Maybe newer versions of GNOME/Plasma should make it more clear because some people just click ok on popups It is already quite clear but if people are doing this it means it works, which isn't good.

@@AlfiesFuntime Isn't that the truth. Also wish KDE would get rid of that "Don't ask me again" checkbox.

One issue is the KDE dialog has a rather stupid "don't ask again" checkbox. Sounds reasonable right? Yeah, no. "Don't ask again" means "never ask me how I want to run an executable ever again" not "don't ask me about running this executable again". Clicking that checkbox once permanently turns off that security measure completely unless you specifically reenable it, after which you need to deal with the pop up everytime you want to run any executable directly, even if you trust it.

​​​​@@AlfiesFuntimenope. Its purpose is to clarify the action that will be taken, not protect people from themselves. If you don't read the warnings thats your problem. Its there to tell/ask you whether to run the executable, not protect you from yourself if you don't read warnings. Fool-proof is one thing, but Linus-proofing is a futile effort that just makes the UX worse for no reason. Linus proved pretty plainly that if you're willing to ignore one warning you're willing to ignore 5 more.

​@@GeekIWGthey can keep the checkbox, they just need to make it file-specific. If a user wants to turn it off completely put that setting somewhere else, but the pop-up checkbox should be "Don't ask me again for this file" because as it currently is it's unacceptably ambiguous.

on windows, no extension would say what do you want to do with this file with no extention, notepad, paint? so we're probably safe, jut linux users to worry about.

@@WindowsDaily but.. i am a linux user...

Just use bind mount with noexec option for you downloads directory. $ cat /etc/fstab | tail -n1 /home/x-user/downloads /home/x-user/downloads none bind,noexec,nofail,x-systemd.device-timeout=2 0 0

​@@cindrmonmost file managers have a setting to show a "do you want to run this file" popup when doubleclicking executables

@@cindrmon what would that do? file names don't mean anything, so that wouldn't change the functionality of the file, would it?

I would have checked the file with VirusTotal, even if it actually had ".pdf" extension, because PDF files can contain viruses, and I don't trust any e-mail attachment, even if it came from a legitimate source, because that person could not know that his PC is infected.

Yup, especially the first one. I think it says a lot about our industry practices (using npm without care).

Especially how unicode has devolved into a diarrhea of gotchas. Namely, by allowing it to mix with ASCII

Nice idea but obviously it would still be illegal

@@sayvenMaybe the cybersecurity position is actually hiring black-hat hackers. So the first test does double-duty: If you detect the problem, you get to the next round. If you don't, they still profit from you.

@@__christopher__ This is mad clever fr

bruh mind blowing

So people who make a grammar mistake are automatically people giving you a virus?

I wouldn't even trust a download counter. I'll have to run the file through file command

The download counter is a trophy for the hacker who made that tactic.

This is terrible and hopeless!

I don't think the preinstall script runs the code though.

@@markusklyver6277 there's a lot of article explaining about Dependency Confusion, read and understand it

Another good reason to sign your commits and software packages!

Possibly hunting for access to a good supply chain, e.g. Solarwinds or Linux kernel contributors.

@@dingokidneys luckily the kernel is safe since everything has to pass through Linus before getting merged

@@FlooferLand I have great faith in the kernel development team and of course Linus, but if bad actors keep nibbling at the edges there's a possibility that something nefarious could creep in, if not all at once, in little bits over time. Nation State actors play the long game so we have to be on our toes at all times. The fact that some binary BLOBS of proprietary software are accepted in drivers, like the official nVidia driver, means that if someone can get into the nVidia driver team, they could possibly sneak something effectively into the kernel without review by the kernel team. This is why Stallman and Debian (previously) were so adamant about keeping proprietary software, especially that where the source was not open, out of the ecosystem.

Not just them. Any "company" may ask you to download some form for their rebate or promotion.

some places like Capital One ask you to enter your SS # but it is optional

@@edwardmacnab354It's ALWAYS optional to use your SS# for anything that doesn't directly deal with your employment or personal taxes. Even banks can't require your SS#, even though most of their employees have been trained to tell you that the patriot act requires them to get it from you. It's actually illegal, in most cases, for them to even ask for it. I ran into a situation several years back when I was given a corporate debit card so I could withdraw money to pay for vehicles. Wells Fargo gave me a huge issue over refusing to give them my SS# for a few weeks, but after consulting with their legal department, they told me that I was 100% correct about everything that I told them, and they gave me the card. Even if it had been an interest bearing account, it would not have directly, or even indirectly, been related to MY taxes. The only impact on taxes would have been on the company I worked for. I had an AMEX card, and cards from BoA, Wells Fargo, and TD bank, all with my name and the company name on them, and I never gave any of them my SS#, because you're NEVER supposed to give that to anyone except your employer and whoever is doing your taxes.

That’s unironically very encouraging in regards to the future of Linux in the home. Adoption of Linux is getting high enough for attackers to target end-users and not just servers

I fear the day i have to use an antivirus on linux

The money was spent on a diamond encrusted gold toilet for Kim Jong Un. It's very lavish but awfully painful to sit on. Being a dictator has it's costs.

as if anyone needed more reasons to avoid flatshit, snapshit and other kinds of shit

@@shinobuoshino5066 holy shit

​@@shinobuoshino5066 If you don't like Flatpak or Snap, that's fine. And Snap has closed-source elements, which is also perfectly reasonable to dislike. But the original intention behind Flatpak is that it is on average more secure because the installer never has to leave userspace.

also you'd never ./ a pdf file, you'd run `evince` (or whatever pdf reader you use) on it

@@KingJellyfishII or xdg-open path/to/pdf and this also didn't launch malware executable. IMHO only mc (or other curses file managers) users at risk if they try to open this fake PDF file by selecting it and hitting enter.

furthermore, while double clicking in a file manager may run it, xdg-open will never run the executable

@@aarond309the run function normally requires a prompt or can be deactivated

​@@KingJellyfishIIyou don't use Firefox?

