1y ago

Well that didn't go as expected...

For those who are wondering, yes, Wine is malware compatible so be careful about the EXEs you run!

https://wiki.winehq.org/FAQ#Is_Wine_malware-compatible.3F

193 comments

This is why I always test suspicious files on my work issued PC.
- You're the reason my Mondays are always chaos
  
  Then you're not going to be happy with me deploying work production code via my dedicated porn box...
- I see you work for my company...

Image Transcription: Meme
Gru, the long-nosed protagonist of the "Despicable Me" franchise, presents to the camera, pointing into the air and smiling. Behind him is a flipchart with text reading:]
And the best part about using Linux: No viruses!
Still presenting, Gru has his hand in a C shape and his head down as he peers at the gap between his fingers. The text now reads:]
Look at this, a website downloaded a malicious exe on my machine.
Gru now has his hands pointing down, fingers splayed, still presenting. The text now reads:]
Double Click
See? Nothing happe...
Gru looks back to the flipchart in a double-take, his eyes round and wide and his mouth downturned. The text still reads:]
Wine is launching
[The Wine logo: a slightly tipped wine glass with red wine sloshing inside it.]
I am a human who transcribes posts to improve accessibility on Lemmy. Transcriptions help people who use screen readers or other assistive technology to use the site. For more information, see here.
- Good human
- Oh gods I'm tired. I read:
  Image Transcription: Meme
  And saw the line break and thought "Wow. That was a good transcription." I think I need to go back to bed.
- Thanks human
- Does Lemmy not support alt text? I can't add alt text from Infinity for Lemmy; is that because Lemmy doesn't support it or just my client? Because they really should.
  
  As far as I'm aware, Lemmy unfortunately does not provide the option to add alt text to images. Hopefully that will change, though!
  
  It would be great if it had proper alt text. But since an image post can have an additional text body you can put an image description there. I guess it's a good idea to wrap it in a spoiler/<details> element.
  
  undefined
  
  ::: spoiler Image description Gru… :::
  </details>

I feel like, for some weird reason, nobody on lemmy knows how meme templates are supposed to be used.
- It's like watching my parents try to meme and I'm here for it.
- People removed about meme usage. I am home.
- Same thing happened on Reddit, honestly.
- you mean because of the last two panels which are supposed to be the same? I personally prefer this version, it always bothered me reading the same thing twice which didn't add much to the meme
  
  The double take is the meme though…

This happened to me not long ago when I found a monero miner running on my laptop. Being a highly technical person, I feel unbounded shame.
- How did you figure out it was running? How did you confirm? Teach me your methods
  Please
  
  It was pretty easy to spot in htop since it had really high CPU usage. Plus, the command line args it launched with included the word "Monero" multiple times, so that was a bit of a giveaway haha
  
  I might be able to find a weird service or background app at most. Figuring out what is actually happening is beyond me.
- Was it still through WINE? I'd feel bad for the miner as well as it likely couldn't have done the MSR mod so low hashrate lol.
  
  Feeling bad that a scammer couldn't scam hard enough is hilarious. Only in a Linux forum.
  
  Yes it was, I run Zorin (Ubuntu-based) on my laptop.

“Well no problem, they can’t run without root privileges!” -/home left the game
- Time to go back to our "roots" then.
- Reminds me https://xkcd.com/1200

Even better: Wine defaults to giving access to your whole drive to new prefixes.
- Though "only" your personal files are at risk cause of permissions.

You really don't think Linux has viruses? I'm confused by this post. Is it an excuse to shit on wine and windows?
- They're super rare. I've not gotten one once in decades, whereas I've encountered countless viruses on Windows. Linux is more secure, but also it's just a smaller target. Best way to avoid viruses is to use an OS nobody else wants to use *taps head
  
  I think you have a false sense of security with regards to Linux vulnerabilities and exploitations. There are dozen of known exploits throughout the Linux ecosystem that are publicly disclosed frequently.
  What makes you think Linux is more secure than windows? I'm not trying to start an argument here I'm just curious.
  
  To be fair, I haven't gotten a windows virus in at least 25 years either...
  
  So the most secure possible option is TempleOS? Suck it, Apple!
  
  You had the perfect opportunity to mention you use arch and wasted it!
  
