Ubuntu safer than Windows according to Dell

Discussion in 'all things UNIX' started by linuxforall, Jun 13, 2010.

Thread Status:
Not open for further replies.
  1. lordbest

    lordbest Registered Member

    Joined:
    Jun 16, 2010
    Posts:
    38
    Fair enough. I was just discussing why there are actually some very sane, very smart, and dare I say very beautiful people out there who use Windows and not Linux.

    Anyway, enough of the justification then!

    By the way, back on topic, do keyloggers or any form of logger threats exist on Linux? There seems to be an increasing market for anti-logging software recently on Windows. Should Linux users be concerned?

    Fact is, I don't believe this threat really exists even on Windows. I believe that the real threat that exists on Windows will also exist on Linux - eg. receiving an e-mail which gives a link to a site saying I have won something and telling me to enter my personal details. As you can see, it doesn't matter which OS you're using with this kind of malware logging.
     
  2. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    No, because it takes root access to install a keylogger on Linux.
     
  3. Eice

    Eice Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    1,413
    I've got a whole bunch of engineering programs that refuse to work on Linux as well, but I thought it'd be rather redundant to list them all, seeing as how they're relatively niche. ANSYS, Solid Edge, a bunch of smoke/fire dynamics simulators, Pro-E, et cetera. Meh.

    Nobody's talking about OOo's x64 architecture. I'm talking about how Excel offers conditional highlighting for equations (VERY useful when debugging 10k cells containing 20-40-character equations each) and superior cell management/organization features.

    Skype? Sorry, but I don't foresee converting my entire extended family from MSN anytime soon.

    Scilab, Sage? No Simulink means they're no better than Octave for the kind of frequency and control systems analysis I do.

    Adobe Reader? Does it have tabs? If not, then it's no better than Evince as far as I'm concerned.
     
  4. linuxforall

    linuxforall Registered Member

    Joined:
    Feb 6, 2010
    Posts:
    2,137

    If you run x64 Windows with latest patches, LUA and DEP full with a quality av like Avira, no way in hell can you get infected unless you are an absolute buffoon but then in that case, you shouldn't be using a PC.
     
  5. lordbest

    lordbest Registered Member

    Joined:
    Jun 16, 2010
    Posts:
    38
    Good to know and that's what I thought. Regardless, I still believe real world identity threats for the home user come in the form of trickery/phishing. For the most part, no form of anti-logging software will save you from this. I believe that many people and companies are taking advantage of Windows' poor security track record and creating a sense of human vulnerability so that they may buy their apps. I suppose in this day and age, people will be willing to sink to lower levels to get extra cash.
     
  6. lordbest

    lordbest Registered Member

    Joined:
    Jun 16, 2010
    Posts:
    38
    I believe that even 32-bit Windows with latest patches, LUA and DEP (not AlwaysOn, but OptOut, as many apps and drivers start to break if you use AlwaysOn), SRP or AppLocker, it is very difficult to get infected. However, there are many people out there that are "absolute buffoons" and will fall for trickery like I described above. And in their opinions, they have every right to use a PC :p
     
  7. linuxforall

    linuxforall Registered Member

    Joined:
    Feb 6, 2010
    Posts:
    2,137

    x64 has patchguard which will prevent majority of rootkits and keyloggers, like it or not, this is one great step from MS, also DEP is far superior in x64 with x64 CPU.
     
  8. lordbest

    lordbest Registered Member

    Joined:
    Jun 16, 2010
    Posts:
    38
    Yes I agree 64-bit patchguard will prevent most of the "current" rootkits and keyloggers from installing into the "kernel". But here you seem to be implying that all keyloggers or similar need to be installed into the kernel to function? I didn't realise that? Wouldn't simply using LUA block them all then?

    I also thought there is only one type of Hardware DEP and that's the DEP on 64-bit capable processors? Software DEP is of course relatively weaker.
     
  9. linuxforall

    linuxforall Registered Member

    Joined:
    Feb 6, 2010
    Posts:
    2,137

    You are correct, DEP is on x64 CPUs but now thats a moot point as its common, thankfully most Windows programs now work OK with DEP hardware enabled. Earlier on that was a big issue and therefore DEP wasn't enabled, even security app like Avast had issues with DEP. LUA will block most but 0 day is best defended by DEP as it was exhibited last year when all major AV failed to detect Conflicker but PC running DEP full survived.
     
  10. lordbest

    lordbest Registered Member

    Joined:
    Jun 16, 2010
    Posts:
    38
    Just for my own knowledge, what exactly do you mean by "DEP full"? On Windows, I currently have DEP configured as "OptOut", but I have made no specific exceptions. If I configure DEP to be "AlwaysOn", I get a sound card related error on every system boot.
     
  11. linuxforall

    linuxforall Registered Member

    Joined:
    Feb 6, 2010
    Posts:
    2,137

    I mean DEP hardware via boot.ini hack.
     
  12. lordbest

    lordbest Registered Member

    Joined:
    Jun 16, 2010
    Posts:
    38
    You wouldn't be able to instruct on how to do this? As far as I know, the most secure is to type in the appropriate place of the boot.ini file as "AlwaysOn". However, as far as I know, "OptOut" is also fairly strong and doesn't give out as many errors.
     
  13. linuxforall

    linuxforall Registered Member

    Joined:
    Feb 6, 2010
    Posts:
    2,137
  14. lordbest

    lordbest Registered Member

    Joined:
    Jun 16, 2010
    Posts:
    38
    Thanks. I do wonder how many people on Windows get errors if they configured their DEP to be "AlwaysOn". Unfortunately even configuring it as "AlwaysOn" does not prevent Ret2Libc overflow attacks.
     
  15. lordbest

    lordbest Registered Member

    Joined:
    Jun 16, 2010
    Posts:
    38
    By the way, wouldn't the safest way to do online banking or other private transactions on Windows be to use a Linux VM? What do you think Linuxforall?

    Or would that not be safe because potentially a logger in the Host (Windows) system would still be able to log the Guest (Linux) system?
     
  16. linuxforall

    linuxforall Registered Member

    Joined:
    Feb 6, 2010
    Posts:
    2,137

    Actually one famous bank was giving away ubuntu live CDs to its banking customers for safer online banking, they were advising them to run the CD live and do their online stuff, the live CD doesn't save the data anywhere so you should be safe that way.
     
  17. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,013
    I have used AlwaysOn in Win 7x64 without any adverse effects.... seems to work fine for me.
     
  18. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    That's what ASLR is for.

    It should be mentioned that Linux also has "DEP" (it's called NX on Linux) as well as ASLR, and has had it much longer than Windows.
     
  19. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    To clarify, Windows and Linux have ASLR support. The applications themselves need to fully implement it, which not many (at least on Windows) do.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.