What will 2012 bring in terms of cyber-crime?

Discussion in 'other security issues & news' started by PJC, Dec 31, 2011.

Thread Status:
Not open for further replies.
  1. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,417
    Like the much awaited Year of the Linux Desktop? It could happen but until then :D
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Sure, there's always the chance that users will start using Linux - though I don't see that happening. And, of course, direct attacks.
     
  3. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Ahh, where to start with my thoughts on the last few posts.

    1. I believe 2012 will bring much of the same, minus the additions of pwning mobile devices and infrastructure attacks. 2012 will have the same vendors and security blogs shoving AVs down our throats still, and Wilders will continue to have flame-fests and multiple page arguments over what is best and who passes what. Now that that is out of the way:

    2. Windows is in no way, shape nor form safer than Linux without a lot of messy tweaking no average user should be legally allowed to even attempt, and without a lot of 3rd party crap tacked on. So let's not even go there. Windows 8 won't change that either.

    3. Linux can be just as screwed. However, the user has even more say so in that than they do in Windows. Why is that? Linux was designed to not be "loose" with privileges, it wasn't designed to let programs just do whatever they and their devs damn well pleased. It was not designed to be "user friendly". It is only more user friendly now due to lots of very hard work by a lot of people and slow (too slow and still not enough) changes in the development world.

    4. Open source vs Closed source is a debate best left to fanboys. Closed source isn't evil and open source isn't infallible.

    5. Security through obscurity is a BS line of thinking and doomed to failure.

    6. The Year of the Linux Desktop, if nothing changes in attitudes from gaming and software companies, will continue to exist only in the minds of cheery mind-altering substance users.

    All of the above is the sole opinion of a heavy Windows user and should be taken as such (although I'm still right :D ).
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Open source vs Closed source is not a debate for fanboys imo

    I agree with the rest except that you imply that with tweaking you can make Windows more secure than Linux. With Windows the most you can do is lock down with applocker (bypassable with the right exploit/ type of virus, limits user experience, not easy to maintain especially for average users), use integrity (will break most applications, breaks with updates), or throw third party software at it. With Linux by default you're more secure and there's way more tools to tweak with - much more fine grained tools that allow for specific MAC models that are predefined with profiles or even user defined.

    EDIT: And the multipage arguments won't stop until I die! :p
     
  5. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Yeah, that debate really is, in my opinion. I say that because nobody ever brings any other argument to the table besides "we can see the code". Okay, fine, but visible code a good program/OS does not make. As far as Windows security, you can make it pretty close, but, as you pointed out, look at the cost of doing so. Half your stuff won't work right thanks to privilege issues or won't work at all (this is still mainly a problem with software devs and not so much Windows).

    It's why I don't bother with all that crap on my Windows machine. I didn't pay 3 grand for a maximum security cell, I paid for a machine to use however I pleased. If a pop-up tells me "no" I tell it to go sit on a very hot rock, lol. That doesn't mean I play Russian roulette with my system though.

    As far as the multi-page arguing and wars over software at Wilders, I'm not even sure God himself could stop that :D
     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Being able to see the code is a legitimate point. This has been proved time and time again. And there are other benefits besides being able to see the code, open source means you can modify the code or add your own code to it. It also means that I can look and say "Yep, it's secure. Yep, it does what I want and nothing more." With closed source all I can do is hope.

    But that's the start to a debate lol
     
  7. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Lol, yes it is. You're right, it's a legit point, but, well, you've seen the movie a thousand times I'm sure. It starts out legit and turns into the inevitable FOSS vs the world stuff. That's why I say it's better suited to fanboy gatherings. I personally would much rather see every line than wonder myself (it certainly would end the "backdoor" rumors of Windows, lol).
     
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    It certainly would. I don't know why Windows doesn't just open source the project and then simply charge for support. That's certainly how I would want my software to be.
     
  9. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,417
    It's intriguing that "security by obscurity" or "situational security" is being dismissed as "BS" instead of being welcomed as another "layer".
     
  10. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    Well, it is being dismissed by me at least. Not that I'm Charlie Miller by any stretch of the imagination. I also consider situational security and security by obscurity two different things. A Live CD to me is situational security..what point would you have in using it every day for everything? None (as a normal user). However, it's beautiful for banking, shopping and other times where you might want to be certain of a sparkling clean environment.

    Security by obscurity is relying on being the 1, 2 or 3 percent of people using an OS or a program and either thinking or hoping that's enough to save your arse..which is stupid and doomed to failure. What, do people out there think malware writers and criminals have never heard of Sandboxie, of Linux or any other of these little used things? It's naive and dangerous to think that just because you're not a popular target, that you're not a target at all. And as I said before, there are plenty of ways to make your life miserable without ever touching your obscure OS or program.

    If people want to live in that world, hope and pray these programs never get wildly popular. Pray to the computer gods above there is never a "Year of the Desktop Linux". Security by obscurity is indeed BS. I'm not talking layers either, because whenever stuff like this comes up, it's never talked about as a layer, it's always about being safe simply because you use a program very few have ever bothered to use.
     
