More FUD about LINUX security

[linuxforall]

http://mrpogson.com/2012/04/14/more-...y-of-gnulinux/

The truth is you are thousands of times more secure with GNU/Linux than that other OS. The count of malwares proves that. The incidence of malware infections proves that. The prevalence of GNU/Linux servers on the web proves that. The fact that M$’s servers are becoming more like GNU/Linux machines with time is another. Heck, M$’s 2008 server can even run GUIless and uses scripting. Where have we heard of that? Oh, GNU/Linux back about 1995.

Security in Linux comes from not being user friendly, if you prefer.

[linuxforall]

Quote:

Originally Posted by guest

Security in Linux comes from not being user friendly, if you prefer.

The other word for user friendly is DUMBING DOWN! but on the same note, Ubuntu is LINUX and its user friendly enough. Even hardcore Chakra is quite user friendly once one has an open mind.

[Hungry Man]

Quote:

“The reality is that Linux is not more secure. It is simply less targeted. The fallacious belief that it is inherently secure is the same sort of faulty logic that’s getting Mac users in trouble now.”

lol I guess by that logic BSD isn't secure?

Oh, goodness.

Even if Linux did run Oracle's Java (it runs OpenJDK) it, by default, runs in an apparmor sandbox. And configuring that sandbox further isn't difficult. The attacks on OSX would not have worked the same way on Linux. Even if you do install Oracle's Java VM it's not hard to sandbox.

Linux is obscure in that no one's targeting users, but the kernel is absolutely not obscure, it's the most popular kernel in the world. There are plenty of eyes on it. It's open source, there are tons of companies supporting it with devs, there are tons of people supporting it... it's just "obscure" in the best ways lol incredibly well known but only ever targeted as a server OS.

Plus the tools provided by linux are very powerful both for devs and users.

[NGRhodes]

Terrible rant, does not explain anything. Just a lot of unqualified statements.

[linuxforall]

Linux is obscure

How when its used by majority of super comps and servers around the earth especially in mission critical areas where hacking is the name of the game on daily basis. Its not just Linux kernel but Linux in itself, to run the kernel, one needs LINUX last time I checked.

[Hungry Man]

I'm not calling Linux obscure. I'm saying that users running linux are rare (and therefor not targeted.) Servers running linux are not - and with Android the linux kernel is the most widely used kernel in the world. That means that you
1) Linux users (not servers) are less likely to be targeted by mass attacks - little payoff and higher cost of attack

2) The linux kernel still benefits from having tons of eyes on it

I was trying to say that, for a regular user, this is the best of both worlds.

[linuxforall]

Home users are low end targets for all, doesn't matter if they are running Linux or Windows, the meaty bit is corporate where funds can be transferred out or valuable data can be compromised to their benefit.

[Hungry Man]

The millions of Windows virus samples that target users would disagree with that conclusion.

[Mrkvonic]

In my lexicon, it's called TL;DR.
Mrk

[linuxforall]

Quote:

Originally Posted by Hungry Man

The millions of Windows virus samples that target users would disagree with that conclusion.

Of course, thats a very profitable industry, the business of VIRUS

TLR

Windows has stupid, stupid default settings (like USB autorun). So do most Linux distros (like Ubuntu's rampant use of sudo).

Any large software project contains bugs, including security bugs. The Linux kernel is considered fairly unbuggy for something with 6 million+ lines of code, and it's still got huge numbers of bugs including remote holes. Things like the Xorg stack are less rigorously maintained, and may contain a vast number of bugs unknown to the maintainers.

Even running as limited user won't protect you. On a desktop you're not much better off with a limited account; a subverted user account can still log your keystrokes, steal your data, and spam the infection on to other machines. Depending on the available bugs, stuff can even be hidden in userspace, without a kernel rootkit. (Also, there are always local privilege elevation exploits! Usually involving suid binaries.)

There are a few things protecting you on Linux:

- Linux is not a monoculture like Windows and OSX. Any two Linux systems can be wildly different in terms of installed software and default configurations, so worms and other autonomous badware are less effective.

