Thread split - Desktop reasonably secure/unsecure?

Discussion in 'other security issues & news' started by Mrkvonic, Nov 3, 2012.

Thread Status:
Not open for further replies.
  1. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,697
    Re: Keylogging on Linux as a limited user

    It is the other way around. All desktops are reasonably secure.
    Mrk
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Re: Keylogging on Linux as a limited user

    Those millions of infected computers disagree I guess.
     
  3. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    Re: Keylogging on Linux as a limited user

    While many more millions that are not infected agree
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Re: Keylogging on Linux as a limited user

    All dogs are blue. Well the blue dogs agree they're all blue, but the brown ones don't.

    Who's right?

    If we're saying all desktops are reasonably secure how do we reconcile that with millions of infected desktops? Let me guess - by blaming the users.
     
  5. Pedro

    Pedro Registered Member

    Joined:
    Nov 2, 2006
    Posts:
    3,502
    Re: Keylogging on Linux as a limited user

    The old 'double click' 'exploit' is probably the biggest infector out there. Not saying there aren't exploits doing their work, but they probably account for less than 1/2 of infections.
    Oh really?
    https://www.youtube.com/watch?v=u8qgehH3kEQ
     
  6. Re: Keylogging on Linux as a limited user

    I think that was the wrong video. Pretty funny though!

    Edit: N/M, my anti-sarcasm scanner got hacked.
     
  7. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    7,785
    Re: Keylogging on Linux as a limited user

    haha... I like the way they type 90 words per minute constantly in a windowing gui with 50 popups per second going on... :)
     
  8. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    Re: Keylogging on Linux as a limited user

    Well, there's no way we can't blame users for a good percentage of infections. They're overall stupid and careless, and you know it. However, another large factor in all of this is that reactive security is still the #1 go-to for both users and the security industry. Even though I never agree that the Internet is a malware-infested minefield like so many security blogs like to point out, I do believe we are long past the days when just an AV was enough and keeping up with definitions was the right way to handle threats. But, what is left? HIPS? Put that on a large number of personal and business machines and see how long it stays on there. Sandboxing? For now it works well..but for how much longer? Hackers, whether they work for organized crime, governments or themselves don't just quit when their work gets harder. They will eventually bypass everything you throw at them if the prize or "duty" is worthy enough. So there are two huge factors here, neither of which are going to be resolved anytime soon as long as people are people and the security industry is bathing in bathtubs full of the money they are getting from the selling of reactive security.
     
  9. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    Re: Keylogging on Linux as a limited user

    Regarding the article on this keystroke logging, it appears to be an indirect advertisement by Rutkowska to plug the Qubes O/S :rolleyes: Just a simpleton question: if you don't install a rogue application, what is the concern?
     
  10. That a sandboxed application gets compromised? Which is really not hard at all, e.g. look at Firefox's security record.

    Right now that's not a problem, because the Linux desktop userbase is almost nonexistent. But that is security by obscurity.

    (Linux does have a large presence on servers, but who installs X on a Linux server?)
     
  11. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    @Mman79,

    I don't personally think any security tool out there is adequate. I think Microsoft has secured their operating system in that their own binaries are compiled with security mitigations etc but, just as a browser has now become responsible for its plugins, the OS has to be responsible for third party applications. Antivirus is inadequate and any HIPS is basically unusable for the user. I've stated over and over why AE is never going to be the solution despite some claiming it's the future. I think sandboxing, heuristics, and a few other key techniques will be the saving grace for desktop computing.

    There's nothing out there right now that balances security with usability, which is not to say that it's impossible. I personally have been talking to a security researcher buddy of mine about writing a program aimed at that very idea - something I've wanted to do for ages. That's OT and not really important I'm just trying to get across that while I don't think any desktop OS right now is particularly secure I believe that the level of security is possible. I think that the millions of botnets, infected computers, etc are due to insecure operating systems whether the infection method is due to a flaw in Windows software, a user double clicking malware, or a flaw in third party software.

    Users are stupid and I think it's just as stupid to believe they'll ever be anything but. User education is just one constant stream of failures and for any security model to be successful that has to be understood.

    @wat0114,

    The concern is that any compromised process with X access can both send and receive keys to any other running process under the same X session (all of them).

    Unfortunately the majority of information in there seems to be due to plugs for Qubes. It's a documented and known issue but no one seems to really care much - largely because (as GJ states) servers are where it's at for Linux and most servers will run an X-less session.
     
    Last edited: Nov 3, 2012
  12. Hmm. I think it might be possible to set up something sane with Xephyr and some other isolation method. The most obvious example is Fedora's 'sandbox -x', but you could probably use AppArmor, LXC, or just chroot (for something extremely quick and dirty). If you really wanted to get fancy you could use a user-mode Linux kernel.

    The main problems I see are:

    1. Convenience. Qubes, from what little I know of it, seems to be designed so it's convenient to run stuff in different sandboxes. Xephyr and Xnest demand big screens, separate WM sessions, and mucking around with the CLI.

