Linux - Questions from a newbie

i thought i'd create an open thread for linux noobs like meself.

first topic:

i know linux is supposed to be safer because it's open source and it benefits from 'security by obscuration'.

my question: is the linux OS/kernel itself more resistant to malware and exploits than a fully patched Windows 7 machine?

 

Hi moontan,

The question is relative, i.e. what is a fully patched Windows 7?, or trying to compare apples and oranges. The Linux Kernel is constantly evolving, but does have some vulnerabilities. The Linux Kernel has a worldwide contribution of many kernel experts which gets wide review prior to integration with the latest source code tree(s) - development, stable - while M$ does not have as many and is proprietary (closed source).

Linux Kernel does not benefit from "security by obscuration". It benefits by wide review of transparent source code by the experts. Proprietary (closed) source code is hidden and does not receive the same wide review as Linux Kernel enjoys.

Windows 7 malware and exploits are designed for Windows 7 and generally speaking do not affect Linux Kernel, and visa versa, i.e. Linux Kernel exploits do not affect Windows 7.

On the other hand, there are some Linux Kernel vulnerabilities which are distinct to the Linux Kernel. See: search.cert.org and then search for "Linux CERT Advisory".

Safer is relative - in other words. The safest research OS currently available in Beta form IMHO is Qubes from Invisible Things Lab. For it to be effective, the hardware you will need to have is VT-x and VT-d compatible both for the processor and motherboard such that you can run separate OSes in a virtualized environment with lots of memory.

By comparison, M$ does have a research OS designed from the ground up with security aforethought, previously internal code named Singularity, but renamed within the last year to Midori? The sad thing is that there is no bridge to M$'s revenue generating applications code, but M$ is thought to be working on this by some, but is unconfirmed.

-- Tom

 

lotus, why do you think qubes is safest? How does it protect you, from say, giving over you bank account to someone online? How does it protect you from losing your personal data?
Mrk

 

Wow, moontan starts a newbie thread and you guy are already into Qubes

 

I'm not into qubes ... on the contrary.
Mrk

 

by "security by obscurity" i meant that Linux is not targeted as much by malware creators as Windows.

tnx for the inputs folks.
i'll have more questions i'm sure.

i just installed Bodhi to it's own partition and created an image with IFL right after.

time to go play with my new toy!

 

Yes, linux does have security through obscurity - it is an obscure OS. Not to be confused with security through obfuscation, which means closed-source (you obfuscate the code.)

Is the kernel more secure? Well... that's not an easy question to answer. There is no real benchmark for security and we don't really have a Windows kernel source code to compare it to.

Linux does do a lot to secure the user. It's been supporting things like DEP and ASLR long before Windows got them and it's important to note that this is often the case with Linux.

Linux is heavily vetted by the community -- people can look at it and say "Hey, this is a legitimate OS doing what it's supposed to and in a secure way."

You also have lots of eyes on the problem - more users can view the code so more users can check for exploits.

It also has a lot more policy than Windows. Windows has integrity checks, similar to Linux but Linux has a more complex policy group due to SELinux.

There's a separation between root and user with multiple levels between. Exploits in Linux often are not able to move between those levels because of the multiple layers of separation.

I think the general consensus is that Linux is in fact more secure whether from exploits or from malware.

 

While were chit chatting about security.....What do you think of Joli OS and whether its secure? Its a cloud OS with the base OS being ubuntu. I hate to sound paranoid but I'm somewhat concerned about doing my online banking on it. I guess all these years of hanging around a security forum and running windows OS has made me paranoid.