  Getting tired of this smaller target narrative. On desktop, maybe. We don't know for sure since most Linux doesn't carry telemetry and one ISO download doesn't mean one install.
  Also, Linux runs some insanely high percentage of the Internet (server, VM, container), IOT and mobile. For every individual who might own a hand full of computers there are 10's, or perhaps hundreds, of Linux servers out there doing tasks for them. Virus and malware don't only target desktops. There's literally no larger target.
  
  By God you're right! Installs BeOS haiku
- There are very few Linux viruses. With its low market share, it's not a juicy target, or at least not desktop users.
  
  Yeah that kinda thinking is really not useful. Linux is a very very juicy target these days due to your thinking. Desktop Linux installations are riddled with poor security settings and many server features enabled by default. IOT devices and self spun servers are regularly deployed unsecured as well.
  https://linuxsecurity.com/features/must-read-articles/linux-malware-the-truth-about-this-growing-threat-updated
  
  I disagree. Linux is run on a large number of servers. It may be a less tempting target for Trojan style malware, but exploits and vulnerabilities for Linux are very valuable since you can gain access to large amounts of valuable data.

~~Vulnerable to malware~~ Malware compatible

And anti cheat don't work..... Malware that gets into internals of windows probably fail like anti cheat
- It can still corrupt files. I knew that wine was the shut when I had to delete my wineprefix because Eve Online complained about corrupted file. Even better, a virus scanner would run and detect the malware.
- unless its just simple ransomware that will nuke your /home (or Z:\home) content if you don't sandbox it
  
  Windows version of rm -rf /* would work
- technically that is only true if the malware in question does something in the kernel or relies on an unimplemented wine api call, since a lot of malware is an infostealer or ransomware, its quite likely that it'll work just fine under wine

I use Nix, so I’ll just reinstall my system if anything really bad ever happens. Sometimes I reinstall just because. My important files are on a delegate drive I have to manually mount, so I’m not too worried.
- Take the next step, and write a simple ansible playbook to configure your installed applications and services. It looks a little complicated at first but it's pretty easy.
  Then you just keep your playbook with your other files. When you decide to reinstall, you just install ansible then run it on your playbook. It'll install and set up everything you add to your OS.
  
  NixOS really is the next step from an ansible setup like yours imo. It can and usually is a fully declarative and immutable system outside of your nix config and whatever personal files you have.
  
  I only know the Ansible as the intergalactic communication system from Ursula K Le Guins novels, so this comment is too cool to me.
- One of the things I learned several years ago was how to set up my HD so that the system and home folder are on different partitions. It isn't terribly hard to do, and every OS installer I've used gives you the option. It's served me very well.
  
  What's the purpose of having system and home folder on different positions?
  
  I don’t have a need for that atm(like I said, my laptop has a separate drive), but will look into that in case I ever need it in the future. My problem with this personally tho is that I share my drive between Windows and Linux, and Linux doesn’t exactly play well with NTFS. Sounds really cool however for having a multi boot Linux system, with all your files shared between distros.

 undefined

    
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub
fixme: Stub

⚰️

The year of Linux desktop! Complete with the malwares!

And now some normie is going to think that Wine is actually a virus.
- I mean if you consider Windows a virus, by extension...yes? /s 😜
- Nah, but proprietary software is often malware.
  
  I thought wine was open source, or am I misunderstanding you ?.

I install all wine related stuff inside podman container usin a nice thing called toolbox. That way your system is not polluted with all those libraries and bimboze stuff runs nicely inside a box. Not bulletproof but better than nothing
- Could you please provide a link for the toolbox utility? I'm having trouble finding it. Thank you :)
  
  Here's the git repo https://github.com/containers/toolbox
  A similar program named distrobox is also popular, as it has certain features (exports) and more images: https://github.com/89luca89/distrobox
  
  @hackris @Hovenko a lot of people use bottles. The official package is on flatpak.

Best self checkmate I've seen tonight

Damn, I wanted them free fortnite bucks.

Wine also mounts your home directory by default so... yeah...

no matter what os you use you can get viruses on linux and macos the chanche is slimmer because they have a smaller user base. the only way to not get viruses is to use your brain. for those who don't know there are linux viruses and you can get them if you don't pay attention
- People say this but I don't think it's true. The vast majority of internet servers run on Linux and they are much higher-value targets than your laptop. It is more secure than windows, not just because of the smaller user base. However you're right of course that you can still get viruses.
  
