For those who are wondering, yes, Wine is malware compatible so be careful about the EXEs you run!
This is why I always test suspicious files on my work issued PC.
You’re the reason my Mondays are always chaos
Then you’re not going to be happy with me deploying work production code via my dedicated porn box…
I see you work for my company…
Image Transcription: Meme
[Gru, the long-nosed protagonist of the “Despicable Me” franchise, presents to the camera, pointing into the air and smiling. Behind him is a flipchart with text reading:]
And the best part about using Linux: No viruses!
[Still presenting, Gru has his hand in a C shape and his head down as he peers at the gap between his fingers. The text now reads:]
Look at this, a website downloaded a malicious .exe on my machine.
[Gru now has his hands pointing down, fingers splayed, still presenting. The text now reads:]
*Double Click*
See? Nothing happe…
[Gru looks back to the flipchart in a double-take, his eyes round and wide and his mouth downturned. The text still reads:]
*Wine is launching*
[The Wine logo: a slightly tipped wine glass with red wine sloshing inside it.]
I am a human who transcribes posts to improve accessibility on Lemmy. Transcriptions help people who use screen readers or other assistive technology to use the site. For more information, see here.
Good human
Oh gods I’m tired. I read:
Image Transcription: Meme
And saw the line break and thought “Wow. That was a good transcription.” I think I need to go back to bed.
Thanks human
Does Lemmy not support alt text? I can’t add alt text from Infinity for Lemmy; is that because Lemmy doesn’t support it or just my client? Because they really should.
As far as I’m aware, Lemmy unfortunately does not provide the option to add alt text to images. Hopefully that will change, though!
Oof that sucks. Thank you for answering :)
Really? So when I write ![alt text](image link), the alt text does nothing?
I didn’t know you could do that!
From what I can see, this means you can add alt text to images you embed using markdown. However, directly uploaded images in posts don’t seem to have a way to directly add alt text that I can find. You can add a transcription in the text body, but it’s not quite as accessible as pure alt text because screen readers won’t read it automatically when the image gets focused.
Possibly you could embed an image in the text body and upload that like a text post, and that way use the markdown to add the alt text, but that would require the image is already hosted somewhere in the internet.
It would be great if it had proper alt text. But since an image post can have an additional text body you can put an image description there. I guess it’s a good idea to wrap it in a spoiler/
<details>
element.Image description
Gru…
::: spoiler Image description Gru… :::
</details>
I feel like, for some weird reason, nobody on lemmy knows how meme templates are supposed to be used.
It’s like watching my parents try to meme and I’m here for it.
People bitching about meme usage. I am home.
Same thing happened on Reddit, honestly.
you mean because of the last two panels which are supposed to be the same? I personally prefer this version, it always bothered me reading the same thing twice which didn’t add much to the meme
The double take is the meme though…
it doesn’t have to conform to the exact format to work
If it doesn’t conform to the format, you should pick a different one that it does conform to and use that instead.
What if they couldn’t come up with a different format (even tho I may know different formats to use here I sometimes simply don’t know their name (to search for their templates) or I’m just lacking the mental capacity to think of a more fitting one :')
ಠ_ಠ
its like retelling a joke you heard but leaving out the punchline
I find the meme quite funny actually. even tho the last panels are typically the same text, they dont have to be. Memes can change after all.
Technically the minion pictures boomers unironically post on Facebook are also memes
This happened to me not long ago when I found a monero miner running on my laptop. Being a highly technical person, I feel unbounded shame.
How did you figure out it was running? How did you confirm? Teach me your methods
Please
It was pretty easy to spot in
htop
since it had really high CPU usage. Plus, the command line args it launched with included the word “Monero” multiple times, so that was a bit of a giveaway hahaI sometimes leave my laptop on, but the monitor turned off when I go to sleep. Sometimes when I wake up, the fans on the laptop will be running full speed, which dies down soon after I turn the monitor on and use the laptop for a little while. Do you think this might be a symptom of some covertware running on my laptop?
Perhaps.