 

Linux is far from being obscure. It is less used on desktops, but it rules the server market. The obscurity has nothing to do with that. The biggest anti-malware feature in Linux is its diversity, which also prevents legitimate software from running. Take Ubuntu code 9.04 and try running it on CentOS 5.7 or openSUSE 12.1 and running it on Linux Mint 8. Good luck with that. Even CentOS 5.6 and 5.7 and you'll have trouble.
Mrk

 

Bodhi recognized all my hardware including the sound.
i installed Firefox with Flash without a problem.
i even learned how to turn on the firewall.

i'm gonna try this for a few days but i'm thinking already of removing Windows 7.
it is that good, methinks!

only thing i need is learning to uninstall programs and learn how to navigate directories and disks.
and learn a few basic commands for the Terminal.
------------------------
which leads me to this:
how good is Linux at cleaning up after itself when uninstalling programs?
does it leave stuff in the registry like Windows sometimes does?

 

moontan,
Linux doesn't have a registry like Windows. Settings for programs have their own configuration file, usually within the /etc directory.
As far as I know, the OS doesn't manage program settings like Windows does through the registry.
So if junk is left over after removing a program, it's no big deal.

 

tnx for all the help and infos!

 

like mrk said linux is more into server market and supercomputer OS and they are made for security but now its growing on desktop as well

this is intersting read old one but good

http://www.theregister.co.uk/2004/10/22/security_report_windows_vs_linux/

one more advantage linux had which windows does not of having opensource too many geeks brains work on linux its get more exposure advices quick and fast paches............... that windows dont have



which indeed windows copy in its new release of windows 8 which it publicy open for alpha testing

http://www.zdnet.com/blog/open-source/windows-8-distribution-takes-a-page-from-linux/9540

 

This may help:
http://debian-handbook.info/2011/free-sample-chapter-about-apt-tools/
(got the link from OMGUbuntu)

It will help only if Bodhi is Debian-based. I forget whether it is or isn't!

 

Hi Ivan,

Checkout all of the Invisible Things Labs whitepapers here and the posts on Qubes at Playing with Qubes Networking for Fun and Profit and Qubes Beta 2 Released! and the Qubes Wiki which highlights Security Critical Code.

IMHO (to answer your question above) it is a matter of the isolation between various domains and networks that distinquishes Qubes from other approaches that may be similar but not quite there as Qubes appears to be.

You might not currently be a fan of Qubes, but you certainly have the resources to install it and play with it while I have not yet upgraded my system with a new motherboard and processor with VT-x and VT-d capabiliities to do that which I hope to accomplish early next year sometime.

-- Tom

 

Ivan? As in Ivan the Terrible?
Mrk

 

vasa1, it appears that Bodhi is a Ubuntu derivative from what I read in Bodhi's forums. So it is definitely Debian

 

Okay
And here JH recommends a tip on apt-get:
http://jeffhoogland.blogspot.com/2011/11/howto-use-apt-without-bloat.html
so moontan should be happy!
Anyone uses that? Feedback?
(I'm finding the pics in the link real hard to read )

 

I clicked on the the first pic and a slideshow started with enlarged pics. Then you can scroll between the four pics.

 

This is what happens when I surf with javascript disabled and various other things locked down!

 

I guess that would help if you had JS enabled, lol. At least I know that java works with some sites here.

Basically it is showing the amount of space saved by using the no-installs-recommends switch. In AbiWord's example, using the switch used only 37.7Mb where a normal install uses 74.5MB worth of space. A good method if you want to keep your install lean.

 

Following your tip, I went there with js enabled and could see the "big picture"

 

i totally removed Windows 7 and using Bodhi full time.
i'll give it a few more days but i doubt i will go back to W7.

it's just phreaking awesome!

 

I like the way the mouse pointer moves to where it may be needed. I think there's a term that describes that feature.

(Focus follows mouse doesn't seem to fit.)

 

IT is very obscure for anything that matters - users. What attacks hit users and what attacks hit servers are very different. User OS's will typically have to worry about their applications having exploits and those applications are going to be things like flash, java, their browser OR they worry about social engineering. Servers have to worry about proprietary software exploits, enterprise software exploits, or server OS exploits.

Ubuntu or any other OS absolutely has obscurity. I don't know why you think diversity and obscurity are different.