    2. Performance. Xephyr looks hackish and crude, Xnest looks hackish and unstable. Neither perform well under all conditions (e.g. Xephyr is slow on rotated displays).

    3. Security. As Rutkowska pointed out, there are a few orders of magnitude more code in a Linux kernel than in the Xen hypervisor, which probably means a few orders of magnitude more bugs.

    That said, having a bunch of separate sandbox-desktops with normal Linux tools might be doable... Just not as good as creating dedicated tools for the job. Especially when kernel vulnerabilies, X vulnerabilities, and all the other types of local privilege elevation vulnerabilities rear their heads.
     
  13. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    The only method that works outside of using a separate X session through really annoying means is to use SELinux and I'm not even sure how well that works. Apparmor/Chroots won't do anything here.
     
  14. No they won't. That's why I mentioned Xephyr.

    (But if that doesn't work either, please do say!)

    Edit: BTW Arkose Sandbox has an option to isolate X applications using Xpra. Not sure how well that works, I'll have to test it.
     
  15. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I Figured Xephyr was just another way to run separate X sessions. Not sure how well it would or would not work based on that page, I'll have to check it out later.
     
  16. Well the Arkose method does not work at all... And you're right, neither does Xephyr; 'xinput test' records keystrokes right through it... So scratch that plan.
     
  17. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    I guess i'm just looking for an example of where and how it's been used to compromise, or maybe it's of no interest to hackers because Linux is not the low hanging easy target fruit windows is?
     
  18. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    There are no examples of this for two significant reasons.

    1) Linux users aren't targeted - servers sometimes are but usually they won't run X.

    2) The benefits of this attack rely on specific situations ie: having a users terminal open or whatever, an attacker would have to make use of multiple different possible situations.
     
  19. chrisretusn

    chrisretusn Registered Member

    Joined:
    Jun 16, 2004
    Posts:
    1,322
    Location:
    Philippines
    Re: Keylogging on Linux as a limited user

    Desktops don't get infected, computer's do.
     
  20. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    @HungryMan: I agree with you regarding adequate tools. You honestly can lock down a system quite tightly. But when you do, chances are greatly increased that stability issues will crop up or a user will get so fed up with having to work around his or her system instead of with it, that defenders of the fort, the users themselves, will either take down the gates entirely or poke the fort so full of holes that the whole thing becomes a Titanic in the making. Heck, I've been there myself to be truthful. We probably all have at some point in our computing lives.

    I don't have answers for that, unfortunately. In my own case, I rely on very few tools to keep me safer, and admittedly most are of the reactive type. I neither have nor really care to have knowledge of every single process of my OS and their interactions with each other. That may sound terrible to security experts like yourself, but I'd have to ask why do I need to? Why should I need to? I'm not interested in making forts, and I don't have the time to. I work and play on my systems, just as I suspect everyone is really meant to do as well. I have no idea how to "save the world" from malware, and I'm not even sure any of us can. The biggest question though is why should we as users even have to contemplate it?
     
  21. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I agree absolutely and entirely with the idea that if you lock down a system too aggressively and improperly than it will end up being a bunch of useless walls that the user knocks down themselves. I've expressed that many times in the past.

    One example is AV heuristics - to catch the most amount of malware they have to be really advanced or somewhat loose, which will lead to false positives. You end up with a "boy who cried wolf" situation and the user lets malware through believing it to be a FP.

    I don't think anyone should have to set up security on their systems, really. You don't want to set up forts nor should you have to to stay safe.

    So to answer your questions - you shouldn't. Users should stay out of security, they shouldn't bother themselves wondering how best to set up an apparmor profile or sandboxie profile or worry about only allowing specific programs to execute because they'll honestly just get tired of it or mess it up.
     
  22. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    Indeed, that just isn't my "thing". I often look through here and see so many people asking what setups people use, how they compare to others and what "tweaks" to use to squeeze that last bit of extra protection out of a program, and I can't do it. I'm not necessarily an idiot when it comes to online safety, but I'll not be called a guru anytime soon either. I find security interesting and am always trying to learn more, but not to the point where I'm going to put more effort into protecting myself from the digital bogeyman than I am getting work done or entertaining myself in my downtime. I've dropped a lot of tools over time, even "easy" ones like Sandboxie because I don't want to "allow" my darn printer to be able to print or make an exception rule to save a picture off the internet. If a tool is going to interfere with normal, proper usage of a system, I don't want it. Again, as you say, it shouldn't be my job to make sure all the hatches are closed. I accept responsibility for maintaining my system and making sure I don't do obviously stupid things, but not playing security guard.
     
  23. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
  24. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    Unfortunately the likelihood of this happening in any reasonable amount of time is very small, due to the very things explained. The security industry would raise holy hell and the government, even though DARPA (which should send shivers down a few spines) is funding the research, is not likely to financially support what would be a massive, years long undertaking.
     
  25. tlu

    tlu Guest

    What exactly are you talking about o_O
     
Loading...
Thread Status:
Not open for further replies.