SoylentNews is people
SoylentNews
In case you penguin botherers were feeling left out, the folks over at iTWire bring us this little fun bit o' news:
Eset says it has found a Linux variant of the KillDisk malware used in the late 2015 attack on the Ukraine electricity system.
Like its Windows counterpart, the Linux version of KillDisk encrypts files, rendering the affected system unbootable. It asks for the same 222 Bitcoin (around US$278,000) ransom, but the encryption key used is neither stored locally or sent to a remote server, so even if the perpetrators are paid they have no way of reversing the process.
Eset says its researchers have found a weakness in the encryption method that makes decryption "possible, albeit difficult." Exactly how decryption can be performed was not disclosed.
It's nice to feel noticed but I could personally do without this particular kind of attention.
(Score: 3, Informative) by Marand on Thursday January 12 2017, @12:46AM
If you just want a full user-switch feature, that depends largely on the desktop manager (kdm, lddm, gdm, etc.) and the desktop environment. However, your comparison to su make it sound like you want something a bit more fine-grained... If that's the case, it's likely what you'd rather have is attainable either by using XPRA [xpra.org] or something like kdesu [man.cx] or gksu [man.cx].
The former, xpra, is basically like a GUI equivalent of using screen or tmux, which means that if you want, you can have multiple X servers running as different users and run different applications in different user contexts, but with all the windows usable simultaneously. The different users have their own homedirs and thus can't access each other's files, which lets you separate things as much or as little as you paranoia desires.
The latter options are just GUI wrappers around su and sudo, and work similarly to them, except that they also transfer GUI environment information like Xauth, and are thus good for running graphical applications as different users. They tend to be used for privilege elevation, same as su, but they accept the -u [username] flag, so you can do something like gksu -u scruffybeard3 chromium to run a copy of Chromium under its own user. If you've got your homedir permissions set up properly, that scruffybeard3 process won't have a way to read anything in ~scruffybeard2.
(There used to be a toolkit-agnostic option to gksu and kdesu called 'sux' but it vanished years ago, sadly.)
Either way you do it, you'll have different configuration files for each user as well, so you can also tailor the accounts to different degrees of paranoia. For example, you could have a generally locked-down "everyday browsing" user and a trusted browsing one with different security settings, more/less strict NoScript rules, etc. You can also make the different accounts stand apart visually by setting different GUI colour themes. The unsafe account could have a red tint to the GUI elements, for example.
Doing something like this is probably good enough for most things, but if you want to take it to the logical extreme, there's always Qubes [qubes-os.org], which does basically the same thing but with entire VMs dedicated to each task group you create.