404</id>
	<title>auto-update</title>
	<author>TheSHAD0W</author>
	<datestamp>1259582460000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>Okay, this scares me.</p><p>1. What happens when a publisher includes auto-updating code, but not specific attack code, like the DDoS software in the mentioned examples?  If discovered it will appear to be a security risk, but not specifically malicious...</p><p>2. What happens when a software developer produces some completely innocuous software, gets into the repositories - and then months down the road, produces an update with DDoS capability, and has the update pushed into the repositories and automatically distributed?</p></htmltext>
<tokenext>Okay , this scares me.1 .
What happens when a publisher includes auto-updating code , but not specific attack code , like the DDoS software in the mentioned examples ?
If discovered it will appear to be a security risk , but not specifically malicious...2 .
What happens when a software developer produces some completely innocuous software , gets into the repositories - and then months down the road , produces an update with DDoS capability , and has the update pushed into the repositories and automatically distributed ?</tokentext>
<sentencetext>Okay, this scares me.1.
What happens when a publisher includes auto-updating code, but not specific attack code, like the DDoS software in the mentioned examples?
If discovered it will appear to be a security risk, but not specifically malicious...2.
What happens when a software developer produces some completely innocuous software, gets into the repositories - and then months down the road, produces an update with DDoS capability, and has the update pushed into the repositories and automatically distributed?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382992</id>
	<title>Re:At least it was fixable.</title>
	<author>Anonymous</author>
	<datestamp>1259585820000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>because GNU/Linux is so open and configurable, malware like this can be very easily removed. All you have to do is run a few commands in a terminal to remove this</p><p>That has nothing to do with Linux being "open and configurable" and everything to do with the way this specific piece of malware is installed.</p></htmltext>
<tokenext>because GNU/Linux is so open and configurable , malware like this can be very easily removed .
All you have to do is run a few commands in a terminal to remove thisThat has nothing to do with Linux being " open and configurable " and everything to do with the way this specific piece of malware is installed .</tokentext>
<sentencetext>because GNU/Linux is so open and configurable, malware like this can be very easily removed.
All you have to do is run a few commands in a terminal to remove thisThat has nothing to do with Linux being "open and configurable" and everything to do with the way this specific piece of malware is installed.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30386152</id>
	<title>Re:At least it was fixable.</title>
	<author>ChienAndalu</author>
	<datestamp>1260441900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Only because this is some pretty unimaginative malware. What if the replaced sudo, dpkg and rm? Could you still trust these commands?</p></htmltext>
<tokenext>Only because this is some pretty unimaginative malware .
What if the replaced sudo , dpkg and rm ?
Could you still trust these commands ?</tokentext>
<sentencetext>Only because this is some pretty unimaginative malware.
What if the replaced sudo, dpkg and rm?
Could you still trust these commands?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383188</id>
	<title>Holy SHIT!</title>
	<author>Anonymous</author>
	<datestamp>1259586900000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Time to run yum install clamav.<br>(shivering and scared)</p></htmltext>
<tokenext>Time to run yum install clamav .
( shivering and scared )</tokentext>
<sentencetext>Time to run yum install clamav.
(shivering and scared)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382730</id>
	<title>Spot the anachronism</title>
	<author>welshbyte</author>
	<datestamp>1259584260000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext>Given that screensavers just help to drain your laptop battery, waste energy and have no practical use these days (unless these people have ancient monitors which are succeptible to <a href="http://en.wikipedia.org/wiki/Phosphor\_burn-in" title="wikipedia.org" rel="nofollow">screen burn</a> [wikipedia.org]) why do people keep using them and why are they still a feature of modern operating system distributions? Monitor and graphics card power saving features should be all that's needed.</htmltext>
<tokenext>Given that screensavers just help to drain your laptop battery , waste energy and have no practical use these days ( unless these people have ancient monitors which are succeptible to screen burn [ wikipedia.org ] ) why do people keep using them and why are they still a feature of modern operating system distributions ?
Monitor and graphics card power saving features should be all that 's needed .</tokentext>
<sentencetext>Given that screensavers just help to drain your laptop battery, waste energy and have no practical use these days (unless these people have ancient monitors which are succeptible to screen burn [wikipedia.org]) why do people keep using them and why are they still a feature of modern operating system distributions?
Monitor and graphics card power saving features should be all that's needed.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383612</id>
	<title>Re:At least it was fixable.</title>
	<author>maugle</author>
	<datestamp>1259589600000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext>To bolster your point: How did they find the name of the package?  Only someone knowledgeable in Linux could've found that out, or the various locations it installed itself to<br> <br>
To refute your point: Malware can get its hooks into Windows in a variety of different ways, and removal often requires specialized tools.  For example, I had to remove one of those hideous fake-antivirus programs from a neighbor's computer.  Real antivirus was no help.  MalwareBytes Anti-malware couldn't get rid of it.  Going into Safe Mode and manually cleaning things out didn't even work.  I had to search the Internet and use a specialized tool to finally uproot that crap.  (And, while I trusted it, the removal tool could have also been malware, I had no way to tell)<br> <br>
So:  Linux gets infected, smart user can eliminate it.  Windows gets infected, smart user still needs to rely on either antivirus or malware-specific removal tools.</htmltext>
<tokenext>To bolster your point : How did they find the name of the package ?
Only someone knowledgeable in Linux could 've found that out , or the various locations it installed itself to To refute your point : Malware can get its hooks into Windows in a variety of different ways , and removal often requires specialized tools .
For example , I had to remove one of those hideous fake-antivirus programs from a neighbor 's computer .
Real antivirus was no help .
MalwareBytes Anti-malware could n't get rid of it .
Going into Safe Mode and manually cleaning things out did n't even work .
I had to search the Internet and use a specialized tool to finally uproot that crap .
( And , while I trusted it , the removal tool could have also been malware , I had no way to tell ) So : Linux gets infected , smart user can eliminate it .
Windows gets infected , smart user still needs to rely on either antivirus or malware-specific removal tools .</tokentext>
<sentencetext>To bolster your point: How did they find the name of the package?
Only someone knowledgeable in Linux could've found that out, or the various locations it installed itself to 
To refute your point: Malware can get its hooks into Windows in a variety of different ways, and removal often requires specialized tools.
For example, I had to remove one of those hideous fake-antivirus programs from a neighbor's computer.
Real antivirus was no help.
MalwareBytes Anti-malware couldn't get rid of it.
Going into Safe Mode and manually cleaning things out didn't even work.
I had to search the Internet and use a specialized tool to finally uproot that crap.
(And, while I trusted it, the removal tool could have also been malware, I had no way to tell) 
So:  Linux gets infected, smart user can eliminate it.
Windows gets infected, smart user still needs to rely on either antivirus or malware-specific removal tools.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383330</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30386488</id>
	<title>Bottom Line</title>
	<author>Anonymous</author>
	<datestamp>1260446400000</datestamp>
	<modclass>Redundant</modclass>
	<modscore>-1</modscore>
	<htmltext><p>The bottom line on this is simple. Linux is written by paranoid geeks and every line of code is read by hundreds if not thousands of other paranoid geeks. Microsoft are interested in making money and dosen't share there code.</p></htmltext>
<tokenext>The bottom line on this is simple .
Linux is written by paranoid geeks and every line of code is read by hundreds if not thousands of other paranoid geeks .
Microsoft are interested in making money and dose n't share there code .</tokentext>
<sentencetext>The bottom line on this is simple.
Linux is written by paranoid geeks and every line of code is read by hundreds if not thousands of other paranoid geeks.
