SRware Iron on Ubuntu

Discussion in 'all things UNIX' started by aigle, Dec 22, 2009.

Thread Status:
Not open for further replies.
  1. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Sharing as it was a nice surprise for me. :)
     

    Attached Files:

  2. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    No need for Iron when you can just use Chromium.
     
  3. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Hmmm... is chromium free of privacy issues like SRware iron?

    I have no idea myself.
     
  4. Ocky

    Ocky Registered Member

    Joined:
    May 6, 2006
    Posts:
    2,677
    Location:
    George, S.Africa
    From your screenshot I see that you are using bitdefender. Heard good things about the linux version. Do you use it on demand only ?
    Why also avast ? (= the one I use for occasional on demand scan in Hardy).
     
  5. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343

    Iron is nothing but someone packaging Chromium for Windows and naming it something different. Chromium is the open-source version of Chrome. Chromium is the base Google uses for Chrome -- they simply take the source code of Chromium, add their logo, their tracking, and that's it. Chromium is updated more frequently and is more bleeding edge.

    You can read the differences here.
     
  6. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Thanks, I was thinking chromium is developed by google itself.
     
  7. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I just installed them to play. None of these AVs works in real time, all are on-demand.
    Have no idea more than this. I wish to install something that works in real time. And I do wish to have an anti-executable HIPS, even a simple one like PG free.
     
  8. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    You do not need AV with Linux. So I suggest scratching "AV" from your vocabulary. It is a waste of resources.

    Second, you don't need a HIPS for "anti-execution" because the default umask for ubuntu will not allow anything you download to execute unless you give it specific permission to (that is, unless you manually change its permissions). Now, it's true that something could bypass this and execute anyway if there is a flaw in an application -- that is if there is an exploit found. So to mitigate this, you will need to utilize a MAC system: Ubuntu uses AppArmor by default, so I suggest you read up on it. There is even a profile for Firefox that you can enable, which will essentially sandbox it and harden it against attack.

    Basically, you don't need any "add-on" security software with most Linux distros. Everything you need will come with the distro or will be found in the repos. In fact, there are a number of security mechanisms built into the Linux kernel itself.

    The main thing a desktop user needs to know to secure their box is to never install any software from any source other than the repositories.
     
  9. Eice

    Eice Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    1,413
    With that sort of advice, it'd be impossible to use Chrome on Linux in the first place.
     
  10. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    It is only a matter of time before Chrome gets put in the repos. Besides, if one really wants to use Chrome, one can merely install the PPA for Chromium and have the nightly builds installed every day.

    For Ubuntu 9.10:

    Code:
    sudo add-apt-repository ppa:chromium-daily
     
  11. Eice

    Eice Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    1,413
    From a security standpoint: there seems to be little difference between tricking the target to install a binary, from tricking the target to install a repo IMHO.
     
  12. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Yes, that's right. No doubt there will probably be rogue PPA's pop up here and there. The Ubuntu PPA main page even gives a warning not to install PPA's from people you don't trust. In this case, due to its popularity, I doubt the Chromium PPA is compromised.

    The good news is, there aren't very many software titles that need PPA's in the first place. Most everything can be found in the official repositories. Many of the PPA's are dedicated to bleeding edge versions of software anyway. Also, the fact that all PPA's are digitally signed, will make it impossible for someone to create an imitation PPA and make it look like the legit one.

    Although not perfect, I think the repository model is much better than the alternative: simply sending everyone out to google to search for software.
     
Loading...
Thread Status:
Not open for further replies.