back to article Rovnix Trojan infection outbreak infects 130,000 machines in Blighty

A new cluster of infections by the Rovnix Trojan has infected more than 130,000 Windows computers in the UK alone. The data-stealing malware is also affecting Germany, Italy, the US and Iran to a far lesser extent - 87 per cent of the computers infected are actually in the UK, according to anti-virus firm Bitdefender. Rovnix …

  1. Rol Silver badge

    A simply secure OS ?

    I use No Script in a Firefox browser running on a Linux distro.

    That is as safe as I can make things and that safety comes with strings, or more pertinently, comes without baubles attached.

    By crippling the usability and interactive dimension of the internet I am not getting the full pizazz of what those kindly developers intended, but in trading away all that lovely gooey guff, I get something a lot more secure.

    I could spend my next five lifetimes trimming away the unnecessary components that make up my OS in the hope I am minimising the attack vectors and still have a system that wants to engage me in more ways than I require.

    It is about time the OS scribblers gave each and everyone of its customers the ability to cut everything down to the core and then some, to then allow the most simplest of actions to be carried out, like, accessing your bank account, in black and white, with no gifs, no animations, no "would you like twitter with that"

    By offering up a more simple OS and browser, the opportunity to make it really secure is made much easier.

    Basically at start up a menu will give you the ability to run the all singing all dancing OS or the tone deaf, two left feet version that is recommended for security sensitive work, as it is far easier to get ten thousand lines of coding right than it is to get ten million.

    1. johnaaronrose

      Re: A simply secure OS ?

      @rol

      I use Firefox in Ubuntu but without No Script as I found it a pain with many websites. What type of attacks am I vulnerable to? IF possible, please give specific examples.

      1. Frankee Llonnygog

        Re: A simply secure OS ?

        Be reassured that you are not vulnerable to "a data-stealing trojan that spreads by email and infects Windows PCs"

    2. Robert Helpmann??
      Childcatcher

      Re: A simply secure OS ?

      I use No Script in a Firefox browser running on a Linux distro. That is as safe as I can make things...

      You might try running Lynx on Qubes OS.

    3. Paul Crawford Silver badge

      Re: A simply secure OS ?

      The problem for most folk is that so much of what they want to do on-line, like buy stuff, relies on stuff that NoScript blocks. Once users get the idea of just clicking 'yes' to make things work you have something just as bad as the typical Windows plus shitty AV software that asks users if they want shaftmesideways.exe to run.

      Until (and I advise you not to hold your breath) most web sites are designed to work without suspect scripting that crosses domains, then NoScript is just an annoyance to non-tech folk that they will click-through, rendering it pointless.

      1. Looper

        Re: A simply secure OS ?

        "NoScript is just an annoyance to non-tech folk that they will click-through, rendering it pointless."

        Disagree. Bit by bit the user should get to know what scripts are required to operate most websites without unnecessary scripts being allowed. That is the entire point of NoScript if used according to its raison d'être. To teach users which scripts are necessary and which are not. With a modicum of research on any script the user can decide if it is purely a data slurper with no other useful purpose, or potentially has some use.

        I permanently allow very few scripts, which means temporarily allowing just enough scripts for each website in order to use it. I am so used to this now I hardly notice it. It's part of the web for me and a real eye opener as to who the main offenders are and how many hidden scripts run behind the scenes on many websites. I prefer to know how badly designed each website is and how much slurping it "requires" before handing over that control.

    4. Solmyr ibn Wali Barad

      Re: A simply secure OS ?

      "By crippling the usability and interactive dimension of the internet I am not getting the full pizazz of what those kindly developers intended"

      You'd miss a lot of spinning wheels, an overflowing netstat table with zillions of connections to god-knows-where, and a nice cuppa you absolutely had to have - because there's bugger else you can do with your browser while those kindly scripts are running. Unless you're willing to fire up another VM to have a look at another webpage.

      Interactive dimension indeed.

  2. frank ly

    In many years of using Windows ...

    ... I only got a virus once (as detected by whatever anti-virus I had). That was when I did something stupid - I downloaded a printer driver from a website, devoted to drivers, that anyone could upload to - yes, very stupid.

    Do so many people really click on the links (obfuscated or otherwise) they see in spam/phising emails?

    1. David Pollard
      Trollface

      Re: In many years of using Windows ...

      "Do so many people really click on the links ?"

      Enough!

    2. Anonymous Coward
      Anonymous Coward

      Re: In many years of using Windows ...

      In many years of using Windows ...

      ... I only got a virus once (as detected by whatever anti-virus I had).

      I had two. One of which was Windows.

  3. Singe
    Holmes

    Really, Noscript?

    Read the article again, the threat vector is a malicious email attachment, not a drive by download!!!!

    1. johnaaronrose

      Example attacks

      @singe

      I already asked this before but with no replies. So I thought that I'd ask someone who's sensible. I use Firefox in Ubuntu but without No Script as I found it a pain with many websites. What type of attacks am I vulnerable to? If possible, please give specific examples.

      1. Singe

        Re: Example attacks

        I can't provide specific examples, but as you're using a Linux distro as your browsing OS, you have, by default, significantly reduced the impact of malware delivered over the browser. Most malware still targets Windows users, simply because it's a lot easier. That's not to say other operating systems are less vulnerable, just less so.

        Having said that, the pain of dealing with NoScript IS worth it in my opinion. It does, to my annoyance sometimes interfere with some sites I regularly visit, but in fairness, clicking on the NoScript button at the bottom of the browser usually sorts it out quickly. As it frequently updates though, and you have to admire the developer for the frequency of the updates, what you have allowed in the past may break, albeit briefly.

      2. Rol Silver badge

        Re: Example attacks

        Sorry, I didn't get back to your original query, but I have been away.

        I can't really add to the previous reply, except to agree that NOScript is a learning curve that you will get the hang of very quickly.

        As for known threats to Linux, well perhaps this link to Wikipedia might throw some light on it.

        http://en.wikipedia.org/wiki/Linux_malware.

        Prior to Noscript I had many issues, with pages taking forever to load and seemingly losing the ability to close some pages without rebooting, life since has been trouble free, but just to stoke the paranoia, that could just mean the intrusions have got more sophisticated.

  4. Anonymous Coward
    Anonymous Coward

    Optional

    The reason for this is that Windows is for games and games only. All they should ever be able to steal is your Steam password.

    1. Anonymous Coward
      Happy

      Re: Optional

      and that would be no loss at all

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021