Microsoft are interested in making money and dosen't share there code.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30385664</id>
	<title>Re:At least it was fixable.</title>
	<author>orange47</author>
	<datestamp>1260477600000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>um, they should know what sudo is because they used it for installing the trojan..</htmltext>
<tokenext>um , they should know what sudo is because they used it for installing the trojan. .</tokentext>
<sentencetext>um, they should know what sudo is because they used it for installing the trojan..</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383330</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382816</id>
	<title>Re:auto-update</title>
	<author>Anonymous</author>
	<datestamp>1259584740000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Any developer that gets caught doing that will only have one chance to do it and frankly, if they were well known enouh to get into the repos the last thing they need is being banned from the repos and ostracised from the Linux community.</p></htmltext>
<tokenext>Any developer that gets caught doing that will only have one chance to do it and frankly , if they were well known enouh to get into the repos the last thing they need is being banned from the repos and ostracised from the Linux community .</tokentext>
<sentencetext>Any developer that gets caught doing that will only have one chance to do it and frankly, if they were well known enouh to get into the repos the last thing they need is being banned from the repos and ostracised from the Linux community.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382404</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30384750</id>
	<title>Re:"cleansing your system"</title>
	<author>Anonymous</author>
	<datestamp>1259599860000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>That won't help if the malware is capable of infecting the BIOS as well.<br>I mean, if you're going to go to extremes...</p></htmltext>
<tokenext>That wo n't help if the malware is capable of infecting the BIOS as well.I mean , if you 're going to go to extremes.. .</tokentext>
<sentencetext>That won't help if the malware is capable of infecting the BIOS as well.I mean, if you're going to go to extremes...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383400</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382718</id>
	<title>Re:auto-update</title>
	<author>sexconker</author>
	<datestamp>1259584200000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>In theory all updates pushed to repositories are vetted, tested, analyzed, and probed by your friendly, mythical repository manager.</p><p>In practice, shit will go down like a Valve launch.<br><a href="http://www.beefjack.com/wp-content/uploads/2009/07/valve-launchbox.jpg" title="beefjack.com" rel="nofollow">http://www.beefjack.com/wp-content/uploads/2009/07/valve-launchbox.jpg</a> [beefjack.com]</p></htmltext>
<tokenext>In theory all updates pushed to repositories are vetted , tested , analyzed , and probed by your friendly , mythical repository manager.In practice , shit will go down like a Valve launch.http : //www.beefjack.com/wp-content/uploads/2009/07/valve-launchbox.jpg [ beefjack.com ]</tokentext>
<sentencetext>In theory all updates pushed to repositories are vetted, tested, analyzed, and probed by your friendly, mythical repository manager.In practice, shit will go down like a Valve launch.http://www.beefjack.com/wp-content/uploads/2009/07/valve-launchbox.jpg [beefjack.com]</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382404</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382436</id>
	<title>Whoop dee doo</title>
	<author>Dega704</author>
	<datestamp>1259582580000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Like windows or any operating system linux is only as secure as the user keeps it.  In a way this is sort of a win because it means linux is now popular enough for the malware makers to pay attention to it, and it will motivate the linux community to be more vigilant.  Welcome to the mainstream and everything that comes with it.  This highlights the advantage of using software repositories as well............</htmltext>
<tokenext>Like windows or any operating system linux is only as secure as the user keeps it .
In a way this is sort of a win because it means linux is now popular enough for the malware makers to pay attention to it , and it will motivate the linux community to be more vigilant .
Welcome to the mainstream and everything that comes with it .
This highlights the advantage of using software repositories as well........... .</tokentext>
<sentencetext>Like windows or any operating system linux is only as secure as the user keeps it.
In a way this is sort of a win because it means linux is now popular enough for the malware makers to pay attention to it, and it will motivate the linux community to be more vigilant.
Welcome to the mainstream and everything that comes with it.
This highlights the advantage of using software repositories as well............</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30385106</id>
	<title>Re:auto-update</title>
	<author>Alex Belits</author>
	<datestamp>1259604060000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>1. What happens when a publisher includes auto-updating code, but not specific attack code, like the DDoS software in the mentioned examples? If discovered it will appear to be a security risk, but not specifically malicious...</p></div><p>This is precisely why Linux-specific software NEVER has built-in auto-update -- it's installed by a package manager and can only be updated by root. Things like Firefox extensions may have auto-update functionality, however if an extension is installed by a package manager, it won't be auto-updated by anything other than package manager.</p><p><div class="quote"><p>2. What happens when a software developer produces some completely innocuous software, gets into the repositories - and then months down the road, produces an update with DDoS capability, and has the update pushed into the repositories and automatically distributed?</p></div><p>Then he won't remain a package maintainer for too long. It also would be very easy to detect such malware after the first report because all sane repositories require the source to be available unless the package is a wrapper that installs something closed but sufficiently trusted (from NVIDIA, ATI, VMWare, Adobe).</p></div>
	</htmltext>
<tokenext>1 .
What happens when a publisher includes auto-updating code , but not specific attack code , like the DDoS software in the mentioned examples ?
If discovered it will appear to be a security risk , but not specifically malicious...This is precisely why Linux-specific software NEVER has built-in auto-update -- it 's installed by a package manager and can only be updated by root .
Things like Firefox extensions may have auto-update functionality , however if an extension is installed by a package manager , it wo n't be auto-updated by anything other than package manager.2 .
What happens when a software developer produces some completely innocuous software , gets into the repositories - and then months down the road , produces an update with DDoS capability , and has the update pushed into the repositories and automatically distributed ? Then he wo n't remain a package maintainer for too long .
It also would be very easy to detect such malware after the first report because all sane repositories require the source to be available unless the package is a wrapper that installs something closed but sufficiently trusted ( from NVIDIA , ATI , VMWare , Adobe ) .</tokentext>
<sentencetext>1.
What happens when a publisher includes auto-updating code, but not specific attack code, like the DDoS software in the mentioned examples?
If discovered it will appear to be a security risk, but not specifically malicious...This is precisely why Linux-specific software NEVER has built-in auto-update -- it's installed by a package manager and can only be updated by root.
Things like Firefox extensions may have auto-update functionality, however if an extension is installed by a package manager, it won't be auto-updated by anything other than package manager.2.
What happens when a software developer produces some completely innocuous software, gets into the repositories - and then months down the road, produces an update with DDoS capability, and has the update pushed into the repositories and automatically distributed?Then he won't remain a package maintainer for too long.
It also would be very easy to detect such malware after the first report because all sane repositories require the source to be available unless the package is a wrapper that installs something closed but sufficiently trusted (from NVIDIA, ATI, VMWare, Adobe).
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382404</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30384402</id>
	<title>Computers to the populace...</title>
	<author>Letalis001</author>
	<datestamp>1259596320000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Are appliances, they are tv's, washing machines, a glowing toaster if you will. most people could care less how the thing functions so long as it works, and the only time they do care is when it doesnt. thus, the people who create malware, viruses, spyware and the like will always have a market for this. as for linux, lack of popularity really is its saving grace. if MacOSX and Linux shared equal parts of the desktop market with Windows, its a guaranteed fact that the people who create the above would be making them for all three respectively to get the maximum amount of damage/profit. and as long as people do not care about how a computer works, its equivocal to handing a child a loaded gun and telling them to have fun. its all fun and games untill little Bobby blows his hand off.</htmltext>
<tokenext>Are appliances , they are tv 's , washing machines , a glowing toaster if you will .
most people could care less how the thing functions so long as it works , and the only time they do care is when it doesnt .
thus , the people who create malware , viruses , spyware and the like will always have a market for this .
as for linux , lack of popularity really is its saving grace .
if MacOSX and Linux shared equal parts of the desktop market with Windows , its a guaranteed fact that the people who create the above would be making them for all three respectively to get the maximum amount of damage/profit .
and as long as people do not care about how a computer works , its equivocal to handing a child a loaded gun and telling them to have fun .
its all fun and games untill little Bobby blows his hand off .</tokentext>
<sentencetext>Are appliances, they are tv's, washing machines, a glowing toaster if you will.
most people could care less how the thing functions so long as it works, and the only time they do care is when it doesnt.
thus, the people who create malware, viruses, spyware and the like will always have a market for this.
as for linux, lack of popularity really is its saving grace.
if MacOSX and Linux shared equal parts of the desktop market with Windows, its a guaranteed fact that the people who create the above would be making them for all three respectively to get the maximum amount of damage/profit.
and as long as people do not care about how a computer works, its equivocal to handing a child a loaded gun and telling them to have fun.
its all fun and games untill little Bobby blows his hand off.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30384128</id>
	<title>Re:At least it was fixable.</title>
	<author>FreelanceWizard</author>
	<datestamp>1259593800000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>5</modscore>
	<htmltext><p>I'm afraid not. The reason this malware is easy to remove is because it doesn't do anything truly wretched, like patch libc and other applications, install a rootkit kernel module, and the like.</p><p>Having dealt with Linux boxes that have been hit by automatic exploitation tools that go well out of their way to hide their presence, I can tell you that no matter what the operating system, the standard advice holds: once the machine is infected, the only sure way to get it back to a known state is to restore from a backup made prior to the exploitation or to wipe it completely and start over. I should also point out that these machines were rooted through the exploitation of previously-patched vulnerabilities in setuid services -- which is the exact same vector many Windows worms use, including Slammer and Conficker.</p><p>The only difference between the tools I've run into and a full-on worm is that they run at the command of a cracker and scan IP address ranges of his choice. With a bare amount of automation, they could become very successful Linux worms, breaking into all those machines that, say, have old OpenSSH binaries that haven't been patched against its known remotely exploitable vulnerabilities.</p></htmltext>
<tokenext>I 'm afraid not .
The reason this malware is easy to remove is because it does n't do anything truly wretched , like patch libc and other applications , install a rootkit kernel module , and the like.Having dealt with Linux boxes that have been hit by automatic exploitation tools that go well out of their way to hide their presence , I can tell you that no matter what the operating system , the standard advice holds : once the machine is infected , the only sure way to get it back to a known state is to restore from a backup made prior to the exploitation or to wipe it completely and start over .
I should also point out that these machines were rooted through the exploitation of previously-patched vulnerabilities in setuid services -- which is the exact same vector many Windows worms use , including Slammer and Conficker.The only difference between the tools I 've run into and a full-on worm is that they run at the command of a cracker and scan IP address ranges of his choice .
