Quote of the day…
“The point is that I was dumb enough to think that Ubuntu was secure enough out here in the Linux wonderland that I love so much that I ended up on gnome-look downloading everything that looked cool without examining everything first.”
The quote is taken from a thread about a “screensaver” for Ubuntu, sourced from gnome-look.org, that installed malicious script (as reported here). There was also a dangerous “theme” entitled “Ninja Black” (info here).
Here is a message, allegedly from the screensaver author – scary, yes?
I have been saying this for years … we need to stop saying "use this - its better". They need to say "use this - its better - but make sure you check regularly for security updates and patches, and always practice safe hex". I’m not going to say “only install software from trusted sources”, because even the trustworthy screw up – let’s not forget what happened to Mozilla when the Vietnamese Language Pack trojan was uploaded to addons.mozilla.org, orthat there were HP drivers infected with a virus. Lenovo has been hit, as has ASUS.
Remember, there is no software on this planet that will protect its users from attack via social engineering. It may be able to protect you from infection **without user interaction** to some extent, but it can’t protect you from yourself.