- Linux on the desktop has a tiny and mostly well-educated user base, so it's not really worth it to design worms and whatnot for Linux.

- Linux uses repositories systems, making it easy to keep software up to date (and to use only known safe software). This is probably the biggest security advantage of Linux over Windows right now.

Otherwise Linux is every bit as vulnerable, and mark my words, there will come a day when that vulnerability shows.

As for me... I always enable iptables on Linux when possible. I always use a browser with Noscript or click-to-play, instead of unrestricted plugins. I figure those are enough for now, but I'm not kidding myself - at some point, they might not be. Linux is currently in the malware-absorbing shadow of two major monoculture OSes, and when it emerges from that shadow, things are going to get quite ugly, IMO.

P.S. If you've made it this far, I should note that Windows NT uses ACLs *by default* instead of straight UNIX permissions - a vastly more flexible system, and vastly superior if used correctly. I don't know which distros use ACLs by default, but I know it isn't many of them.

[Hungry Man]

Quote:

- Linux uses repositories systems, making it easy to keep software up to date (and to use only known safe software). This is probably the biggest security advantage of Linux over Windows right now.

Yep.

That, finely grained access controls, and being open source are what do it.

I don't think things will get ugly. Social engineering isn't going to be nearly as effective when you get all of your software from a trusted repository. Exploits on linux aren't like on Windows - you can sandbox any process and any service on your own and developers can make use of incredibly powerful internal sandboxing.

If you were to jump linux up to 100% market share today, yes, it would be unprepared. But it's secure as it is and if there were methods of intrusion for it that were reliable there would be methods of prevention thought up quick.

[NGRhodes]

Gullible Jones,
What is wrong with Ubuntu's use of sudo ?

[linuxforall]

Of course vulnerabilities show in Linux, more so than anything because of the fact that Linux is used in applications that are prone to attacks, thats the biggest advantage of Linux which gets trickled down to end users.

[funkydude]

Quote:

Originally Posted by Gullible Jones

- Linux uses repositories systems, making it easy to keep software up to date (and to use only known safe software). This is probably the biggest security advantage of Linux over Windows right now.

Are you talking about for installing additional software or how the OS itself is developed? As I highly doubt any OS is developed outside of a repository environment. Merging code would be great fun!

Quote:

Originally Posted by linuxforall

Of course vulnerabilities show in Linux, more so than anything because of the fact that Linux is used in applications that are prone to attacks, thats the biggest advantage of Linux which gets trickled down to end users.

That is different from other operating systems, how?

Quote:

Originally Posted by Nick Rhodes

Gullible Jones,
What is wrong with Ubuntu's use of sudo ?

5-minute passwordless timeout, during which you might as well be running as root. Also, prompting for the user's password - a keylogger could steal that password and obtain root access.

Quote:

Originally Posted by funkydude

Are you talking about for installing additional software or how the OS itself is developed? As I highly doubt any OS is developed outside of a repository environment. Merging code would be great fun!

Installing additional software. Distros like Ubuntu put huge amounts of known safe software in their package repositories; GPG signing ensures the packages haven't been tampered with. Users are encouraged to use software from the repositories, instead of downloading it from random websites.

Obviously such systems have... some issues, but they do make Linux a bit safer on the desktop.

(Also, I should probably note that GNU/Linux itself is developed outside of a single repository environment - the kernel, core utilities, graphics stack, etc. are all developed in separate code repositories, by separate development teams, and eventually compiled and cobbled up into an OS. The whole userland is held together with duct tape and bailing wire.)

Quote:

Originally Posted by Hungry Man

That, finely grained access controls, and being open source are what do it.

The access controls in many distros (UNIX permissions) are less finely grained than in Windows NT (ACLs). I suspect it may be more a question of using existing access controls properly.

(Personally I don't think being open source has anything to do with it, but that's open to debate.)