With a bare amount of automation , they could become very successful Linux worms , breaking into all those machines that , say , have old OpenSSH binaries that have n't been patched against its known remotely exploitable vulnerabilities .</tokentext>
<sentencetext>I'm afraid not.
The reason this malware is easy to remove is because it doesn't do anything truly wretched, like patch libc and other applications, install a rootkit kernel module, and the like.Having dealt with Linux boxes that have been hit by automatic exploitation tools that go well out of their way to hide their presence, I can tell you that no matter what the operating system, the standard advice holds: once the machine is infected, the only sure way to get it back to a known state is to restore from a backup made prior to the exploitation or to wipe it completely and start over.
I should also point out that these machines were rooted through the exploitation of previously-patched vulnerabilities in setuid services -- which is the exact same vector many Windows worms use, including Slammer and Conficker.The only difference between the tools I've run into and a full-on worm is that they run at the command of a cracker and scan IP address ranges of his choice.
With a bare amount of automation, they could become very successful Linux worms, breaking into all those machines that, say, have old OpenSSH binaries that haven't been patched against its known remotely exploitable vulnerabilities.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30386192</id>
	<title>Re:At least it was fixable.</title>
	<author>Anonymous</author>
	<datestamp>1260442260000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>open your filebrowser and clic the root mode, go to files<nobr> <wbr></nobr>..., and delete them<br>open add/remove software, and remove app5552</p><p>Better?</p></htmltext>
<tokenext>open your filebrowser and clic the root mode , go to files ... , and delete themopen add/remove software , and remove app5552Better ?</tokentext>
<sentencetext>open your filebrowser and clic the root mode, go to files ..., and delete themopen add/remove software, and remove app5552Better?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383330</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30386088</id>
	<title>you know what i'm commenting on.</title>
	<author>wentzr</author>
	<datestamp>1260441120000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>so ubuntu is the new windows. what damn good way for a "community" to shoot itself in the foot.</htmltext>
<tokenext>so ubuntu is the new windows .
what damn good way for a " community " to shoot itself in the foot .</tokentext>
<sentencetext>so ubuntu is the new windows.
what damn good way for a "community" to shoot itself in the foot.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382798</id>
	<title>WTF?</title>
	<author>soundguy</author>
	<datestamp>1259584680000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Who the hell runs screensavers these days anyway? This isn't 1995. Modern monitors don't need "saving". Log out and/or shut down the display if you're not actively using the account.</p></htmltext>
<tokenext>Who the hell runs screensavers these days anyway ?
This is n't 1995 .
Modern monitors do n't need " saving " .
Log out and/or shut down the display if you 're not actively using the account .</tokentext>
<sentencetext>Who the hell runs screensavers these days anyway?
This isn't 1995.
Modern monitors don't need "saving".
Log out and/or shut down the display if you're not actively using the account.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383954</id>
	<title>that was fast, was it not?</title>
	<author>Pharago</author>
	<datestamp>1259592180000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>if in doubt ask this guy, he/she may or may not have something to with these news xD

<a href="http://ask.slashdot.org/story/09/12/01/0025213/Ethics-of-Releasing-Non-Malicious-Linux-Malware" title="slashdot.org" rel="nofollow">http://ask.slashdot.org/story/09/12/01/0025213/Ethics-of-Releasing-Non-Malicious-Linux-Malware</a> [slashdot.org]</htmltext>
<tokenext>if in doubt ask this guy , he/she may or may not have something to with these news xD http : //ask.slashdot.org/story/09/12/01/0025213/Ethics-of-Releasing-Non-Malicious-Linux-Malware [ slashdot.org ]</tokentext>
<sentencetext>if in doubt ask this guy, he/she may or may not have something to with these news xD

http://ask.slashdot.org/story/09/12/01/0025213/Ethics-of-Releasing-Non-Malicious-Linux-Malware [slashdot.org]</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30384356</id>
	<title>Close call</title>
	<author>yamfry</author>
	<datestamp>1259595900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Good thing I don't have to worry about that. I use Linux!</htmltext>
<tokenext>Good thing I do n't have to worry about that .
I use Linux !</tokentext>
<sentencetext>Good thing I don't have to worry about that.
I use Linux!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30399242</id>
	<title>Re:auto-update</title>
	<author>schotty</author>
	<datestamp>1260523380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>1) That is a non-issue because you will fall into two very simple (across the board) methods.  Either release a new package or if you are using something akin to Loki's Update tools, then it is implied that you will be using that tool to update the application (I see the latter to be more useful for companies too lazy to sell their software and update it with a repo).</p><p>2) Good point.  But since we all trusted Microsoft at one point and many of us no longer (from a coding quality standpoint that is), that will be the case with another hapless company due to lazy auditing procedures.</p><p>Although, on your second point, which is an amazingly spot on point that we techies are going to have to solve, didnt Fedora run into that issue not too far back?  If I am not mistaken, a new set of keys were reissued, but I am not certain as to what else.  Perhaps that is a lesson we could learn somthing from.  Or maybe not.</p><p>Great post though, Shadow.</p></htmltext>
<tokenext>1 ) That is a non-issue because you will fall into two very simple ( across the board ) methods .
Either release a new package or if you are using something akin to Loki 's Update tools , then it is implied that you will be using that tool to update the application ( I see the latter to be more useful for companies too lazy to sell their software and update it with a repo ) .2 ) Good point .
But since we all trusted Microsoft at one point and many of us no longer ( from a coding quality standpoint that is ) , that will be the case with another hapless company due to lazy auditing procedures.Although , on your second point , which is an amazingly spot on point that we techies are going to have to solve , didnt Fedora run into that issue not too far back ?
If I am not mistaken , a new set of keys were reissued , but I am not certain as to what else .
Perhaps that is a lesson we could learn somthing from .
Or maybe not.Great post though , Shadow .</tokentext>
<sentencetext>1) That is a non-issue because you will fall into two very simple (across the board) methods.
Either release a new package or if you are using something akin to Loki's Update tools, then it is implied that you will be using that tool to update the application (I see the latter to be more useful for companies too lazy to sell their software and update it with a repo).2) Good point.
But since we all trusted Microsoft at one point and many of us no longer (from a coding quality standpoint that is), that will be the case with another hapless company due to lazy auditing procedures.Although, on your second point, which is an amazingly spot on point that we techies are going to have to solve, didnt Fedora run into that issue not too far back?
If I am not mistaken, a new set of keys were reissued, but I am not certain as to what else.
Perhaps that is a lesson we could learn somthing from.
Or maybe not.Great post though, Shadow.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382404</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382846</id>
	<title>Re:auto-update</title>
	<author>BikeHelmet</author>
	<datestamp>1259584980000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>This is why prompt-on-connect Firewalls exist for Windows.<nobr> <wbr></nobr>;)</p><p>You can't trust what your computer is trying to do behind your back!</p></htmltext>
<tokenext>This is why prompt-on-connect Firewalls exist for Windows .
; ) You ca n't trust what your computer is trying to do behind your back !</tokentext>
<sentencetext>This is why prompt-on-connect Firewalls exist for Windows.
;)You can't trust what your computer is trying to do behind your back!</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382404</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30397328</id>
	<title>what is the check/cure</title>
	<author>Anonymous</author>
	<datestamp>1260454440000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Doesn't anybody running linux want to tell me "the cure"?</p><p>Like please answer:<br>
&nbsp; &nbsp; 1. How can such malware be detected on Linux once installed?<br>
&nbsp; &nbsp; 2. How can one configure the system so as to be prevented?<br>
&nbsp; &nbsp; 3. What can be done to remove it?</p><p>I run "clamscan". Anyone wanna comment on that. Because I don't have a clue what it does... but it seems to check for something.</p><p>Anyone?<br>Any useful info between the chatter?<br>Anything?</p><p>ok, well I guess you can go back to your nit pickin' now.</p></htmltext>
<tokenext>Does n't anybody running linux want to tell me " the cure " ? Like please answer :     1 .
How can such malware be detected on Linux once installed ?
    2 .
How can one configure the system so as to be prevented ?
    3 .
What can be done to remove it ? I run " clamscan " .
Anyone wan na comment on that .
Because I do n't have a clue what it does... but it seems to check for something.Anyone ? Any useful info between the chatter ? Anything ? ok , well I guess you can go back to your nit pickin ' now .</tokentext>
<sentencetext>Doesn't anybody running linux want to tell me "the cure"?Like please answer:
    1.
How can such malware be detected on Linux once installed?
    2.
How can one configure the system so as to be prevented?
    3.
What can be done to remove it?I run "clamscan".
Anyone wanna comment on that.
