Another silly question

[Longman, Bill]

> > I agree that there is no know spyware for linux.  I was just having
> > this discussion with some friends over the weekend and some 
> argue the
> > root versus user wall.  Others argue that since Linux is opensource
> > if you were to find spyware code you could just delete it.  I think
> > it's easier than that.  Linux just doesn't have the market share to
> > appeal to marketers of spyware.  4% of the computer market 
> just isn't
> > feasible.  Having said that, if any flavor of linux ever became a
> > strong market share holder, lookout.

If you install binaries only, you *always* open yourself up to the potential
for spyware. If you install your source code and compile it yourself, again,
you risk spyware installation because how many of you have *ever* run
through the code yourself? See. It's a matter of how much you trust the code
you are using, really. (I still run D2 off the CD-ROM because there's no way
in hell I'm going to run any "no cd" patch from an .exe I downloaded. I'm
dumb but not *that* dumb.) You can easily install an .xpi in Mozilla. Just
click "Yes". Now your browser has more intelligence but do you know all the
workings in that code? Roll the dice.

On my Win2k machine, my firewall knows which apps are allowed to talk on
which ports. I never let Outlook see http, ftp. If you can do the same on
your machine -- force your apps to use only the ports you specify -- you'll
at least mitigate the ability of some apps to "phone home". Obviously, you
won't be able to stop that browser helper that uses http....

I don't know of any Linux firewalls that can do per-application network
access control for *outbound* traffic. You might be able to rig something up
with user mode linux.