There may be easier ways to test for this, but what comes to mind is if you install your current OS again on another partition and then leave it as you usually do, and see if the fans do the same thing. If they do, it might just be a fault with the fan control or sleep state or something.
If it doesn’t happen, I’d assume something fishy is going on. Maybe try and set up a script to log your CPU usage and what’s using the most every few minutes. That might catch something?
I’ve just now had another thought. If it’s trying to be covert, maybe just leave your task manager / htop open and don’t touch anything for a while, it might think you’re afk and start running again. If it doesn’t, it could be checking to see if common monitoring tools are running and stopping itself to avoid detection, if that’s the case you’ll have to be a bit smarter about trying to catch it.tl;dr Maybe. Run a virus scan if you can, or try and find it yourself if you think you can. If all else fails, nuke the OS and start again.
That makes sense. In the end I guess it depends on what level any malware expects the user to search for it on. Thanks.
I might be able to find a weird service or background app at most. Figuring out what is actually happening is beyond me.
Was it still through WINE? I’d feel bad for the miner as well as it likely couldn’t have done the MSR mod so low hashrate lol.
Feeling bad that a scammer couldn’t scam hard enough is hilarious. Only in a Linux forum.
Tbf, if you get an OOTB distro infected, that is most definitely user error
If you (somehow) manage to get gentoo or lfs infected, I’d still consider it user error lol
LFS maybe, but gentoo or arch is understandable because you have to set the security up yourself.
Yes it was, I run Zorin (Ubuntu-based) on my laptop.
“Well no problem, they can’t run without root privileges!” -/home left the game
Time to go back to our “roots” then.
Reminds me https://xkcd.com/1200
Even better: Wine defaults to giving access to your whole drive to new prefixes.
Though “only” your personal files are at risk cause of permissions.
You really don’t think Linux has viruses? I’m confused by this post. Is it an excuse to shit on wine and windows?
They’re super rare. I’ve not gotten one once in decades, whereas I’ve encountered countless viruses on Windows. Linux is more secure, but also it’s just a smaller target. Best way to avoid viruses is to use an OS nobody else wants to use *taps head
I think you have a false sense of security with regards to Linux vulnerabilities and exploitations. There are dozen of known exploits throughout the Linux ecosystem that are publicly disclosed frequently.
What makes you think Linux is more secure than windows? I’m not trying to start an argument here I’m just curious.
I find the Linux ecosystem has far better updating mechanisms than Windows and it doesn’t have as much backwards compatibility cruft as Windows. That and the open source nature I think is better at having exploits uncovered. I’m not saying Linux is perfectly secure, but that it’s more secure than Windows. But I think the biggest reason it’s less likely to get viruses is just that it’s a smaller target and that hackers aren’t spending as much time trying to attack it, plus the users are more tech savvy meaning any attacks will be less lucrative.
it’s a smaller target and that hackers aren’t spending as much time trying to attack it
It’s the most popular server system, so I’m not so sure about that.
The target user base is much smaller. Most viruses are spread through user error and server administrators are far more competent than a typical OS user. Also, typical server exploits lead to exposing credentials rather than spreading viruses.
Software is usually installed from repositories and not random websites, so there is less room for user error in general. Even if you download an executable file, you will most likely have to give it permissions to run first. So I think it’s more immune to viruses not because of its users, but because of the way it’s designed.
Open source can be a double edged sword for that but I dig it.
I think dependencies in Linux packages does cause a lot of issues but that’s mostly on air gaped networks, and even still manageable.
Sizing the target depends on what threat actors are involved though so those broad stroke statements don’t hold up well in reality, from my Experience.
Not sure what their answer is but not delaying security fixes until some fixed monthly date would be my answer.
And a single place to download and install all those security fixes with one command.
To be fair, critical security patches for Windows are often delivered out of band (not on patch Tuesday). And malware definitions for Defender are daily.
Not trying to defend Microsoft entirely, but not everything is delayed until their monthly update schedule.
To be fair if it’s scored high enough there are usually workarounds posted and supported to hold you over for patch Tuesday.