Because I don't have a clue what it does... but it seems to check for something.Anyone?Any useful info between the chatter?Anything?ok, well I guess you can go back to your nit pickin' now.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30395992</id>
	<title>Re:auto-update</title>
	<author>Anonymous</author>
	<datestamp>1260446400000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Why are Linux apps including any auto-updating code whatsoever? Shouldn't that be handled by their package management application for their distribution? If it's content updates (album covers, electric sheep, rss feeds, etc.) they shouldn't require administrator privileges at all. Any Linux app that does some automatic connection to the internet AND requires elevated permissions is one I would be extremely weary of. How to squelch situations like what has happened with this screensaver? If you are new to Linux get your installs only from official repositories for your distribution. Maintainers probably would have caught this before it was officially released to the public. If you aren't new and could have come to the same conclusion that conorsulli came to on the Ubuntu forums, more power to you, stay pervasive and thank you for being a tester of the newest, half produced, future of everyone's software.</p></htmltext>
<tokenext>Why are Linux apps including any auto-updating code whatsoever ?
Should n't that be handled by their package management application for their distribution ?
If it 's content updates ( album covers , electric sheep , rss feeds , etc .
) they should n't require administrator privileges at all .
Any Linux app that does some automatic connection to the internet AND requires elevated permissions is one I would be extremely weary of .
How to squelch situations like what has happened with this screensaver ?
If you are new to Linux get your installs only from official repositories for your distribution .
Maintainers probably would have caught this before it was officially released to the public .
If you are n't new and could have come to the same conclusion that conorsulli came to on the Ubuntu forums , more power to you , stay pervasive and thank you for being a tester of the newest , half produced , future of everyone 's software .</tokentext>
<sentencetext>Why are Linux apps including any auto-updating code whatsoever?
Shouldn't that be handled by their package management application for their distribution?
If it's content updates (album covers, electric sheep, rss feeds, etc.
) they shouldn't require administrator privileges at all.
Any Linux app that does some automatic connection to the internet AND requires elevated permissions is one I would be extremely weary of.
How to squelch situations like what has happened with this screensaver?
If you are new to Linux get your installs only from official repositories for your distribution.
Maintainers probably would have caught this before it was officially released to the public.
If you aren't new and could have come to the same conclusion that conorsulli came to on the Ubuntu forums, more power to you, stay pervasive and thank you for being a tester of the newest, half produced, future of everyone's software.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382404</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30385052</id>
	<title>Just check, forum down</title>
	<author>MooPi</author>
	<datestamp>1259603580000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Forum is down at this moment. hmmmmm. Could it be retaliation?</htmltext>
<tokenext>Forum is down at this moment .
hmmmmm. Could it be retaliation ?</tokentext>
<sentencetext>Forum is down at this moment.
hmmmmm. Could it be retaliation?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30388584</id>
	<title>Re:Linux needs a "Zone Alarm" like program</title>
	<author>word\_virus</author>
	<datestamp>1260463320000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Linux already has one - it's called Firestarter and it's great.  Integrates with the gnome desktop and let's you specifiy a per-process inbound and outbound access policy.  It's in the main ubuntu repos last time I checked, but that was Hoary...  Check out it <a href="http://www.fs-security.com/" title="fs-security.com" rel="nofollow">here</a> [fs-security.com].</htmltext>
<tokenext>Linux already has one - it 's called Firestarter and it 's great .
Integrates with the gnome desktop and let 's you specifiy a per-process inbound and outbound access policy .
It 's in the main ubuntu repos last time I checked , but that was Hoary... Check out it here [ fs-security.com ] .</tokentext>
<sentencetext>Linux already has one - it's called Firestarter and it's great.
Integrates with the gnome desktop and let's you specifiy a per-process inbound and outbound access policy.
It's in the main ubuntu repos last time I checked, but that was Hoary...  Check out it here [fs-security.com].</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30386378</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383312</id>
	<title>"I downloaded it from rpmfind"</title>
	<author>Culture20</author>
	<datestamp>1259587680000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>The quote in my subject line is from a user who was allowed complete sudo access.  I can't remember the "it" in question, but it was an rpm that wasn't from our distro back then.  The machine was reimaged, the user was instructed that rpmfind et al is the *worst* choice for software installation, and sudo access was restricted to one specific command with pre-set parameters.<br>
Looks like this<nobr> <wbr></nobr>.deb came from a similar site (for sceensavers).</div>
	</htmltext>
<tokenext>The quote in my subject line is from a user who was allowed complete sudo access .
I ca n't remember the " it " in question , but it was an rpm that was n't from our distro back then .
The machine was reimaged , the user was instructed that rpmfind et al is the * worst * choice for software installation , and sudo access was restricted to one specific command with pre-set parameters .
Looks like this .deb came from a similar site ( for sceensavers ) .</tokentext>
<sentencetext>The quote in my subject line is from a user who was allowed complete sudo access.
I can't remember the "it" in question, but it was an rpm that wasn't from our distro back then.
The machine was reimaged, the user was instructed that rpmfind et al is the *worst* choice for software installation, and sudo access was restricted to one specific command with pre-set parameters.
Looks like this .deb came from a similar site (for sceensavers).
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30386378</id>
	<title>Linux needs a "Zone Alarm" like program</title>
	<author>'Tractor' Barry</author>
	<datestamp>1260444540000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>&gt; keep itself updated via downloads</p><p>I keep boring people with this point and I'm going to keep doing so until the Linux peeps get it.  Linux needs a program that performs the same function as Zone Alarm.  In other words no program on a desktop system should be allowed to connect to the internet before the user has okayed it.</p><p>One of the first things I do when a non tehcnical friend asks me to help with their Windows PC is to install Zone Alarm simply because it will prompt you before a programm cann connect to the network or internet.  I then explain that if they don't know what a program is, or why it's trying to connect to the internet, don't let it.  You can always change your mind later and you can always google it, or ask me, to find out what the program is and what it does.</p><p>This has stopped numerous malware infestation getting serious (i.e. downloading their real payload)  I believe there's very  little real malware nowadays that doesn't require 'net access to do it's work (reporting personal information such as credit card details, being a node in a botnet etc.) so having a gatekeeper between programs and the network should be a primary design consideration of all desktop systems.</p><p>Without this functionality it's just a matter of time before the first serious auto updating Linux virus problem occurs.  It might well be harder to get a root infestation on a Linux box but does this matter ?  A userland program can steal information, participate in a botnet etc. quite adequately for most purposes.  If it's well written and consumes little in the way of resources a user probably wouldn''t even notice either.</p><p>On Windows Zone Alarm acts like a nightclub bouncer for 'net access.  Meanwhile on Linux any old program gets full internet access without the user knowing a thing.</p></htmltext>
<tokenext>&gt; keep itself updated via downloadsI keep boring people with this point and I 'm going to keep doing so until the Linux peeps get it .
Linux needs a program that performs the same function as Zone Alarm .
In other words no program on a desktop system should be allowed to connect to the internet before the user has okayed it.One of the first things I do when a non tehcnical friend asks me to help with their Windows PC is to install Zone Alarm simply because it will prompt you before a programm cann connect to the network or internet .
I then explain that if they do n't know what a program is , or why it 's trying to connect to the internet , do n't let it .
You can always change your mind later and you can always google it , or ask me , to find out what the program is and what it does.This has stopped numerous malware infestation getting serious ( i.e .
downloading their real payload ) I believe there 's very little real malware nowadays that does n't require 'net access to do it 's work ( reporting personal information such as credit card details , being a node in a botnet etc .
) so having a gatekeeper between programs and the network should be a primary design consideration of all desktop systems.Without this functionality it 's just a matter of time before the first serious auto updating Linux virus problem occurs .
It might well be harder to get a root infestation on a Linux box but does this matter ?
A userland program can steal information , participate in a botnet etc .
quite adequately for most purposes .
If it 's well written and consumes little in the way of resources a user probably wouldn''t even notice either.On Windows Zone Alarm acts like a nightclub bouncer for 'net access .
Meanwhile on Linux any old program gets full internet access without the user knowing a thing .</tokentext>
<sentencetext>&gt; keep itself updated via downloadsI keep boring people with this point and I'm going to keep doing so until the Linux peeps get it.
Linux needs a program that performs the same function as Zone Alarm.
In other words no program on a desktop system should be allowed to connect to the internet before the user has okayed it.One of the first things I do when a non tehcnical friend asks me to help with their Windows PC is to install Zone Alarm simply because it will prompt you before a programm cann connect to the network or internet.
I then explain that if they don't know what a program is, or why it's trying to connect to the internet, don't let it.
You can always change your mind later and you can always google it, or ask me, to find out what the program is and what it does.This has stopped numerous malware infestation getting serious (i.e.
downloading their real payload)  I believe there's very  little real malware nowadays that doesn't require 'net access to do it's work (reporting personal information such as credit card details, being a node in a botnet etc.
) so having a gatekeeper between programs and the network should be a primary design consideration of all desktop systems.Without this functionality it's just a matter of time before the first serious auto updating Linux virus problem occurs.
It might well be harder to get a root infestation on a Linux box but does this matter ?
A userland program can steal information, participate in a botnet etc.
quite adequately for most purposes.
If it's well written and consumes little in the way of resources a user probably wouldn''t even notice either.On Windows Zone Alarm acts like a nightclub bouncer for 'net access.
