PDA

View Full Version : Ubuntu/Linux/Windows and Viruses/Malware



Pages : [1] 2 3 4 5

weasel fierce
June 29th, 2005, 06:47 AM
Well, its hardly a surprise that even casual internet browsing is likely to earn a few sneaky things with IE, as well as the everpresent threat of vira.

I know that Linux is considerably more safe, but being the n00b I am, Im not sure entirely why.. except that more vira is targeted at windows.
But if the same people sat down, and decided to deliberately go after Linux machines, would it be as easy ?

Same goes for spyware ?


Please dont think that I am trolling or trying to start arguments, Im genuinely wondering about the hows and why's of all this.

Cheers
Ivan

sapo
June 29th, 2005, 06:57 AM
If i never used linux in my life.. now i would ask you:

What is a spyware? and whats is this virus stuff?

But as i was a windows user i could say...

You will forget what those 2 words means in a very short time after you switch to linux :grin:

bored2k
June 29th, 2005, 07:05 AM
If i never used linux in my life.. now i would ask you:

What is a spyware? and whats is this virus stuff?

But as i was a windows user i could say...

You will forget what those 2 words means in a very short time after you switch to linux :grin:
Simply put: while the world was going bananas with worm.blaster, the Linux community was out having Sundaes and Milk Shakes (I was having a Yogurt .. Sapo was smoking of course).

poofyhairguy
June 29th, 2005, 07:34 AM
I think I explained the situation pretty good in this thread:

http://www.ubuntuforums.org/showthread.php?t=44588

weekend warrior
June 29th, 2005, 07:44 AM
4 points to consider:

1. MS code is closed, all the more easy to hide malware. Not so in Linux

2. MS botched the root/user paradigm in Windows, it's practically impossible to run as a limited priviledges user. All those users running as root brings joy to virus writers, so easy to take full control. Not so in Linux.

3. Windows doesn't do a good job separating core and apps. Virus writers must love this, so easy to write and install an app to change the core codebase and bring the whole system down. Not so in Linux.

4. MS does an apalling job addressing security issues, seemingly preferring to cover them up or deny them as long as possible to avoid "bad press", then taking ages to resolve them. (See here (http://en.wikipedia.org/wiki/Comparison_of_operating_systems_%28security%29)). Not so in Linux.

So even though Linux now enjoys security through (relative) obscurity, the very design of Linux makes it much harder to bundle spyware or write viruses for it. Also Linux has a lot of good faith built up amongst the code writing literate, particulary the young and angry/mischevious/bored ones. Not so for MS!

Though only time will answer your question for certain.

az
June 29th, 2005, 11:40 AM
"So even though Linux now enjoys security through (relative) obscurity, the very design of Linux makes it much harder to bundle spyware or write viruses for it. Also Linux has a lot of good faith built up amongst the code writing literate, particulary the young and angry/mischevious/bored ones. Not so for MS!"

Well, I dunno about that. I think linux is very prevalent on servers (70 per cent of internet servers are using apache) How many viruses and security issues have the Microsoft company's server products had?

If you want to gain access to a huge number of credit card numbers or spy on millions of people, apache (linux, Open Source software) is a much bigger target than Microsoft.

People do not aim for Microsoft because they hate microsoft, but because they are an easier target.

Yes, I know! You do not run the same kind of software on a server that you do on a desktop, but my point is that apache has been on top for years and no one has been able to hit it with anything. That demonstrates the point that OSS is secure by default. The fact that there are fewer linux desktops is a less compelling argument.

poofyhairguy
June 29th, 2005, 11:44 AM
Yes, I know! You do not run the same kind of software on a server that you do on a desktop, but my point is that apache has been on top for years and no one has been able to hit it with anything. That demonstrates the point that OSS is secure by default. The fact that there are fewer linux desktops is a less compelling argument.

