lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAM=4j-78mWz2P+e==Vy+i-SodaoqsvuqEknsnnfJ4361RZ05rw@mail.gmail.com>
Date: Thu, 19 Jan 2012 22:13:06 -0500
From: Wesley Kerfoot <wjak56@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Facebook seems to think my Arch Linux box has
	malware on it

So there I was, innocently posting anti-SOPA links on my wall. I close my
facebook tab temporarily, open a new one a few minutes later, and I’m
logged out of my account.

“Well that’s odd” I think. So I log back in.

“Your computer has malware!” Facebook says to me. They tell me that my
computer has malware, okay, well I am very skeptical of that since I run
Arch Linux, my kernel and all of my software is up-to-date, and I don’t
remember running any strange shell scripts as root.

They then proceed to force me to certify that I’ve run Anti-Virus software,
and link to several Windows and OS-X programs.

“Well that’s offensive to me, both as a Linux user and a Programmer” I
think. Why would they not even bother to check my user-agent to see what OS
I am running? Why does Facebook even have an algorithm to try and detect if
someone has malware on their computer? How do you even say “You have
malware on your computer” with any confidence when the only interface
between you and the user is HTTP? Facebook doesn’t have access to my
computer’s hard disk. They have no right to tell me if I do or do not have
any malware.

So now I am completely locked out of making any changes to my account or
posting on my wall, or anyone else’s. All because Facebook was too lazy to
check for false positives. This will supposedly last for around two days.

I ended up sending a bug report that will most likely be ignored, and not
even looked at. I will most likely end up waiting the two days for my
account to be re-instated because I don’t know anyone who personally works
for facebook that can fix the issue.

The message here for Facebook is that they shouldn’t implement systems that
they can’t support when they fail.

Apparently (this is according to people who I’ve talked to) there is a
virus program going around in the Windows world called the “Carberp”
Trojan. The lesson here is also that even if you refuse to use Windows, you
can still be affected by the mediocrity of Windows. You are not 100% safe
even on Linux, BSD, or Haiku.

Good job Facebook! You just impeded someone who was trying to help you stay
around!

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