Meanwhile on Linux any old program gets full internet access without the user knowing a thing.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30384250</id>
	<title>No matter how well you build the O/S</title>
	<author>Akita24</author>
	<datestamp>1259594820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>You still can't fix stupid. Stupid is forever.</htmltext>
<tokenext>You still ca n't fix stupid .
Stupid is forever .</tokentext>
<sentencetext>You still can't fix stupid.
Stupid is forever.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383888</id>
	<title>Question for those who are in the know...</title>
	<author>Anonymous</author>
	<datestamp>1259591520000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Does Ubuntu still have the horribly in-secure default setting of caching elevated privileges for a time after sudo is invoked? This allows malware like this to lurk in the user-space and wait for the invocation of sudo - thus never requiring elevation to completely own the users system.</p></htmltext>
<tokenext>Does Ubuntu still have the horribly in-secure default setting of caching elevated privileges for a time after sudo is invoked ?
This allows malware like this to lurk in the user-space and wait for the invocation of sudo - thus never requiring elevation to completely own the users system .</tokentext>
<sentencetext>Does Ubuntu still have the horribly in-secure default setting of caching elevated privileges for a time after sudo is invoked?
This allows malware like this to lurk in the user-space and wait for the invocation of sudo - thus never requiring elevation to completely own the users system.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30387384</id>
	<title>Re:Security is like sex</title>
	<author>drinkypoo</author>
	<datestamp>1260456300000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>This underscores a gigantic advantage of Linux. If you "only" install software from the collection of hundreds to thousands of packages included with your distribution, provided you're using one of the majors or a derivative, then you can have a reasonable expectation that you will not receive a trojan. The average user will never need anything they can't get from Ubuntu, for example, except for perhaps some things they will need from medibuntu. Even that, I admit, is something of a hassle, but the default-least-trust model for installing software is a big win.</p></htmltext>
<tokenext>This underscores a gigantic advantage of Linux .
If you " only " install software from the collection of hundreds to thousands of packages included with your distribution , provided you 're using one of the majors or a derivative , then you can have a reasonable expectation that you will not receive a trojan .
The average user will never need anything they ca n't get from Ubuntu , for example , except for perhaps some things they will need from medibuntu .
Even that , I admit , is something of a hassle , but the default-least-trust model for installing software is a big win .</tokentext>
<sentencetext>This underscores a gigantic advantage of Linux.
If you "only" install software from the collection of hundreds to thousands of packages included with your distribution, provided you're using one of the majors or a derivative, then you can have a reasonable expectation that you will not receive a trojan.
The average user will never need anything they can't get from Ubuntu, for example, except for perhaps some things they will need from medibuntu.
Even that, I admit, is something of a hassle, but the default-least-trust model for installing software is a big win.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383502</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30384378</id>
	<title>Re:At least it was fixable.</title>
	<author>Anonymous</author>
	<datestamp>1259596020000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>with modern viruses you really do have to start digging into the registry.  modern viruses now also include retrovirus style attacks that inject themselves into the AV system as well.  I foresee when viruses start adding MAD philosophy, similar to how in biology a parasite will kill the host if it is removed.</p><p>The antivirus industry would be in deep trouble if the computer equivalent of a guy with a bomb strapped to his chest started to become popular.</p></htmltext>
<tokenext>with modern viruses you really do have to start digging into the registry .
modern viruses now also include retrovirus style attacks that inject themselves into the AV system as well .
I foresee when viruses start adding MAD philosophy , similar to how in biology a parasite will kill the host if it is removed.The antivirus industry would be in deep trouble if the computer equivalent of a guy with a bomb strapped to his chest started to become popular .</tokentext>
<sentencetext>with modern viruses you really do have to start digging into the registry.
modern viruses now also include retrovirus style attacks that inject themselves into the AV system as well.
I foresee when viruses start adding MAD philosophy, similar to how in biology a parasite will kill the host if it is removed.The antivirus industry would be in deep trouble if the computer equivalent of a guy with a bomb strapped to his chest started to become popular.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383330</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30391092</id>
	<title>Perfect example of the Fedora problem</title>
	<author>BitZtream</author>
	<datestamp>1260471240000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>This is a perfect example of why allowing users at the console to install system wide software without requiring a password is a bad idea.</p><p>All it takes is this happening on one the already listed repos and you've got your vector into systems via stupid polkit choices.</p></htmltext>
<tokenext>This is a perfect example of why allowing users at the console to install system wide software without requiring a password is a bad idea.All it takes is this happening on one the already listed repos and you 've got your vector into systems via stupid polkit choices .</tokentext>
<sentencetext>This is a perfect example of why allowing users at the console to install system wide software without requiring a password is a bad idea.All it takes is this happening on one the already listed repos and you've got your vector into systems via stupid polkit choices.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383308</id>
	<title>Basic computer security</title>
	<author>Anonymous</author>
	<datestamp>1259587680000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>The problem is NOT that GNU/Linux is insecure, the problem is that some users refuse to learn how to properly administer their systems. The weakest link in any operating system is the user. I've outlined some <a href="http://ardchoille42.blogspot.com/2009/12/computer-security-is-process-not.html" title="blogspot.com" rel="nofollow">basic security practices</a> [blogspot.com] that everyone should use.

Computer security is a process, not a product.</htmltext>
<tokenext>The problem is NOT that GNU/Linux is insecure , the problem is that some users refuse to learn how to properly administer their systems .
The weakest link in any operating system is the user .
I 've outlined some basic security practices [ blogspot.com ] that everyone should use .
Computer security is a process , not a product .</tokentext>
<sentencetext>The problem is NOT that GNU/Linux is insecure, the problem is that some users refuse to learn how to properly administer their systems.
The weakest link in any operating system is the user.
I've outlined some basic security practices [blogspot.com] that everyone should use.
Computer security is a process, not a product.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382516</id>
	<title>Patch news...</title>
	<author>ghostis</author>
	<datestamp>1259583000000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p>The Gnome team is working with several university neurology departments to develop a patch for human nature that fixes this problem.  It will be included in Gnome 4.</p></htmltext>
<tokenext>The Gnome team is working with several university neurology departments to develop a patch for human nature that fixes this problem .
It will be included in Gnome 4 .</tokentext>
<sentencetext>The Gnome team is working with several university neurology departments to develop a patch for human nature that fixes this problem.
It will be included in Gnome 4.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383330</id>
	<title>Re:At least it was fixable.</title>
	<author>Drakin020</author>
	<datestamp>1259587920000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><p>Ah but here is the problem.</p><p>To you, removing a virus from Linux is easy, because you are obviously an intelligent Linux user.</p><p>(Someone posted above the removal instructions)</p><p>For you to write out: sudo rm -f<nobr> <wbr></nobr>/usr/bin/Auto.bash<nobr> <wbr></nobr>/usr/bin/run.bash<nobr> <wbr></nobr>/etc/profile.d/gnome.sh index.php run.bash &amp;&amp; sudo dpkg -r app5552</p><p>seems like nothing at all, but what about the average computer user? Do you think they know what sudo is? Hell I don't use Linux and I have no idea what the shit any of that stuff means. So no, that would only work with someone who really knows what they are doing with Linux.</p><p>Now on the flip side, you say...</p><p>"On Windows and the like, things are so complicated that Anti-virus software is almost required to remove some of their malware"</p><p>Ah, but this is going off the assumption that we are dealing with an average Windows user, not an expert user (Such as your self with Linux)</p><p>An expert Windows user like myself would say "Removing Malware is easy, just go into the registry's run section, remove what looks suspicious, delete temp files, prefetch, and search for the malware running process (Example: virus.exe) in the registry, and delete it"</p><p>Ah see that to me is easy, I've done things like that all the time, and it's just cake.</p><p>So I guess the point I'm trying to make is that...To you, removing a virus like this from Linux can be really simple...to someone who knows Linux, but the same can be said to a Windows user...who knows about Windows.</p></htmltext>
<tokenext>Ah but here is the problem.To you , removing a virus from Linux is easy , because you are obviously an intelligent Linux user .
( Someone posted above the removal instructions ) For you to write out : sudo rm -f /usr/bin/Auto.bash /usr/bin/run.bash /etc/profile.d/gnome.sh index.php run.bash &amp;&amp; sudo dpkg -r app5552seems like nothing at all , but what about the average computer user ?
Do you think they know what sudo is ?
Hell I do n't use Linux and I have no idea what the shit any of that stuff means .
So no , that would only work with someone who really knows what they are doing with Linux.Now on the flip side , you say... " On Windows and the like , things are so complicated that Anti-virus software is almost required to remove some of their malware " Ah , but this is going off the assumption that we are dealing with an average Windows user , not an expert user ( Such as your self with Linux ) An expert Windows user like myself would say " Removing Malware is easy , just go into the registry 's run section , remove what looks suspicious , delete temp files , prefetch , and search for the malware running process ( Example : virus.exe ) in the registry , and delete it " Ah see that to me is easy , I 've done things like that all the time , and it 's just cake.So I guess the point I 'm trying to make is that...To you , removing a virus like this from Linux can be really simple...to someone who knows Linux , but the same can be said to a Windows user...who knows about Windows .</tokentext>
<sentencetext>Ah but here is the problem.To you, removing a virus from Linux is easy, because you are obviously an intelligent Linux user.
