• @LordKitsuna
    link
    46 hours ago

    Sure, if they put in the effort. Most don’t even when Distributing malware

    • N.E.P.T.R
      link
      fedilink
      English
      -23 hours ago

      That isnt a great defense against malware “imho”. Security through assuming the threat actor is lazy is just not security. It doesnt take like any effort on their part to just use some off-the-shelf OS fingerprinting code. It isnt worth it either because it contributes to your overall fingerprint, since normal RFP users have a standardized useragent for Windows and Linux separately.

        • N.E.P.T.R
          link
          fedilink
          English
          020 minutes ago

          It really isnt any defense. All a website can do is initiate a download, websites are sandboxed by default. You still have to run the executable, which doesnt really apply to Linux because the file will have no executable permission.

      • @LordKitsuna
        link
        22 hours ago

        Security is layers, i utilize apparmor and firejail personally. And in fact 90% of widespread malware specifically relies on lazy people. Often targets default passwords etc

        • N.E.P.T.R
          link
          fedilink
          English
          13 minutes ago

          Firejail is a large SETUID binary which can (and has) aid in privilege escalation. It is recommended to avoid it for this reason.

          See: https://madaidans-insecurities.github.io/linux.html#firejail

          If you are relying on community sandboxing profiles and not making your own, i can understand why Firejail is interesting as a choice because of its large community.

          If you are making your own, consider checking out Bubblewrap (available on most Linux systems), Bubblejail), Crablock, and Sydbox, which all use unprivileged sandboxes.