  11. guest

    guest Guest

    That's not the case here.

    Let me re-post those statistics with some more details.

    Linux kernel:
    http://secunia.com/advisories/product/2719/
    Affected By:
    283 Secunia advisories
    609 Vulnerabilities
    Unpatched:
    6% (18 of 283 Secunia advisories)
    (Also add vulnerabilities/advisories specific for the distribution and installed apps/run-times. Example: http://secunia.com/advisories/product/38516/ )

    *****************

    Windows:
    http://secunia.com/advisories/product/27467/
    Affected By:
    90 Secunia advisories
    181 Vulnerabilities
    Unpatched:
    6% (5 of 90 Secunia advisories)
    (Also add vulnerabilities/advisories specific for the installed apps/run-times. Example: http://secunia.com/advisories/product/28644/ )

    Latest Windows can be as secure (or even more secure - if you know what to tweak) than any popular Linux distribution (of course, ignoring Security by minority - for the reasons already stated by others).
     
  12. wat0114

    wat0114 Guest

    Really? Like what? If you mean running as Standard user, keeping the O/S patched, EMET, Windows firewall, Parental Controls, AppLocker and SRP, quite a bit at one's fingertips actually, then I respectfully disagree; it affords, from my experience with it, a rather robust platform against malicious threats. If you think lots of 3rd party "crap" is needed, then one only has to look at, for one recent example of 3rd party headaches, the encyclopedic AppGuard thread and behold the problem reports littered throughout it to see that 3rd party security is not necessarily the best. There are many, many others similar to it throughout these and other forums.

    Yes, I agree SRP and AppLocker, and running Windows firewall with outbound control is not necessarily for the faint of heart, but they can be configured quite easily using the less advanced configuration approaches, although the firewall is a lot easier using a 3rd party interface, for those who don't want to configure it the painstaking way, as I did. Keep in mind that the configurations for the firewall and AppLocker can be saved, so once thet're set up, it's just a matter of minor rule modifications when a new application is installed or, in some cases, modified.

    As for waht 2012 will bting? I don't really know, other than likely more of the same, especially the explits that depend on users to be click-happy.
     
  13. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Because security isn't situational. Just the illusion of security.
     
  14. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    All of that and you still dont get the access control of SELinux, Applarmor, or a simple chroot/own.

    Tell me how, without increasing attack surface with 3rd party software, I can block Firefox from accessing a specific path? Or run Firefox in its own separate file system?

    Windows 7 has made big changes, the ACL system is really great. But it's just not the same.
     
    Last edited: Jan 2, 2012
  15. wat0114

    wat0114 Guest

    I don't know I don't use FF. Why do you need to control its path or run it in its own separate file system? Why even worry about FF if it's a trusted application? You should only be concerned about malware and that's where defense mechanisms like SRP and AppLocker can come into play, never mind UIPI built into Vista/7, running as Standard user, Protected mode IE & smartscreen filter (if one uses IE), EMET, firewall control, and other functionality the latest Windows offers.
     
  16. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Firefox was purely an example.

    What does SRP do? It limits file access. That's the basis of the MIAC system - file access restrictions, limiting reads and writes. Except you don't get to control which files, it's just a generic access control module. In linux you can finely tune exactly what rights every single program on your computer has. There's just a huge difference in the rights you can give and/or take away when you use Linux.
     
  17. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    10,239
    Location:
    Lloegyr
    Well, I think that it was a fair comment at the time about SRWare Iron (the rip-off browser which you are referring to). Most statistics are just bollocks anyway & are regularly applied & distorted for all sorts of tendentious reasons. The day I start to take notice of 'statistics' will almost certainly be the very same day that I start to believe in the Easter Bunny, Father Christmas, the Twyleth Teg & Parliamentary Democracy.

    OK, I'm pretty sure the Twyleth Teg are real.

    I have no idea if Iron is still less vulnerable than Chrome. Probably not, I'm pretty sure that Chrome is the safest & least vulnerable browser (out of the box).

    Will this fact convince me to use it? I think not.

    I'll stick with Firefox & the rip-off. ;)
     
  18. wat0114

    wat0114 Guest

    No, SRP can be configured to control which files, including dlls and scripts (.VBS), are allowed to execute and which ones aren't, and you do get to control which files it governs.
     
  19. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Through other means, sure. Like Applocker.

    But the difference between moving from user to admin is being able to write to admin areas.

    In windows you have sandboxing levels. Low, medium, high (and others.) With Linux you have per-application profiles and the ability to further restrict applications however you like.

    That is a finely tuned MAC model and it's powerful. Access control is one of the biggest concerns for security.

    EDIT: And this is ignoring how Linux handles software distribution/ updates as well.
     
  20. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I got a few doubts about all this open source discussion.