(Someone posted above the removal instructions)For you to write out: sudo rm -f /usr/bin/Auto.bash /usr/bin/run.bash /etc/profile.d/gnome.sh index.php run.bash &amp;&amp; sudo dpkg -r app5552seems like nothing at all, but what about the average computer user?
Do you think they know what sudo is?
Hell I don't use Linux and I have no idea what the shit any of that stuff means.
So no, that would only work with someone who really knows what they are doing with Linux.Now on the flip side, you say..."On Windows and the like, things are so complicated that Anti-virus software is almost required to remove some of their malware"Ah, but this is going off the assumption that we are dealing with an average Windows user, not an expert user (Such as your self with Linux)An expert Windows user like myself would say "Removing Malware is easy, just go into the registry's run section, remove what looks suspicious, delete temp files, prefetch, and search for the malware running process (Example: virus.exe) in the registry, and delete it"Ah see that to me is easy, I've done things like that all the time, and it's just cake.So I guess the point I'm trying to make is that...To you, removing a virus like this from Linux can be really simple...to someone who knows Linux, but the same can be said to a Windows user...who knows about Windows.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383466</id>
	<title>Re:At least it was fixable.</title>
	<author>DiegoBravo</author>
	<datestamp>1259588760000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>This kind of problem is not about Linux or Windows but about distro that added malware in some crap application. In order to avoid that:</p><p>1) The typical crap software should not be allowed the same privileges as a typical user (why an screensaver should open sockets? remove files?) There are capabilities and several security options that nobody takes seriously</p><p>2) The package system should allow only a predefined set of actions in the installation process. Currently it runs as root any package' script; that's the reason I avoid all<nobr> <wbr></nobr>.deb files as provided by software vendors but obviously the problem is worse if the malware comes from the distribution</p></htmltext>
<tokenext>This kind of problem is not about Linux or Windows but about distro that added malware in some crap application .
In order to avoid that : 1 ) The typical crap software should not be allowed the same privileges as a typical user ( why an screensaver should open sockets ?
remove files ?
) There are capabilities and several security options that nobody takes seriously2 ) The package system should allow only a predefined set of actions in the installation process .
Currently it runs as root any package ' script ; that 's the reason I avoid all .deb files as provided by software vendors but obviously the problem is worse if the malware comes from the distribution</tokentext>
<sentencetext>This kind of problem is not about Linux or Windows but about distro that added malware in some crap application.
In order to avoid that:1) The typical crap software should not be allowed the same privileges as a typical user (why an screensaver should open sockets?
remove files?
) There are capabilities and several security options that nobody takes seriously2) The package system should allow only a predefined set of actions in the installation process.
Currently it runs as root any package' script; that's the reason I avoid all .deb files as provided by software vendors but obviously the problem is worse if the malware comes from the distribution</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382428</id>
	<title>scare the crap out of me</title>
	<author>qbasicjedi</author>
	<datestamp>1259582520000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>I swear to god, not thirty seconds before I came to slashdot and saw this story, I closed the gnome-look.com tab and had just finished pimpin' out my Gnome desktop. Good thing I didn't download any screensavers...</htmltext>
<tokenext>I swear to god , not thirty seconds before I came to slashdot and saw this story , I closed the gnome-look.com tab and had just finished pimpin ' out my Gnome desktop .
Good thing I did n't download any screensavers.. .</tokentext>
<sentencetext>I swear to god, not thirty seconds before I came to slashdot and saw this story, I closed the gnome-look.com tab and had just finished pimpin' out my Gnome desktop.
Good thing I didn't download any screensavers...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382834</id>
	<title>STILL more safe than Windows.</title>
	<author>ilsaloving</author>
	<datestamp>1259584920000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Linux and Mac *are* still more secure that Windows installations.  There's a difference between social engineering attacks and vulnerabilities that are exploited without user intervention.</p><p>You can't eliminate the former without locking down the user so badly that they are no longer in control of their computer.</p><p>The latter can and has been stopped very effectively through various, simple, defensive techniques. The most obvious such technique is to not give the user 100\% access to the system by default.  You have to put solid effort in order to infect a *ix based system.  Meanwhile Windows users can be rootkitted by doing nothing more than visiting a completely legitimate website that unknowningly has a malicious banner ad.</p></htmltext>
<tokenext>Linux and Mac * are * still more secure that Windows installations .
There 's a difference between social engineering attacks and vulnerabilities that are exploited without user intervention.You ca n't eliminate the former without locking down the user so badly that they are no longer in control of their computer.The latter can and has been stopped very effectively through various , simple , defensive techniques .
The most obvious such technique is to not give the user 100 \ % access to the system by default .
You have to put solid effort in order to infect a * ix based system .
Meanwhile Windows users can be rootkitted by doing nothing more than visiting a completely legitimate website that unknowningly has a malicious banner ad .</tokentext>
<sentencetext>Linux and Mac *are* still more secure that Windows installations.
There's a difference between social engineering attacks and vulnerabilities that are exploited without user intervention.You can't eliminate the former without locking down the user so badly that they are no longer in control of their computer.The latter can and has been stopped very effectively through various, simple, defensive techniques.
The most obvious such technique is to not give the user 100\% access to the system by default.
You have to put solid effort in order to infect a *ix based system.
Meanwhile Windows users can be rootkitted by doing nothing more than visiting a completely legitimate website that unknowningly has a malicious banner ad.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450</id>
	<title>At least it was fixable.</title>
	<author>Anonymous</author>
	<datestamp>1259582640000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>Before trolls start yelling about how "OMGZ LINUX ISN'T SECURE HAHAHA" and things like that, let me tell you something: because GNU/Linux is so open and configurable, malware like this can be very easily removed. All you have to do is run a few commands in a terminal to remove this. On Windows and the like, things are so complicated that Anti-virus software is almost required to remove some of their malware. I am glad to use an OS that doesn't restrict me like that.<nobr> <wbr></nobr>:)</p></htmltext>
<tokenext>Before trolls start yelling about how " OMGZ LINUX IS N'T SECURE HAHAHA " and things like that , let me tell you something : because GNU/Linux is so open and configurable , malware like this can be very easily removed .
All you have to do is run a few commands in a terminal to remove this .
On Windows and the like , things are so complicated that Anti-virus software is almost required to remove some of their malware .
I am glad to use an OS that does n't restrict me like that .
: )</tokentext>
<sentencetext>Before trolls start yelling about how "OMGZ LINUX ISN'T SECURE HAHAHA" and things like that, let me tell you something: because GNU/Linux is so open and configurable, malware like this can be very easily removed.
All you have to do is run a few commands in a terminal to remove this.
On Windows and the like, things are so complicated that Anti-virus software is almost required to remove some of their malware.
I am glad to use an OS that doesn't restrict me like that.
:)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382790</id>
	<title>No biggie, Ubuntu</title>
	<author>harris s newman</author>
	<datestamp>1259584620000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>I'll not worry until Linux hackers attack Linux.  A windoz hacker attacking Linux is a joke.  Good luck with that.</htmltext>
<tokenext>I 'll not worry until Linux hackers attack Linux .
A windoz hacker attacking Linux is a joke .
Good luck with that .</tokentext>
<sentencetext>I'll not worry until Linux hackers attack Linux.
A windoz hacker attacking Linux is a joke.
Good luck with that.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383400</id>
	<title>"cleansing your system"</title>
	<author>Lost Race</author>
	<datestamp>1259588400000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><blockquote><div><p>For those affected, both sites also provide instruction on cleansing your system.</p></div></blockquote><p>There's only one way to "cleanse" your system of malware once it's infected:</p><ol> <li>Boot from known-good media (i.e. pressed CD from OS distributor)</li><li>Block-erase hard drive(s)</li><li>Re-install OS</li><li>Restore documents from backup</li></ol><p>Any malware that can auto-update itself can potentially install anything at all. It could, for example, set up a file-sharing node which caches <a href="http://yro.slashdot.org/story/09/12/05/1511258/Accidental-Download-Sending-22-Year-Old-Man-To-Prison" title="slashdot.org">illegal data files</a> [slashdot.org] on your system.</p></div>
	</htmltext>
<tokenext>For those affected , both sites also provide instruction on cleansing your system.There 's only one way to " cleanse " your system of malware once it 's infected : Boot from known-good media ( i.e .
pressed CD from OS distributor ) Block-erase hard drive ( s ) Re-install OSRestore documents from backupAny malware that can auto-update itself can potentially install anything at all .
It could , for example , set up a file-sharing node which caches illegal data files [ slashdot.org ] on your system .</tokentext>
<sentencetext>For those affected, both sites also provide instruction on cleansing your system.There's only one way to "cleanse" your system of malware once it's infected: Boot from known-good media (i.e.
pressed CD from OS distributor)Block-erase hard drive(s)Re-install OSRestore documents from backupAny malware that can auto-update itself can potentially install anything at all.
