Page 1 of 1

How to prevent external hard drive full of win malware, virus etc infecting my linux OS?

Posted: Thu Nov 01, 2018 2:16 am
by AsusSucks
I have an 2T external hard drive full with stuff when I was still using windows. Let's assume it is full with malware, viruses, trojans and other things like that.
What happens if I connect that drive now when I am using xfce 19? Will it auto transfer/infect my linux OS or would it only happen if I transfer some files my self?

I have some videos on it for example that I would like to transfer but I wonder if it is even safe to attach that hard drive.

Re: How to prevent external hard drive full of win malware, virus etc infecting my linux OS?

Posted: Thu Nov 01, 2018 3:03 am
by administrollaattori
Do not install and use Wine.

Re: How to prevent external hard drive full of win malware, virus etc infecting my linux OS?

Posted: Thu Nov 01, 2018 3:11 am
by Pierre
none of that stuff will affect your copy of xfce 19 - - you are quite safe in connecting that drive. .. .

however, you could check that drive, using an live boot disk from one of the many A/V companies,
that do supply such an A/V disk 8)
https://www.itechtics.com/rescue-disc-virus-scan/
you should always use one that comes as an Linux ISO - rather than an windows based EXE file.

Re: How to prevent external hard drive full of win malware, virus etc infecting my linux OS?

Posted: Thu Nov 01, 2018 3:41 am
by AscLinux
administrollaattori wrote:
Thu Nov 01, 2018 3:03 am
Do not install and use Wine.
This is an internet myth. Wine is not not Windows. Assuming it has same security holes as Windows is plain amateur. Furthermore, even if it had it still could not affect the underlying OS.

Re: How to prevent external hard drive full of win malware, virus etc infecting my linux OS?

Posted: Thu Nov 01, 2018 4:55 am
by xenopeek
AscLinux wrote:
Thu Nov 01, 2018 3:41 am
This is an internet myth.
Funny, but it's fact according to Wine themselves:
Is Wine malware-compatible?
How good is Wine at sandboxing Windows apps?

Re: How to prevent external hard drive full of win malware, virus etc infecting my linux OS?

Posted: Thu Nov 01, 2018 4:59 am
by snowflake
AscLinux wrote:
Thu Nov 01, 2018 3:41 am
Assuming it has same security holes as Windows
Assuming Wine does get windows viruses, Assuming that virus can escape & reach beyond WINE environment, then assuming that Virus is cross-platform enough to live & work in Linux ecosystem...Assuming It can molest (or come anywhere near) system directories..
such almighty Virus needs to be launched by the user (through wine?) then needs some hand-holding by someone (the user?),..yeah that's very unlikely to happen, I'm no expert feel free to correct me
but just to be safe:
administrollaattori wrote:
Thu Nov 01, 2018 3:03 am
Do not install and use Wine.

Re: How to prevent external hard drive full of win malware, virus etc infecting my linux OS?

Posted: Thu Nov 01, 2018 6:33 am
by Pjotr
xenopeek wrote:
Thu Nov 01, 2018 4:55 am
AscLinux wrote:
Thu Nov 01, 2018 3:41 am
This is an internet myth.
Funny, but it's fact according to Wine themselves:
Is Wine malware-compatible?
How good is Wine at sandboxing Windows apps?
Indeed. The Wine devs are quite honest about it, as they should. Not only to prevent litigation, but also out of moral considerations. Kudo's to them.

As said: don't install Wine or any other Windows emulator, and you should be fine with that external hard disk.

Re: How to prevent external hard drive full of win malware, virus etc infecting my linux OS?

Posted: Thu Nov 01, 2018 7:46 am
by Hoser Rob
AscLinux wrote:
Thu Nov 01, 2018 3:41 am
administrollaattori wrote:
Thu Nov 01, 2018 3:03 am
Do not install and use Wine.
This is an internet myth. Wine is not not Windows. Assuming it has same security holes as Windows is plain amateur. Furthermore, even if it had it still could not affect the underlying OS.
You are SO wrong, please stop.

Re: How to prevent external hard drive full of win malware, virus etc infecting my linux OS?

Posted: Thu Nov 01, 2018 4:51 pm
by jglen490
AsusSucks wrote:
Thu Nov 01, 2018 2:16 am
I have an 2T external hard drive full with stuff when I was still using windows. Let's assume it is full with malware, viruses, trojans and other things like that.
What happens if I connect that drive now when I am using xfce 19? Will it auto transfer/infect my linux OS or would it only happen if I transfer some files my self?