    Does anyone truly look at every source code out there? No one looked at Firefox's source code a few years back, and it wasn't until a user started complaining about weird logs from his/her firewall that people came to realize Firefox was making connections to Mozilla Foundation that had nothing to do with updates. No one ever looked at the source code; I wonder if they all look at it since then? o_O

    Yes, open source is a beautiful idea, because you can help improve it, either by adding code to such projects or having your own project based on another project. That's the beauty of open source.

    But, in what comes to security, if I develop an application and provide its source code, does it mean the binary itself is safe? Or, this security comes only from the fact you can look at the source code, conclude it's clean and compile a new binary from it, and use that binary instead of the one I provided?

    How can you be sure that someone has, in fact, looked at my application's source code, if you got no programming skills yourself? There are hundreds of open source projects, some of which are forks. Is anyone actually looking at all that source code?

    Doesn't open source security works a bit like a placebo? The idea that being an open source application gives security is a nice idea, but is it one that's actually put in practice?

    These doubts have actually been inside my head for quite sometime now.

    Heck, I remember sometime ago someone in this forum mentioning would never use a Chinese Linux distribution, despite being open source. So, is it all a placebo effect? o_O In the book, being an open source project looks good in terms of security, but in reality things are a bit different?

    Isn't it a bit like Google Chrome extensions or Firefox extensions? :D The extensions developers may give all the source code, but if no one is performing the task of making sure all is OK, and if I know nothing of the programming language used, then what good is it that I can look at the source code? It's Chinese to me. I know Mozilla makes sure all is OK; I'm in doubt about Google (I'm pretty sure everyone interested also is :D).

    -edit-

    To make this doubts a bit more interesting, if they haven't been so far lol, would anyone use keygens, etc., if they were all open source projects? Ignore the fact using keygens is illegal and all that; think of the security implications. Would you still use them?

    - end of edit-

    @ the thread's subject

    More of the same, because it works? lol I wish I could see the future, as I'd be multimillionaire by now. :(
     
    Last edited: Jan 2, 2012
  21. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    So, in the end it's something that an ordinary user would never mess with in both O.Ses? :p
     
  22. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Yep. Except in Linux it's by default and the user can finely tune it. It is both out of the box more secure and configurable to be much more secure.

    The only thing Windows has over Linux is SmartScreen and I am not so convinced that it will stand up to attacks.

    Absolutely. The linux kernel is used all around the world, far more than Firefox is. Just about everyone is using the linux kernel for servers or phones or microwaves or whatever the hell else you can throw linux on.

    The security from open source comes in a few parts.

    1) More eyes to catch the bugs. Linux has way more people looking at the source code than Microsoft has looking at theirs.

    More eyes ideally catches more bugs.

    2) The community can verify and validate. Does it work? Does it do what it's supposed to do and only that? These are questions you can't always answer with a closed source project.

    3) Being able to add your own code or mesh together other dev code. Compiling security straight into the kernel or the OS.

    Is anyone looking at every distros source code? No idea. But is anyone looking at the one thing every distro has in common - the kernel? Yep.

    I don't want to go too far off topic talking about Chrome extensions but an alalogy would be... Chrome is the kernel, extensions are the applications. You know people are looking at Chrome, but maybe not the extensions. You know people are looking at the linux kernel, but maybe not every application.
     
  23. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    Yes, in terms of finding bugs, it's nice. Not saying otherwise.

    But, I was merely thinking about malicious actions. So, can you be sure my application isn't going to perform any malicious actions, if you got no knowledge to understand the code or track down what the application does in your system and how it makes use of network communications?

    And, when thinking of open source, we can't just think of Linux. We got open source applications Windows, Mac OS... I don't know how far Linux/Mac OS could protect you from a malicious application, but I'd imagine it would steal your credentials just fine, and it wouldn't be Linux default protection that would protect you. If I make someone believe they need to give me root access - if that's what it takes - then, it won't be Linux protecting them. Social engineering works everywhere.

    If I were a software developer, should you trust my application, just because it's open source, even though you got no programming skills to study its source code? Providing the source code is a sign the binary isn't dirty?
     
  24. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    -edit-

    I do understand the most famous projects are on the spotlight, though. But, there way too many useful* open source applications out there, and these aren't on the spotlight. I can't stop thinking that being open source isn't enough to assure me about their safety.

    * Useful for a smaller % of users.
     
  25. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    If someone doesn't have coding experience how could they possibly analyze code for malicious actions? =p

    Like I said, there are plenty of eyes on Linux.

    Yes, this is entirely true. If you socially engineer a situation in which the user believes they need to give your application root privileges than it bypasses the MAC model - same with any OS.

    MS is the only OS to really try to deal with this via SmartScreen afaik, but like I said, I'm still not convinced it'll stand up to the future.

    It would definitely help me trust the code, yes. If it were a tiny project that I had never heard of I wouldn't trust it regardless. If it's a huge OS type thing, yeah, I would definitely trust it more knowing that there are eyes on it.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.