It could, for example, set up a file-sharing node which caches illegal data files [slashdot.org] on your system.
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382928</id>
	<title>Unsigned package, I presume</title>
	<author>adaviel</author>
	<datestamp>1259585520000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Yes, that's how to make a nonprivileged exploit (mess with<nobr> <wbr></nobr>.bash\_profile etc.)

Ideally, the<nobr> <wbr></nobr>.deb package should have been digitally signed, and the person who signed it should have checked to make sure it was safe. Then if you only install packages from trusted repositories and check the sigs, you are safe (unless the signing keys are hacked, which happened to Fedora. Or they were playing safe, in that they might have been hacked. I forget)

In practice, that only works for corporate deployment (protection against autohacking of the entire client PC base). People will always download toys without checking the provenance.</htmltext>
<tokenext>Yes , that 's how to make a nonprivileged exploit ( mess with .bash \ _profile etc .
) Ideally , the .deb package should have been digitally signed , and the person who signed it should have checked to make sure it was safe .
Then if you only install packages from trusted repositories and check the sigs , you are safe ( unless the signing keys are hacked , which happened to Fedora .
Or they were playing safe , in that they might have been hacked .
I forget ) In practice , that only works for corporate deployment ( protection against autohacking of the entire client PC base ) .
People will always download toys without checking the provenance .</tokentext>
<sentencetext>Yes, that's how to make a nonprivileged exploit (mess with .bash\_profile etc.
)

Ideally, the .deb package should have been digitally signed, and the person who signed it should have checked to make sure it was safe.
Then if you only install packages from trusted repositories and check the sigs, you are safe (unless the signing keys are hacked, which happened to Fedora.
Or they were playing safe, in that they might have been hacked.
I forget)

In practice, that only works for corporate deployment (protection against autohacking of the entire client PC base).
People will always download toys without checking the provenance.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383616</id>
	<title>Re:Patch news...</title>
	<author>refactored</author>
	<datestamp>1259589660000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><i>The Gnome team is working with several university neurology departments to develop a patch for human nature that fixes this problem. It will be included in Gnome 4.</i>
<p>
Don't you mean "Genome 4"?</p></htmltext>
<tokenext>The Gnome team is working with several university neurology departments to develop a patch for human nature that fixes this problem .
It will be included in Gnome 4 .
Do n't you mean " Genome 4 " ?</tokentext>
<sentencetext>The Gnome team is working with several university neurology departments to develop a patch for human nature that fixes this problem.
It will be included in Gnome 4.
Don't you mean "Genome 4"?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382516</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383730</id>
	<title>Interesting...</title>
	<author>jonaskoelker</author>
	<datestamp>1259590380000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext><p><div class="quote"><p>Gnome team is working [...]] to develop a patch for human nature that fixes this problem.</p></div><p>I suspect they've decided that a free will is unusable and will replace it with sane defaults<nobr> <wbr></nobr>;)</p></div>
	</htmltext>
<tokenext>Gnome team is working [ ... ] ] to develop a patch for human nature that fixes this problem.I suspect they 've decided that a free will is unusable and will replace it with sane defaults ; )</tokentext>
<sentencetext>Gnome team is working [...]] to develop a patch for human nature that fixes this problem.I suspect they've decided that a free will is unusable and will replace it with sane defaults ;)
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382516</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382724</id>
	<title>Why can't we call it what it is...</title>
	<author>mysidia</author>
	<datestamp>1259584260000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>
It's a <b>Trojan Horse</b> </p><p>
Malware is a generic term for malicious software.
</p><p>
But the notion of Trojan applies here; you download a seemingly innocent program, but it contains a hidden nefarious payload.
</p><p>
AV software makers love it, because it means that once software gets classified as <b>Malware</b> instead of an actual virus, they don't have to worry about detection and safe removal anymore, that's another program's job...
</p></htmltext>
<tokenext>It 's a Trojan Horse Malware is a generic term for malicious software .
But the notion of Trojan applies here ; you download a seemingly innocent program , but it contains a hidden nefarious payload .
AV software makers love it , because it means that once software gets classified as Malware instead of an actual virus , they do n't have to worry about detection and safe removal anymore , that 's another program 's job.. .</tokentext>
<sentencetext>
It's a Trojan Horse 
Malware is a generic term for malicious software.
But the notion of Trojan applies here; you download a seemingly innocent program, but it contains a hidden nefarious payload.
AV software makers love it, because it means that once software gets classified as Malware instead of an actual virus, they don't have to worry about detection and safe removal anymore, that's another program's job...
</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30385872</id>
	<title>Re:At least it was fixable.</title>
	<author>Anonymous</author>
	<datestamp>1260437640000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I am no expert on neither Linux or Windows. But for me copy/paste/enter one command in terminal IS more easy than your "Removing Malware is easy, just go into the registry's run section, remove what looks suspicious, delete temp files, prefetch, and search for the malware running process (Example: virus.exe) in the registry, and delete it"</p><p>So as a no-expert I would rather have problem in Linux and follow the guides from experts, easy as copy/paste/enter. While on Windows I would rely on AV software or try  "your way" and probably get lost.</p></htmltext>
<tokenext>I am no expert on neither Linux or Windows .
But for me copy/paste/enter one command in terminal IS more easy than your " Removing Malware is easy , just go into the registry 's run section , remove what looks suspicious , delete temp files , prefetch , and search for the malware running process ( Example : virus.exe ) in the registry , and delete it " So as a no-expert I would rather have problem in Linux and follow the guides from experts , easy as copy/paste/enter .
While on Windows I would rely on AV software or try " your way " and probably get lost .</tokentext>
<sentencetext>I am no expert on neither Linux or Windows.
But for me copy/paste/enter one command in terminal IS more easy than your "Removing Malware is easy, just go into the registry's run section, remove what looks suspicious, delete temp files, prefetch, and search for the malware running process (Example: virus.exe) in the registry, and delete it"So as a no-expert I would rather have problem in Linux and follow the guides from experts, easy as copy/paste/enter.
While on Windows I would rely on AV software or try  "your way" and probably get lost.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383330</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30414786</id>
	<title>There are easy solutions for this</title>
	<author>Anonymous</author>
	<datestamp>1260639420000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>This is not a problem, not even a threat at all.The good thing about FOSS is that there are thousands of contributors and developers. Will this kind of things happen often, would be easy to implement review procedures, create "digital approval stamps" for every single file and place them at safe site locations for download.</p></htmltext>
<tokenext>This is not a problem , not even a threat at all.The good thing about FOSS is that there are thousands of contributors and developers .
Will this kind of things happen often , would be easy to implement review procedures , create " digital approval stamps " for every single file and place them at safe site locations for download .</tokentext>
<sentencetext>This is not a problem, not even a threat at all.The good thing about FOSS is that there are thousands of contributors and developers.
Will this kind of things happen often, would be easy to implement review procedures, create "digital approval stamps" for every single file and place them at safe site locations for download.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30385150</id>
	<title>Is KDE going to do something similar?</title>
	<author>Provocateur</author>
	<datestamp>1259604540000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Jes sayin'...</p><p>But <i>come on,</i> have <i>them</i> GNOME guys steal all the thunder? Lookin for a <i>new sensation?</i></p></htmltext>
<tokenext>Jes sayin'...But come on , have them GNOME guys steal all the thunder ?
Lookin for a new sensation ?</tokentext>
<sentencetext>Jes sayin'...But come on, have them GNOME guys steal all the thunder?
Lookin for a new sensation?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30385358</id>
	<title>Don't be naive</title>
	<author>Mathinker</author>
	<datestamp>1259608020000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Even if one can assume that the infection has been safely sandboxed to the user account in question, it is theoretically impossible to discover all the possible ways the user account could have been compromised (<i>exactly</i> like it's impossible to discover how a compromised OS is infected).</p><p>You're already the second poster I've seen here (the first chronologically, tho) with this erroneous idea, see <a href="http://slashdot.org/comments.pl?sid=1473112&amp;cid=30385290" title="slashdot.org" rel="nofollow">my reply to the first one</a> [slashdot.org].</p></htmltext>
<tokenext>Even if one can assume that the infection has been safely sandboxed to the user account in question , it is theoretically impossible to discover all the possible ways the user account could have been compromised ( exactly like it 's impossible to discover how a compromised OS is infected ) .You 're already the second poster I 've seen here ( the first chronologically , tho ) with this erroneous idea , see my reply to the first one [ slashdot.org ] .</tokentext>
<sentencetext>Even if one can assume that the infection has been safely sandboxed to the user account in question, it is theoretically impossible to discover all the possible ways the user account could have been compromised (exactly like it's impossible to discover how a compromised OS is infected).You're already the second poster I've seen here (the first chronologically, tho) with this erroneous idea, see my reply to the first one [slashdot.org].</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383694</id>
	<title>Redux from 1996</title>
	<author>Anonymous</author>
	<datestamp>1259590080000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I think there was a Windows screensaver with a virus in it back in 1996...or maybe even more recently.  Linux, you have a long way to go if you're going to become famous for being insecure.</p></htmltext>
<tokenext>I think there was a Windows screensaver with a virus in it back in 1996...or maybe even more recently .