I’ve done patch management on both platforms and find the predictability easier to manage. But that’s not home use so grain of salt stuff.
GNU/Linux is Libre Software, so that already makes it more secure, because anyone can actually verify what it does and modify it if needed. This means that users are really in control of what the operating system does. It’s difficult to verify what Windows does, but we know that it contains spyware, which isn’t easy to remove.
Installing software from a repository is also safer than downloading it from random websites.
When some library like OpenSSL has a vulnerability, you will get a new version with system updates and all programs will start using that patched version. On Windows usually each program has to have its own update mechanism or it will be stuck with old libraries.
There’s a difference between exploits and malicious software (even though malicious software often makes use of exploits, it is different). I am willing to bet there is way way more malicious software written for Windows than Linux, simply because there’s way more Windows users than Linux users and there’s way more Windows software than Linux software.
Yeah that’s true. But I say false sense of security because that’s what happened to Apple back in the day and they got caught with their pants down lol
To be fair, I haven’t gotten a windows virus in at least 25 years either…
Getting a virus takes real effort. I feel like the whole virus debate is just 2000s hangover, and people never update their shit talking points.
What is actually a threat are scams. Seniors being called, lied to and forced to compromise themselves. Those are the real viruses of 2023. And obviously 99% of seniors are on Windows.
deleted by creator
yeah when you use your brain you don’t get viruses it better than any anti virus software
So the most secure possible option is TempleOS? Suck it, Apple!
OS/2 !!!
Unix for Lyfe
You had the perfect opportunity to mention you use arch and wasted it!
As an arch user myself, I almost tripped over myself running to leave this comment. I do use arch btw.
As a CrossFit enthusiast, I wouldn’t have tripped when rushing to let others know I use Arch.
downloads blind from the aur what happened to my system (this is ment as a joke i mean no offence to anyone)
lmao
I use Kubuntu, BTW.
Getting tired of this smaller target narrative. On desktop, maybe. We don’t know for sure since most Linux doesn’t carry telemetry and one ISO download doesn’t mean one install.
Also, Linux runs some insanely high percentage of the Internet (server, VM, container), IOT and mobile. For every individual who might own a hand full of computers there are 10’s, or perhaps hundreds, of Linux servers out there doing tasks for them. Virus and malware don’t only target desktops. There’s literally no larger target.
I think when people say it is a smaller target for virii, they are talking about an actual virus such as ransomware, crypto miner, adware, trojans, etc. I have zero doubt these types of virii are more targeted on Windows platforms. Linux servers on the other hand are indeed going to be the largest target for exploits. The primary mechanism by which a Linux server is compromised is going to be via an exploit, not an actual virus. That’s not to say they don’t exist. I administer hundreds of Linux servers in several data centers. I don’t believe I’ve ever come across an actual virus in the last decade or so, but do deal with exploit and brute force attempts nonstop. Perhaps this is a matter of semantics. I don’t consider the tools and methods used to exploit systems as a virus.
Exactly. Server exploits tend to lead to leaked credentials, not viruses.
By God you’re right! Installs BeOS haiku
There are very few Linux viruses. With its low market share, it’s not a juicy target, or at least not desktop users.
Yeah that kinda thinking is really not useful. Linux is a very very juicy target these days due to your thinking. Desktop Linux installations are riddled with poor security settings and many server features enabled by default. IOT devices and self spun servers are regularly deployed unsecured as well.
Yeah, even if it IS true that it’s not juicy right now, doesn’t that mentality run directly contradictory to the desire for linux to become more popular? We’re trying to increase market share, so the “not a juicy target” idea is a very wreckless way of thinking.
I disagree. Linux is run on a large number of servers. It may be a less tempting target for Trojan style malware, but exploits and vulnerabilities for Linux are very valuable since you can gain access to large amounts of valuable data.