  The other counterpoint is Mac OS 9 and earlier. Had a minority of the user share, had a ton of viruses.
  
  Those servers have teams of trained individuals whose job is to secure them and keep them bulletproof. It's a bit different from grandma downloading random crap on her Linux mint desktop to be fair.
  
  Which part are you saying isn't true?

I remember. 22 years ago. https://m.slashdot.org/story/20461
And 14 years ago. https://m.slashdot.org/story/126359
- Oh man slashdot takes me back
  
  When I left Reddit I fired up feedley and cleaned up my RSS feeds a bit. slashdot was still there. Still putting out content worth reading.
- I am reminded of a painful memory while playing with a CTF challenge. It was past 2am I executed a .exe with wine of what was supposed to be a malware in that scenario. Sure enough I launched it with Wine (yes, it was a very bad idea)
  There was no window after the couple errors displayed on the console. I gave it a couple of minutes to start and then moved on to fine other clues in the challenge because obviously Wine cannot run it, right? Wine is surely not advanced enough yet! The thing was encrypting all my drives!!
  I killed it after it ran a good 5 minutes and only realised the damage an hour later. I had to put an all nighter to do a crash course on PowerShell to code a decrypter after decompiling the malware to find the encryption key.
  Lessons learned: use containers/VMs for that stuff. And yeah, Wine does work fine, too fine.

I just got a real bad malware on my windows PC and I'm legit considering using Linux as a response. What's the best into to someone who isn't a programmer but understands computers relatively well enough?
- Try a few different distros. People often recommend Mint for a beginner. I use Fedora personally, I also like Debian, it's stable but a bit boring and can be outdated. You can also creat a bootable live USB and try before you install!
  
  Tbh, I consider "a bit boring" a pretty good feature for an OS. "Exciting" usually means dozens of hours to fix simple things.
  
  To clarify, because I think this would be pretty confusing for someone who isn't already into Linux.
  So a "distro" is short for a distribution of linux. Strictly speaking, Linux is just a kernel which is a technical component of an operating system. A few different organizations have taken the Linux kernel and added the necessary additions to turn it into a typical PC operating system e.g. Ubuntu, Linux Mint, Fedora, CentOS, Arch Linux, Manjaro Linux. Some are harder to get set up and some are plug and play. Ubuntu, Linux Mint, and Manjaro are considered to be "easy" to set up. Arch Linux is typically considered the hardest.
  But how do you actually install it? (1) choose the distro. (2) download the .iso file from their website (a few gigabytes). (3) burn it into a spare usb flash drive to make a "live boot usb". (4) go into your BIOS and select to boot from your usb instead of your typical hard drive. Now you should be in your chosen distro. Conside this a sandbox that is contained to only your flashdrive. If you shutdown and remove the flash drive, nothing would change. (5 optional) play around and try it out. Do you like it? (6) Double click the installer on the desktop to install it on your hard drive for-real.
  A note on step (3), you can find guides for this online. My favorite software that does this on windows is rufus.
  A note on step (4), everyone's BIOS looks a little different. You can search "how to change boot options on XYZ" for your laptop/motherboard.
  A note on step (6), if you really hate windows, you're free to nuke it, but your installer will give you the option to "install alongside windows" which will let you choose which OS to boot into on startup. This is known as "dual booting". It's the option with less commitment, but sometimes minor issues come up that requires troubleshooting (windows likes to fuck shit up when it updates).
- Starting out I'd say linux mint with a cinnamon desktop.
  
  What's a cinnamon desktop?
- Where does that idea come from that you have to be a programmer to use Linux? Is it because it's sometimes faster to type a command? That's not programming. It's the same way that it's faster to type your text that to get a voice recognition program to input it correctly.
  
  Idk I just get the vibe that it's a "programmers OS" I'm sure that I'm wrong, especially after looking more into it but that outsider opinion isn't unwarranted IMO especially after looking at something like Arch
- Mint or Pop!_OS if you use nvidia.
  