The "not run as administrator all the time" is the safest thing about Ubuntu. I know Windows technically can do it...but many programs break if you are not an admin (programs that shouldn't need admin access).

N'Jal
June 29th, 2005, 11:57 AM
I think this sums the question up really, i found this on the GNU site



evilmalware 0.6 (beta)

Copyright 2000, 2001, 2003, 2005
E\/17 |-|4><0|2z Software Foundation, Inc.

This is free software; see the source for copying conditions. There is
NO warranty; not even for MERCHANTABILITY, COMPLETE DESTRUCTION OF IMPORTANT
DATA or FITNESS FOR A PARTICULAR PURPOSE (eg. sending thousands of ******
spams to people accross the world).

Basic Installation
==================

Before attempting to compile this virus make sure you have the correct
version of glibc installed, and that your firewall rules are set to `allow
everything'.

1. Put the attachment into the appropriate directory eg. /usr/src

2. Type `tar xvzf evilmalware.tar.gz' to extract the source files for
this virus.

3. `cd' to the directory containing the virus's source code and type
`./configure' to configure the virus for your system. If you're
using `csh' on an old version of System V, you might need to type
`sh ./configure' instead to prevent `csh' from trying to execute
`configure' itself.

4. Type `make' to compile the package. You may need to be logged in as
root to do this.

5. Optionally, type `make check_payable' to run any self-tests that come
with the virus, and send a large donation to an unnumbered Swiss bank
account.

6. Type `make install' to install the virus and any spyware, trojans
pornography, ***** enlargement adverts and DDoS attacks that
come with it.

7. You may now configure your preferred malware behaviour in
/etc/evilmalware.conf .

SEE ALSO
evilmalware(1), evilmalware.conf(5), please_delete_all_my_files(1)

Kvark
June 29th, 2005, 11:58 AM
Viruses can cause harm to linux users. Consider the following scenario....

You get a word document with a macro virus and open it... nothing happens, openoffice ignores the macro virus. You continue on the document and write some more text and stuff without noticing anything. Then you send it to a windows using friend. He trusts you and opens the word document... and gets nailed. Then your windows using friend realizes he didn't backup all his warez and whatever else windows users love. So he comes over to your house and kicks your ass. :P



Disclaimer: Don't go open loads of fishy word documents now. I've been told several times openoffice ignores macro viruses but haven't tried it myself so can't be 100% sure.

Lowe
June 29th, 2005, 12:01 PM
The "not run as administrator all the time" is the safest thing about Ubuntu. I know Windows technically can do it...but many programs break if you are not an admin (programs that shouldn't need admin access).

Even if you did get some sort of permissions set up in windows, it would be too painful to install software since there is no "su".

Windows is basicly open, you downlod program a, thinking program a installs a new audio player but program a deletes all your system files. I dunno what microsoft were thinking when they were making the os. Seriously though, viruses and spyware are the least of your worrys if you use windows,

http://www.gnu.org/philosophy/can-you-trust.html
http://www.microsoft.com/windowsxp/home/eula.mspx

After reading them, most users will never ever use a microsoft program. I know i wont ever go back. Sorry for going a bit off topic. :-P

poofyhairguy
June 29th, 2005, 12:06 PM
Even if you did get some sort of permissions set up in windows, it would be too painful to install software since there is no "su".


Or for us:

gksudo

Takis
June 29th, 2005, 01:53 PM
That demonstrates the point that OSS is secure by default.
Would you say it's secure more because it's open source, or because it's good design? While open source is definitely a bonus, I think that good design is by far the bigger factor.