I have some videos on it for example that I would like to transfer but I wonder if it is even safe to attach that hard drive.
If you are still uncertain, you could always install a Linux anti-virus such as ClamAV (and others) to check the drive for Linux malware. But, you will be fine without Wine.

if there is just data on that drive such as MP3s, docs, pdfs, movies, they all work without Wine using applicable Linux applications. Games can be a bit problematic, but there may be equivalents available - I'm not a gamer.

Re: How to prevent external hard drive full of win malware, virus etc infecting my linux OS?

Posted: Thu Nov 01, 2018 7:29 pm
by GS3
AsusSucks wrote:
Thu Nov 01, 2018 2:16 am
I have an 2T external hard drive full with stuff when I was still using windows. Let's assume it is full with malware, viruses, trojans and other things like that.
What happens if I connect that drive now when I am using xfce 19? Will it auto transfer/infect my linux OS or would it only happen if I transfer some files my self?

I have some videos on it for example that I would like to transfer but I wonder if it is even safe to attach that hard drive.
If you just connect the drive to a Linux machine nothing bad will happen. You can transfer photos, videos, music, and any non-executable files and they should be safe. Windows executable files can be infected but there is no point in transferring them since they are not executable in Linux.

Even in Windows you can connect the drive provided it does not auto-run. This means the root directory of the drive does not have something set to auto-run when the drive is connected and/or the windows machine is configured to not auto-run drives (which is something I always do).

Re: How to prevent external hard drive full of win malware, virus etc infecting my linux OS?

Posted: Thu Nov 01, 2018 8:04 pm
by phd21
Hi AsusSucks,

I just read your post and the good replies to it. Here are my thoughts on this as well.

I would certainly create a bootable DVD/CD or USB stick of an anti-virus rescue disk and update the virus definitions database, check its settings to make sure it will scan files over a certain size (the size of the largest video file), then scan the entire drive overnight.

FYI: That's a great web article "Pierre" linked to, but not all of those anti-virus rescue discs can scan Linux and MS Windows file systems at the same time.

When I first came from MS Windows to Linux, I did the same thing, booted to a rescue disc and scanned all my MS Windows drives and USB sticks to make sure they were clean and safe. I use Kaspersky on DVD, Avira, and Dr.Web (these I know can scan both MS Windows and Linux file systems). I still run one of these on my system and drives once a month or so or if I feel the need because of some warnings, and always run it overnight.

Hope this helps ...

Re: How to prevent external hard drive full of win malware, virus etc infecting my linux OS?

Posted: Thu Nov 01, 2018 8:47 pm
by gm10
snowflake wrote:
Thu Nov 01, 2018 4:59 am
AscLinux wrote:
Thu Nov 01, 2018 3:41 am
Assuming it has same security holes as Windows
Assuming Wine does get windows viruses, Assuming that virus can escape & reach beyond WINE environment, then assuming that Virus is cross-platform enough to live & work in Linux ecosystem...Assuming It can molest (or come anywhere near) system directories..
such almighty Virus needs to be launched by the user (through wine?) then needs some hand-holding by someone (the user?),..yeah that's very unlikely to happen, I'm no expert feel free to correct me
You've got a strangely limited understanding of malware. It doesn't need to live and work anywhere. Say it's a Windows ransomware, then running through Wine it can encrypt your entire home/user folder no questions asked. You can also configure auto-starts, change file associations, etc. without ever needing authorization. You can freely download and run additional software as needed.

But even if the malware did ask the question - your password - you'd likely give it. Much/most of the Linux Mint userbase is completely oblivious to what actually requires authorization and why, anyway, but even if they are they are completely used to having to provide their password when running a new software for the first time.

In addition, your typical Linux Mint system with Wine is much less secured than a Windows counterpart due to lack of anti-virus and personal firewall which are pre-installed on Windows. So unlike on Windows no matter how bad the malware is, on Linux Mint w/ Wine it will never get detected by anything and the user will never get notified of anything.

Re: How to prevent external hard drive full of win malware, virus etc infecting my linux OS?

Posted: Fri Nov 02, 2018 3:35 am
by snowflake
gm10 wrote:
Thu Nov 01, 2018 8:47 pm
You've got a strangely limited understanding of malware. It doesn't need to live and work anywhere. Say it's a Windows ransomware, then running through Wine it can encrypt your entire home/user folder no questions asked. You can also configure auto-starts, change file associations, etc. without ever needing authorization. You can freely download and run additional software as needed.