[Hungry Man]

Quote:

Originally Posted by funkydude

Are you talking about for installing additional software or how the OS itself is developed? As I highly doubt any OS is developed outside of a repository environment. Merging code would be great fun!



That is different from other operating systems, how?

I guess whereas Windows attackers can rely more on social engineering a linux attacker will try to compromise the system itself (difference between a user OS and server OS.)

Quote:

The access controls in many distros (UNIX permissions) are less finely grained than in Windows NT (ACLs). I suspect it may be more a question of using existing access controls properly.

Not really. You can create chroot or LXContainers or make use of LSM or seccomp to completely control both file access and API access. Every Linux OS at least supports chroot, chmod, and lsm.

[Mrkvonic]

Quote:

Originally Posted by Gullible Jones

5-minute passwordless timeout, during which you might as well be running as root. Also, prompting for the user's password - a keylogger could steal that password and obtain root access.

A question - What keylogger?
Mrk

[Ocky]

Quote:

Originally Posted by Mrkvonic

A question - What keylogger?
Mrk

A pithy question. Awaiting GJ's answer.

[vasa1]

Quote:

Originally Posted by Ocky

A pithy question. Awaiting GJ's answer.

Blessed are the patient, they shall inherit the land.

[NGRhodes]

Quote:

Originally Posted by Gullible Jones

5-minute passwordless timeout, during which you might as well be running as root. Also, prompting for the user's password - a keylogger could steal that password and obtain root access.

No worse than if you were already logged in as root.

Cheers, Nick.

Quote:

Originally Posted by Mrkvonic

A question - What keylogger?
Mrk

A theoretical one. Haven't heard of a userspace keylogger for Linux yet, but that doesn't mean it couldn't happen; only that it's not yet worthwhile to write one.

Quote:

Originally Posted by Nick Rhodes

No worse than if you were already logged in as root.

Cheers, Nick.

I believe the correct way to do this is the method SuRun uses by default - to prompt the user without asking for a password.

Quote:

Originally Posted by Hungry Man

I guess whereas Windows attackers can rely more on social engineering a linux attacker will try to compromise the system itself (difference between a user OS and server OS.)

So far the only ITW trojans for Ubuntu have relied on social engineering. Usually along the lines of "Install this untrusted .deb package to get another pretty desktop theme!" IIRC. Needless to say they haven't spread very far.

Quote:

Not really. You can create chroot or LXContainers or make use of LSM or seccomp to completely control both file access and API access. Every Linux OS at least supports chroot, chmod, and lsm.

Normal Linux chroots are fairly easy to bust out of, IIRC, to the point that Linux developers describe them as "not a security feature" and discourage their use as such. LXC sounds a lot more secure, but I've yet to see any distro use LXC for anything by default, or include any simple GUI for using LXC.

For ACLs on Linux you'd use getfacl and setfacl, not chmod. Windows equivalent would be cacls.exe (I think?). I have no idea if Windows does anything with POSIX permissions (does NTFS even support them?), but I know it uses ACLs all over the place, and most Linuxes I've tried do not.

LSM... Yeah, I'll admit the various MAC systems are pretty powerful, but who puts them to serious use? Last I checked Fedora was the only distro that sandboxed its browser by default.

[Hungry Man]

Chroots by default are not meant for security, they're meant for ease of use/ testing software. The chroot bypass involves making use of chroot again while in a chroot environment. You can prevent this easily (it's actually built into some systems already iirc and it's been proposed for others - the developers definitely recognize it as a potential security feature.) They're not so much discouraged for security as it is that they are, by default, not for that.

Ubuntu doesn't sandbox Firefox by default but it does sandbox multiple services without the user having to do a thing. It comes with quite a few profiles and creating them is simple. Can't say the same about Windows.

I thought Windows 7 ran a bunch of stuff in low integrity mode by default, including IE? Also you can use psexec (from Sysinternals) to launch anything in low integrity mode (psexec -l), though some applications (unfortunately including Firefox) do not work that way.