CoriolisSTORM
June 29th, 2005, 02:15 PM
The deal with windows is that we have a select group of people that look at and design the code. The plus of OSS is that we have many more people that look at and design the code which makes it less likely for vulnerabilities and exploits and the like to slip by. Since most spyware uses ActiveX, and as far as I know Linux does not use that, we are for the most part safe. I've also heard its harder to write viri for Linux than windows. Anyone know anything about that?

sonny
June 29th, 2005, 03:42 PM
The "not run as administrator all the time" is the safest thing about Ubuntu. I know Windows technically can do it...but many programs break if you are not an admin (programs that shouldn't need admin access).
How hard could it be for a virus to gain SU privileges in Linux?, cuz I mean is just a password, there are thousands of password breaking tools out there, so I suppose the real question would be, how secure is your admin password in Linux, more specific in Ubuntu cuz there's a lot of questions about using sudo instead of su?

weekend warrior
June 29th, 2005, 04:06 PM
My password is 18 characters long with capitals and numbers in the middle of the word spelt backwards in an ancient non Indo-European language older than Latin. Think I'm safe? :mrgreen:

If your password is "go" "pass" "login", something stupid like that or a dictionary word then that's your own fault! :roll:

shakin
June 29th, 2005, 04:09 PM
Things no one usually mentions are Java and Firefox. As Firefox usage increases, malware writers will target cross-browser and cross-platform exploits.

Java is a huge factor since a JVM priviledge escalation exploit will nail both IE and Firefox users. It would be extremely trivial to have that malware work on Linux if the programmer(s) chooses to do so, assuming the JVM exploit also works on Linux. Different JVM implementations will make a difference, but most people use Sun's.

The Firefox team also has to be very wary of its extensions interface as I could easily see adware and spyware coming packaged as an extension. If they find a bug in the extensions manager they may even be able to hide its existence. It may come packaged with a toolbar. You never know.

All things considered, I would recommend disabling Java support in Firefox unless it's something you regularly need (which it isn't for most people). Javascript will still work, just disable Java.

sonny
June 29th, 2005, 04:23 PM
My password is 18 characters long with capitals and numbers in the middle of the word spelt backwards in an ancient non Indo-European language older than Latin. Think I'm safe? :mrgreen:

If your password is "go" "pass" "login", something stupid like that or a dictionary word then that's your own fault! :roll:
Well that only gets them to try harder, but the question is about some who is trying to still your password (perhaps a cracker) to get into your files or database, is it harder than in windows, or is it impossible to get the password in a Linux machine? Cuz I don't know what securities and locks have the password storage-file, it has to be somewere, how hard could it be to break it?

weekend warrior
June 29th, 2005, 04:40 PM
"Well that only gets them to try harder"

LOL! :lol: Who exactly are we talking about here, the Clan of Desperate Hermit Crackers? Do you have any idea how long a brute force attack would take on something like that? They must have no social life and really really want all my TOP SECRET data! :-P

aysiu
June 29th, 2005, 05:15 PM
All things considered, I would recommend disabling Java support in Firefox unless it's something you regularly need (which it isn't for most people). Javascript will still work, just disable Java.
I've done this and have never encountered any problems. Can people give me examples of when you do need Java? I haven't yet found a need for it in my internet surfing.

Kvark
June 29th, 2005, 05:30 PM
Regarding passwords. No system/program/website/whatever with decent security in mind would ever store a password. A hash (also called checksum) of the password is stored instead.

You have probably heard of or even used checksums. If the checksum of what you downloaded and the checksum of what the developer published matches then you know the download has not been altered on the way. In the same way, if the hash (or checksum) of what you entered, and the hash (or checksum) in the password setting matches then the system knows you entered the right password.

So there is no stored passwords to steal.

Still. All the security in the world won't help if your password is a real word or anything else that is logical to use as password. A program can try whole dictionaries of all real words and all things known to have been used as passwords before.

I think (not sure though) there is a 1 secound delay after each failed login in linux which means the program can try only 3600 passwords per hour, but stealing the password hashes would allow the program to try passwords against the hashes without the delay.

Still, if your password is something that is not in any dictionary or database over known passwords then you are safe until you accedently give it away. Perhaps by using the same pass on a low security online game that does store passwords and gets hacked. Or by entering it in a fake login prompt. Or by logging in from a school computer that another student put a logger on. Or..... Well there is a lot of ways to reveal it.