The only terminal I can think of off the top of my head that doesn't support unicode is xterm, which isn't very widely used

6. People ususlly don't "./file.pdf", they usually do " file.pdf"

i agree, i used it and i identified some scams, would recommend

Yeah, as a longtime Linux user, I was a bit confused that the hackers bothered to use a fake period to create a "file extension". Most of the time Linux doesn't care what the "file extension" is. On the other hand, I'm not so sure that common file managers would make it obvious that it's not a PDF. A sufficiently clever attacker could come up with various ways of making it look like a normal PDF at first glance.

Huh, I tried it with my own silly little executables and was surprised to find that, while Linux itself might not care, Dolphin actually cared rather a lot about the file extension. If the file ended in .pdf, it would give it a PDF icon and never try to execute it, instead trying to open it in a PDF viewer, regardless of the junk content. If it had no extension, it wouldn't get the PDF icon, but I would be prompted to confirm that I wanted to execute it. Learned something new today.

Mark-of-the-Web is one of the few ideas Microsoft was genuinely _right_ about on a conceptual level, I think (as long as an option is provided to "run away, I know what I'm doing").

“Yes, I want to execute this picture, why the hell are you asking?..” >computer starts making noises “Must be rendering those pixels or something”

Correction: that window is not about the App Store. It's about code signing. You can run anything that has a valid signature on a Mac by default.

@@null-nl5su Yes I know that. My comment was supposed to be funny :)

MacOS Gatekeeper would have stopped the execution of the file if it wasn't signed (interesting name for a sec tool lol)

first one, probably.. second one, very unlikely

@@dvorakgigachad1444 ma mans a giga

Printing hello world doesnt make you a programmer

This issue makes me think about the whole *npm install everything* if anyone remembers that old issue.

Or you can just realize that JS is the devil, and not use it. JS has been known for serious security holes ever since it was first created, and it's never gotten any better.

Yet only affects windows users who installed linux and tried best they could to make it work like windows. Anyone using GNU/Linux as intended, from the terminal would be told that file is corrupt if they tab, or not found if they wrote full filename with extension. There's 0 risk of them executing it as the way you open files in terminal is write out the program of choice that will open the file, and only then giving it the file to open... Also if you use ls beforehand to look at files anyone will immediately see that file is suspiciously marked as executable, pdf files also are distinct color on my system. And best part is that opening files from terminal is faster than fumbling through GUI with your mouse, so GUIdiots deserve anything coming their way.

@@shinobuoshino5066 So, how does KZfaq look like in terminal?

@@user255 wintoddler grasping straws now, after I posted this comment on firefox... started from terminal.

@@shinobuoshino5066 Oh, I thought GUIs were only for GUIdiots.

@@shinobuoshino5066 If you're not using GET and POST while parsing through all the html with your mind you're not a real terminal truther.

Can't the icon be changed? why would it be a generic icon?

@@lukkkasz323 On some systems you can change the icon, but you have to do it manually. The generic 'file' icon appears when the system doesn't recognize what kind of file it is. Executables often get a general 'file' icon or an icon clearly indicating it's executable. Not something like a PDF icon.

Yep its called magic number and is the first few bytes of the file.

Or just create new user account, it's not that hard.

Or don't run as a user with sudo privilege. Every time you make a 'convenience' decision that is lowering your security.

Imagine being the only person that didn't get caught out in a large scale attack because you used a custom icon pack

I use XFCE and my icon pack makes PDF files pretty obvious. Also Thunar labels the file type when you single click a file

I use terminal so this by default would never work on me even if I wasn't paying attention.

I look in the top comment and see this

Stop it.

worst comment of the year

Yet

Best comment of the year*

true, on my system it would try to generate a preview for a pdf.

GNU/Linux user who has any sense would use terminal to do everything, not some shitty Windows clone DE.

You can still do that if you wish. ;)

tar with some flags even can preserve xattrs attributes of file such as SELinux labels. It's often used for making full system backups.

Not a completely good idea. If an archive includes subdirectories, then _always_ removing the exec bit will make the lower directories inaccessible - in a directory file the exec permission means you can search that directory for files when trying to read those files: you have to know what the files are called. The read bit on a directory allows you to list the contents of that directory (to see the names of the files in that directory).

@@cigmorfil4101You realise I meant in the context of files right? Also the search and read should've been bundled into just one permission. There's no valid use case where you would want to be able to search for files you can't even read.

@@zxuiji directories are files, hope you realise that.

Just learn how to use terminal and suddenly all these problems that target GUIdiots are completely nullified even if you aren't even aware of the fact that you're dealing with a malicious file.

Same here. Running Fedora and the file manager (Nautilus) won't even run a script unless you right-click it.

“I use arch btw” - average arch user

@NB6G lmao so true usually but I only clarified so no one would be like "oh but what do you use" blah blah

Not a chance. Relax.

If you were tech savvy you'd use terminal and know not to type ./pdffile.pdf

Yes, a well-written program won't assume what a file is from its extension or lack thereof.