You are viewing a single thread.
View all comments
57 points

It seems like they could be rendered ineffective by simply disabling auto run and forcing removable drives to mount noexec.

permalink
report
reply
48 points

This should be the default on all PCs.

permalink
report
parent
reply
42 points

I thought we learned that like two decades ago.

https://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal

permalink
report
parent
reply
5 points
*
Removed by mod
permalink
report
parent
reply
-24 points

Does any Linux distro have autorun? Because Windows isn’t really an OS anyway.

permalink
report
parent
reply
18 points

Windows isn’t an OS? What kind of nonsense is this?

I’d say the team from DEC who created it, would differ.

permalink
report
parent
reply
18 points

Yes, Linux has autorun and some distros have it enabled by default.

permalink
report
parent
reply
8 points

You would be shocked at the amount of times employees would bring devices into our air gapped network.

permalink
report
parent
reply
6 points

Yeah our corporate machines won’t run any external media. I assumed that was standard practice.

permalink
report
parent
reply
3 points

Well it’s believed it entices users to click the malware to run by disguising itself as the last accessed folder with the same name and folder icon.

In that case having the option to always show extensions enabled would be helpful for trained users who care to be careful.

It’s not that interesting sounding given we know the NSA and eyes countries have developed compromised firmware for certain hard drives to enable true spread without interaction or hope of prevention. Whenever I see one of these I wonder if it’ll be a case of compromising the device itself but it’s this old stuff instead which can be defeated with a good security posture.

permalink
report
parent
reply
19 points

Hidden file extensions is such a terrible default it amazes me that Microsoft is still doing that

permalink
report
parent
reply
2 points

macOS does this too shockingly despite using the file extension as a “hint” to the file type. I think it’s unique in that most UNIX/Linux systems use magic number and Windows blindly accepts that the file is of the type that matches the extension.

permalink
report
parent
reply
3 points

When the drive is mounted noexec it’s not possible to run any programs on it. You can also mount any user writable directories noexec so they can’t copy the program somewhere else and run it.

permalink
report
parent
reply

Technology

!technology@lemmy.world

Create post

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


Community stats

  • 17K

    Monthly active users

  • 12K

    Posts

  • 544K

    Comments