basically tech

100 Malicious commands

Wednesday 28th November, 2007

There's an alarming post on the Ubuntu forums warning of a recent trend whereby new Ubuntu Linux users are being tricked into running dangerous commands which will delete home directories, or overwrite the system disk, or the like.

One of the great strengths of Linux in particular and Open Source software in general has been the approachability and helpfulness of the community, and it seems some dweebs think its funny to exploit this openness and trick a new user to trash their system.

It's made me think. A significant part (**) of the security of a system lies in the users. Linux and Unix have always been professional operating systems, written by professionals, for use by professionals. When you use the command line to ask a *nix system to do something, the assumption is that you know what you're doing. That system won't ask you if you're sure you want to do what you've typed. It'll just do it. I don't think that should change. For me it's part of the attraction.

I've only used Ubuntu once. I was impressed, but not that much that I would leave the distro I currently use :) . It seemed to me that the Ubuntu people have made it possible to do pretty much anything you might want to do using the GUI, and this is the attraction that has brought in many (welcome!) newcomers to Linux. However the command line is far more powerful and flexible than any GUI, and as people slowly come to realise this and naturally start experimenting, I feel more issues of a similar nature may arise.

If you want your PC (running Linux or Windows) to remain safe and secure, you need to have a particular mindset. "Wary" probably describes it. "Keeping it simple" and experience definitely helps.

(** This is not to say that all systems are equal. Not by a long shot.)