Linux , you have a long way to go if you 're going to become famous for being insecure .</tokentext>
<sentencetext>I think there was a Windows screensaver with a virus in it back in 1996...or maybe even more recently.
Linux, you have a long way to go if you're going to become famous for being insecure.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30386178</id>
	<title>Good News</title>
	<author>savvyart</author>
	<datestamp>1260442140000</datestamp>
	<modclass>Funny</modclass>
	<modscore>2</modscore>
	<htmltext>Finally, the year of Linux desktop is coming.
Even malware authors are taking notice and creating trojans and sneakware, so indeed linux adoption is up, yay!</htmltext>
<tokenext>Finally , the year of Linux desktop is coming .
Even malware authors are taking notice and creating trojans and sneakware , so indeed linux adoption is up , yay !</tokentext>
<sentencetext>Finally, the year of Linux desktop is coming.
Even malware authors are taking notice and creating trojans and sneakware, so indeed linux adoption is up, yay!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30384934</id>
	<title>Re:At least it was fixable.</title>
	<author>RMS Eats Toejam</author>
	<datestamp>1259602200000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>All you have to do is run a few commands in a terminal to remove this. On Windows and the like, things are so complicated that Anti-virus software is almost required to remove some of their malware.</p></div><p>Another lie often repeated here.  It's not easy to remove for the average user who has no idea where installed files go in Linux.  It's also not easy for people like <i>you</i> who don't have advanced knowledge of how to fix problems in Windows because you are a Linux user.</p></div>
	</htmltext>
<tokenext>All you have to do is run a few commands in a terminal to remove this .
On Windows and the like , things are so complicated that Anti-virus software is almost required to remove some of their malware.Another lie often repeated here .
It 's not easy to remove for the average user who has no idea where installed files go in Linux .
It 's also not easy for people like you who do n't have advanced knowledge of how to fix problems in Windows because you are a Linux user .</tokentext>
<sentencetext>All you have to do is run a few commands in a terminal to remove this.
On Windows and the like, things are so complicated that Anti-virus software is almost required to remove some of their malware.Another lie often repeated here.
It's not easy to remove for the average user who has no idea where installed files go in Linux.
It's also not easy for people like you who don't have advanced knowledge of how to fix problems in Windows because you are a Linux user.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382616</id>
	<title>Fine-grained privileges</title>
	<author>noidentity</author>
	<datestamp>1259583660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>I want a mainstream OS that allows fine-grained privileges for programs. Why should I have to give my screensaver permission to do anything except display graphics, and perhaps read some data files from its own directory?</htmltext>
<tokenext>I want a mainstream OS that allows fine-grained privileges for programs .
Why should I have to give my screensaver permission to do anything except display graphics , and perhaps read some data files from its own directory ?</tokentext>
<sentencetext>I want a mainstream OS that allows fine-grained privileges for programs.
Why should I have to give my screensaver permission to do anything except display graphics, and perhaps read some data files from its own directory?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30386050</id>
	<title>Are systems with SELinux affected?</title>
	<author>Anonymous</author>
	<datestamp>1260440640000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>SELinux (Security Enhanced Linux) was supposed to help in those situations, by having tight restrictions on what programs where can and cannot do.<br>Anyone has any idea if that's the case?</p></htmltext>
<tokenext>SELinux ( Security Enhanced Linux ) was supposed to help in those situations , by having tight restrictions on what programs where can and can not do.Anyone has any idea if that 's the case ?</tokentext>
<sentencetext>SELinux (Security Enhanced Linux) was supposed to help in those situations, by having tight restrictions on what programs where can and cannot do.Anyone has any idea if that's the case?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383702</id>
	<title>Busted</title>
	<author>mwolfe38</author>
	<datestamp>1259590140000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>I remember reading an ask slashdot post about a week ago in which the poster asked if releasing linux malware out into the wild was an ethical thing to do or not. Looks like we've got somebody to blame.
Personally though, I blame the idiots who download screensavers, especially a "waterfall" screensavers.</htmltext>
<tokenext>I remember reading an ask slashdot post about a week ago in which the poster asked if releasing linux malware out into the wild was an ethical thing to do or not .
Looks like we 've got somebody to blame .
Personally though , I blame the idiots who download screensavers , especially a " waterfall " screensavers .</tokentext>
<sentencetext>I remember reading an ask slashdot post about a week ago in which the poster asked if releasing linux malware out into the wild was an ethical thing to do or not.
Looks like we've got somebody to blame.
Personally though, I blame the idiots who download screensavers, especially a "waterfall" screensavers.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383502</id>
	<title>Security is like sex</title>
	<author>Anonymous</author>
	<datestamp>1259588940000</datestamp>
	<modclass>Funny</modclass>
	<modscore>3</modscore>
	<htmltext><p>Security is like sex. Once you're penetrated you're ****ed.</p><p>When you install software, you're having unsafe sex.</p><p>Don't do it lightly.</p></htmltext>
<tokenext>Security is like sex .
Once you 're penetrated you 're * * * * ed.When you install software , you 're having unsafe sex.Do n't do it lightly .</tokentext>
<sentencetext>Security is like sex.
Once you're penetrated you're ****ed.When you install software, you're having unsafe sex.Don't do it lightly.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382926</id>
	<title>So, i need to install the package first?</title>
	<author>Anonymous</author>
	<datestamp>1259585460000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>&gt;        DO NOT RUN THIS SCRIPT UNLESS YOU HAVE INSTALLED THE<nobr> <wbr></nobr>.DEB IN QUESTION.<br>&gt;<br>&gt;            * sudo rm -f<nobr> <wbr></nobr>/usr/bin/Auto.bash<nobr> <wbr></nobr>/usr/bin/run.bash<nobr> <wbr></nobr>/etc/profile.d/gnome.sh index.php run.bash &amp;&amp; sudo dpkg -r app5552</p><p>Okay, will do.</p></htmltext>
<tokenext>&gt; DO NOT RUN THIS SCRIPT UNLESS YOU HAVE INSTALLED THE .DEB IN QUESTION. &gt; &gt; * sudo rm -f /usr/bin/Auto.bash /usr/bin/run.bash /etc/profile.d/gnome.sh index.php run.bash &amp;&amp; sudo dpkg -r app5552Okay , will do .</tokentext>
<sentencetext>&gt;        DO NOT RUN THIS SCRIPT UNLESS YOU HAVE INSTALLED THE .DEB IN QUESTION.&gt;&gt;            * sudo rm -f /usr/bin/Auto.bash /usr/bin/run.bash /etc/profile.d/gnome.sh index.php run.bash &amp;&amp; sudo dpkg -r app5552Okay, will do.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383496</id>
	<title>Re:auto-update</title>
	<author>nfk</author>
	<datestamp>1259588940000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Ah, the joys of using Debian stable. If this DDoS update is released months down the road, it will probably be detected in the year and a half before my next update.</p></htmltext>
<tokenext>Ah , the joys of using Debian stable .
If this DDoS update is released months down the road , it will probably be detected in the year and a half before my next update .</tokentext>
<sentencetext>Ah, the joys of using Debian stable.
If this DDoS update is released months down the road, it will probably be detected in the year and a half before my next update.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382404</parent>
</comment>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_21</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30388584
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30386378
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383616
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382516
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_25</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30386192
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383330
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383496
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382404
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382718
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382404
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30385358
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_23</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30388542
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383502
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30384378
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383330
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_22</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30384128
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382910
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30385106
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382404
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383730
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382516
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_26</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383466
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383462
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383538
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383612
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383330
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_20</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30387384
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383502
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30385664
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383330
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30385872
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383330
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_24</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30399242
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382404
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382846
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382404
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382992
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30386152
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30384934
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30395992
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382404
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30384750
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383400
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_09_12_09_2215253_17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382816
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382404
</commentlist>
</thread>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_09_2215253.0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382616
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_09_2215253.3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30386378
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30388584
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_09_2215253.12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30386050
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_09_2215253.6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382724
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_09_2215253.4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383400
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30384750
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_09_2215253.13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382128
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_09_2215253.11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382502
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_09_2215253.10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382516
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383730
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383616
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_09_2215253.9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382536
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_09_2215253.7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382450
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30385358
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383462
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383330
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30384378
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30385664
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30385872
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30386192
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383612
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383538
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30384934
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383466
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382910
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30386152
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382992
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30384128
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_09_2215253.8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382404
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383496
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382846
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30399242
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382816
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382718
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30395992
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30385106
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_09_2215253.1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30383502
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30387384
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30388542
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_09_2215253.2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382926
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation09_12_09_2215253.5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment09_12_09_2215253.30382730
</commentlist>
</conversation>
