Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Facebook seems to think my Arch Linux box has malware on it
From: Wesley Kerfoot <wjak56 () gmail com>
Date: Thu, 19 Jan 2012 22:13:06 -0500

So there I was, innocently posting anti-SOPA links on my wall. I close my
facebook tab temporarily, open a new one a few minutes later, and I’m
logged out of my account.

“Well that’s odd” I think. So I log back in.

“Your computer has malware!” Facebook says to me. They tell me that my
computer has malware, okay, well I am very skeptical of that since I run
Arch Linux, my kernel and all of my software is up-to-date, and I don’t
remember running any strange shell scripts as root.

They then proceed to force me to certify that I’ve run Anti-Virus software,
and link to several Windows and OS-X programs.

“Well that’s offensive to me, both as a Linux user and a Programmer” I
think. Why would they not even bother to check my user-agent to see what OS
I am running? Why does Facebook even have an algorithm to try and detect if
someone has malware on their computer? How do you even say “You have
malware on your computer” with any confidence when the only interface
between you and the user is HTTP? Facebook doesn’t have access to my
computer’s hard disk. They have no right to tell me if I do or do not have
any malware.

So now I am completely locked out of making any changes to my account or
posting on my wall, or anyone else’s. All because Facebook was too lazy to
check for false positives. This will supposedly last for around two days.

I ended up sending a bug report that will most likely be ignored, and not
even looked at. I will most likely end up waiting the two days for my
account to be re-instated because I don’t know anyone who personally works
for facebook that can fix the issue.

The message here for Facebook is that they shouldn’t implement systems that
they can’t support when they fail.

Apparently (this is according to people who I’ve talked to) there is a
virus program going around in the Windows world called the “Carberp”
Trojan. The lesson here is also that even if you refuse to use Windows, you
can still be affected by the mediocrity of Windows. You are not 100% safe
even on Linux, BSD, or Haiku.

Good job Facebook! You just impeded someone who was trying to help you stay
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]