But even if the malware did ask the question - your password - you'd likely give it. Much/most of the Linux Mint userbase is completely oblivious to what actually requires authorization and why, anyway, but even if they are they are completely used to having to provide their password when running a new software for the first time.

In addition, your typical Linux Mint system with Wine is much less secured than a Windows counterpart due to lack of anti-virus and personal firewall which are pre-installed on Windows. So unlike on Windows no matter how bad the malware is, on Linux Mint w/ Wine it will never get detected by anything and the user will never get notified of anything.
Yes I do have a limited understanding of malware, dont know why you think its "strange", I did say I'm no expert didn't I?, I do intend to learn, so here we go:

I believe It does need a piece of ram to live, when not granted memory how is that code going to work? it can only use what its given through wine, so it needs wine to work, it lives (for the time being?) in the memory, & works @ wine, & no i dont think it can just "encrypt my home folder" just like that, Ok maybe I'm wrong here
I will look into this a bit more later..,

been using Wine for years, when running windows software through it,I have never, ever, ever, not once, had to give my password, even when installing a fresh program, & if a i ever encounter a piece of software that does ask for my password, I'm going to get very paranoid , maybe that's just me...

Yeah I've got nothing to say to that last statement, you are saying we should'n use wine because it makes Linux less secure than windows, I really hope you're wrong about this one

Re: How to prevent external hard drive full of win malware, virus etc infecting my linux OS?

Posted: Fri Nov 02, 2018 3:59 am
by gm10
snowflake wrote:
Fri Nov 02, 2018 3:35 am
so it needs wine to work, it lives (for the time being?) in the memory
Well of course, if it's a Windows malware then it needs Wine, that's what the discussion was about.
snowflake wrote:
Fri Nov 02, 2018 3:35 am
no i dont think it can just "encrypt my home folder" just like that, Ok maybe I'm wrong here
I will look into this a bit more later..,
I don't even need Wine for that. If you need proof, I can give you a (long) one-liner to paste into your terminal along with a bitcoin address where you can send me money to get your files back. :P (j/k on the money, but that's what a ransomware would do)
snowflake wrote:
Fri Nov 02, 2018 3:35 am
been using Wine for years, when running windows software through it,I have never, ever, ever, not once, had to give my password, even when installing a fresh program, & if a i ever encounter a piece of software that does ask for my password, I'm going to get very paranoid , maybe that's just me...
I wasn't talking about installing it via Wine. I was saying how you cannot install any application via Software Manager without supplying your password first. Now what I was also saying is that a program run through Wine can modify anything within your user profile. As such it can modify the Software Manager you run, too. You will happily give your password to it but now you also gave it to the malicious program you ran through Wine. And you'd be none the wiser.

Now that specific scenario won't happen within the context of a malware written for Windows which knows nothing about Mint's Software Manager, but the possibility of other malicious code doing that to your system is very real.

Writing malware isn't hard. Once I get you to run my code on your system I own you. So the tricky part is just to get the user to run the malware once. After that all bets are off.
snowflake wrote:
Fri Nov 02, 2018 3:35 am
Yeah I've got nothing to say to that last statement, you are saying we should'n use wine because it makes Linux less secure than windows, I really hope you're wrong about this one
No, I'm not saying that. I'm saying that any code you run on your system potentially has the power to do what I described above. Any terminal instructions I give you here on the forums, any form of executable you get from anywhere else. That's why it's important to either understand the code you're using or that you're getting it from a source you trust to know what they are giving you.

Running code through Wine isn't more or less secure than running it through anything else as such. The special consideration for Wine is just that the overwhelming majority of known malware was written for the Windows operating system (for no other reason than Windows having complete market dominance for desktop PCs), and Wine is what can allow this malware to run on your Linux operating system, where it may or may not do harm (you are correct insofar as not all malware written specifically for Windows will matter to what you do on Linux, but enough of it will). Responsibly using Wine is perfectly fine, but you are increasing your attack surface by having it installed and that's what you need to realize.

Re: How to prevent external hard drive full of win malware, virus etc infecting my linux OS?

Posted: Fri Nov 02, 2018 6:19 am
by Pjotr
gm10 wrote:
Fri Nov 02, 2018 3:59 am
you are increasing your attack surface by having it installed and that's what you need to realize.
I would add: you are increasing your attack surface dramatically. For the rest: kudo's for your fine explanation. :)