Vulnerable to malwareMalware compatibleAnd anti cheat don’t work… Malware that gets into internals of windows probably fail like anti cheat
It can still corrupt files. I knew that wine was the shut when I had to delete my wineprefix because Eve Online complained about corrupted file. Even better, a virus scanner would run and detect the malware.
unless its just simple ransomware that will nuke your /home (or Z:\home) content if you don’t sandbox it
Windows version of rm -rf /* would work
technically that is only true if the malware in question does something in the kernel or relies on an unimplemented wine api call, since a lot of malware is an infostealer or ransomware, its quite likely that it’ll work just fine under wine
I use Nix, so I’ll just reinstall my system if anything really bad ever happens. Sometimes I reinstall just because. My important files are on a delegate drive I have to manually mount, so I’m not too worried.
Take the next step, and write a simple ansible playbook to configure your installed applications and services. It looks a little complicated at first but it’s pretty easy.
Then you just keep your playbook with your other files. When you decide to reinstall, you just install
ansible
then run it on your playbook. It’ll install and set up everything you add to your OS.NixOS really is the next step from an ansible setup like yours imo. It can and usually is a fully declarative and immutable system outside of your nix config and whatever personal files you have.
Yeah, I get that. I’m not about to trust NixOS for my production machines at work and since I already know Ansible it’s just as easy for me to manage my home machines the same way.
Of course it’s all personal preference, but I’ve been managing my dot files from the very beginning with nix(home manager). Never tried ansible, but, just like you, don’t really need to, as everything is already set up well in Nix(including all my configs for all my programs).
I only know the Ansible as the intergalactic communication system from Ursula K Le Guins novels, so this comment is too cool to me.
That’s almost certainly where it came from. This might be hard to believe, but Linux devs are often huge nerds.
Oh I’m sure, that word isn’t used for a lot of other things. It’s neat how much anarchist and socialist lore is hidden inside of FOOS and Linux tech terminology, including the word Ansible. So refreshing compared to closed source devs unironically naming their products after murderous AI or what have you.
unheard of.
Impossible.
I know it from the Ender’s Game series, personally.
Ansible was indeed used by Orson Scott Card in his Ender’s series, about 20 or so years after it was first coined by Le Guin. Funny to think of someone reading such good novels as Ursula’s and still coming out of it a bigoted asshole.
One of the things I learned several years ago was how to set up my HD so that the system and home folder are on different partitions. It isn’t terribly hard to do, and every OS installer I’ve used gives you the option. It’s served me very well.
What’s the purpose of having system and home folder on different positions?
You can easily install a new system if your system gets borked or you just want a new distro, and you won’t lose your files.
I don’t have a need for that atm(like I said, my laptop has a separate drive), but will look into that in case I ever need it in the future. My problem with this personally tho is that I share my drive between Windows and Linux, and Linux doesn’t exactly play well with NTFS. Sounds really cool however for having a multi boot Linux system, with all your files shared between distros.
fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub fixme: Stub
⚰️
The year of Linux desktop! Complete with the malwares!
And now some normie is going to think that Wine is actually a virus.
I mean if you consider Windows a virus, by extension…yes? /s 😜
Nah, but proprietary software is often malware.
I thought wine was open source, or am I misunderstanding you ?.
WINE itself is open source, but it’s designed to facilitate the use of proprietary software. (This is because although it can be used to run open-source Windows software, best practice would be to recompile or port that stuff to Linux instead.)
If proprietary software is often malware and WINE is designed to facilitate proprietary software, then WINE is designed to facilitate malware.
(FWIW, I agree with the above statement, but use Wine anyway for a few games.)
It’s certainly better to use WINE to run a few proprietary programs than to run a whole proprietary operating system like Windows :)
I install all wine related stuff inside podman container usin a nice thing called toolbox. That way your system is not polluted with all those libraries and bimboze stuff runs nicely inside a box. Not bulletproof but better than nothing
Could you please provide a link for the toolbox utility? I’m having trouble finding it. Thank you :)
Here’s the git repo https://github.com/containers/toolbox
A similar program named distrobox is also popular, as it has certain features (exports) and more images: https://github.com/89luca89/distrobox
Oh cool. I wasnt aware of distrobox.
Best self checkmate I’ve seen tonight