  PopOs Nvidia version is amazing for common gaming laptops.
- Same thing happened to me last year. Right into the uefi. Spent months fighting it after it got into phones,, laptops, Linux Windows, whatever. Eventually got it gone and had been (trying mostly) to use Linux during the whole fiasco. During one of about 150 reinstalls of windows I couldn't remember my password and wasn't getting any of the password reset emails I was repeatedly requesting.
  I was locked out of my own fucking computer with nothing to do but reinstall windows. The same shit could happen with Linux except I wouldn't have an expectation that a fucking password reset button would work.
  That was the part straw for me. I viewed never to use windows again unless I absolutely had to.
  And now that I've gotten thang of it: I fucking love Linux. I'm continually learning more about both Linux and computers. I feel like I'm peeling back later after layer after layer of useful interesting shit that windows purposefully kept from me.
  Parts of the learning process were rough, not going to lie, but my god. I fucking love the command line. I just love it.
  
  How would I know if the malware got into my Wi-Fi???
- Pop_OS!
  It's not the best (technically), but its defaults have great compatability and work essentially everywhere.
  Search how Pop_OS! Looks though, because it looks quite different to Windows (and you might want something that looks like Windows).
  If you want a taskbar like Windows, use Kubuntu (and don't touch many settings or the terminal, KDE has a habit to break if you don't know what your doing) or Cinnamon.
  Kubuntu is modern, highly customizable and comes with good defaults. It'll also scale well if you want to put in the time.
  Cinnamon has a slightly more outdated look, but it's built ontop of the same base as Kubuntu, so it should work out of the box without any customization. It's good for beginers, and reasonably hard to break (for Linux). But it's not as customizable and won't scale as well as Kubuntu if you want to deep dive into Linux at some point.
- If you're on Linux, you're probably downloading apps through your package manager, or things like Flathub/Snap Store. These places are generally much safer than random .exes on the internet anyways, so just keep being cautious and you'll be fine.
- EndeavourOS
- My personal pick is Nobara (which is fedora but with easy codecs and driver install script). But anything Ubuntu or Fedora bases is going to work great (From what I remember Nobara and POP_OS! Have great Nvidia support out of the box)
- Zorin OS is a personal favorite. Don't worry about the paied version, just get the free one. You can get everything on the paid version for free, it's just so thr deevs can get some support

Sadly "Wine is not a container" doesn't make for a good acronym.
- WINC? 😉

I haven't run a Linux machine in years. Has wine improved or was I just not savvy enough to get things to run on it?
- If you run games with Steam on Linux, it will probably use Proton, which uses Wine. It allows thousands of games to be click & play now on Linux now. See: https://www.protondb.com/
- It's gotten significantly better since ~2010 or so when I was first struggling with it. Valve developing Proton on top of it definitely didn't hurt even if that in particular is more games focused.
- Wine has gotten pretty good, but mostly for games rather than traditional applications.
  
  I've used it for some windows only programs and it works great, the only gripe I could have is the one looks different because of the fonts. I'm sure I could add in the fonts or w/e and make it identical though.
- It can't run literally everything, but it's pretty damn good, in my opinion. Not that I find myself needing to run a whole lot with it, though.
- I still get excited launching steam on Linux.
- It's really good for WoW and GW2.
  
  How's the blizz launcher now? I bailed and went to ffxiv and that plays flawlessly. I keep trying to talk myself out of going back to wow because of how toxic it became.
- Both

I didn't know malware compatible was a term, oh it's wonderful! I'm gonna use it on people in real life hehe

Sudo apt purge wine

how could it be though? a malware written for windows isn't the same as one written for linux, even if it got out to your computer it shouldn't be able to do really anything since it can't orient itself around an operating system it wasn't written for

Well, the difference is that you can eradicate the Malware for Wine by doing a quick sudo apt-get purge wine && apt-get install wine and be done with it.
- That wouldn't remove the Wine prefix, i. e. the virtual C:\ drive where the virus most likely lives. Uninstalling Wine wouldn't do shit since it only removes files that your user (and thus wine) can't even write to, and if a virus manages to get around that you have bigger problems.
- I don't use Wine so I'm really not sure if this would be prevented, but if Wine has read/write file access and the virus is ransomware and encrypts your files then re-installing it really wouldn't help you.
  
  I don't use Wine so I'm really not sure if this would be prevented
  It is not prevented. In fact I saw a video where someone removed the Z:\ drive for wine (the path that gives windows apps access to the whole Linux rootfs) and then ran Wannacry, and it was somehow still able to encrypt all writable folders on the system.

193 comments