Personally I never use the same pass in more then one place. All my passwords are L33t-$pE@k of one or two misspelled swedish words with a 3-4 digit random number thrown in, which is semi safe while still possible to remember.

az
June 29th, 2005, 05:51 PM
Would you say it's secure more because it's open source, or because it's good design? While open source is definitely a bonus, I think that good design is by far the bigger factor.

Bad design gets changed over time or dumped for something better when using open source. If it is closed source, chances are there are fewer motivations to change it if it works.

sonny
June 29th, 2005, 06:26 PM
Regarding passwords. No system/program/website/whatever with decent security in mind would ever store a password. A hash (also called checksum) of the password is stored instead.

You have probably heard of or even used checksums. If the checksum of what you downloaded and the checksum of what the developer published matches then you know the download has not been altered on the way. In the same way, if the hash (or checksum) of what you entered, and the hash (or checksum) in the password setting matches then the system knows you entered the right password.

So there is no stored passwords to steal.

Still. All the security in the world won't help if your password is a real word or anything else that is logical to use as password. A program can try whole dictionaries of all real words and all things known to have been used as passwords before.

I think (not sure though) there is a 1 secound delay after each failed login in linux which means the program can try only 3600 passwords per hour, but stealing the password hashes would allow the program to try passwords against the hashes without the delay.

Still, if your password is something that is not in any dictionary or database over known passwords then you are safe until you accedently give it away. Perhaps by using the same pass on a low security online game that does store passwords and gets hacked. Or by entering it in a fake login prompt. Or by logging in from a school computer that another student put a logger on. Or..... Well there is a lot of ways to reveal it.




Personally I never use the same pass in more then one place. All my passwords are L33t-$pE@k of one or two misspelled swedish words with a 3-4 digit random number thrown in, which is semi safe while still possible to remember.
Ok.. I think I get the point, so it's almost imposible to break into a 9+ digit password machine. I'll change my password, I'm 1 digit from that... :grin:

Big Venus
June 29th, 2005, 06:30 PM
But then too linux being open source, people are finding bugs and security vunerbilities everyday and contacting the people that make the code and they modify it and there goes a patch or update version of the app. So I would think that if it is a legitimet site and lots of people used it, I would think that it would be safe to use, but then if it was something that not alot of people use like say "evince" then I may doubt it was safe to use.

virgule
June 29th, 2005, 09:01 PM
My password is 18 characters long with capitals and numbers in the middle of the word spelt backwards in an ancient non Indo-European language older than Latin. Think I'm safe? :mrgreen:

If your password is "go" "pass" "login", something stupid like that or a dictionary word then that's your own fault! :roll:
What about chars who look similiar to each others like l, 1, | , 0, O, c, (, j, i, !? I'd say
4!1B13(CD|lidboe&0O is quite a secure password does it?

poofyhairguy
June 29th, 2005, 09:31 PM
How hard could it be for a virus to gain SU privileges in Linux?,

Very hard...we don't have a default su account in Ubuntu.


cuz I mean is just a password, there are thousands of password breaking tools out there, so I suppose the real question would be, how secure is your admin password in Linux, more specific in Ubuntu cuz there's a lot of questions about using sudo instead of su?

In this case...Ubuntu's downfall would be social engineering (aka someone tricking you into telling them your password). No OS can defend against that.

egon spengler
June 29th, 2005, 10:12 PM
Regarding passwords. No system/program/website/whatever with decent security in mind would ever store a password. A hash (also called checksum) of the password is stored instead.

You have probably heard of or even used checksums. If the checksum of what you downloaded and the checksum of what the developer published matches then you know the download has not been altered on the way. In the same way, if the hash (or checksum) of what you entered, and the hash (or checksum) in the password setting matches then the system knows you entered the right password.

So there is no stored passwords to steal.

on it's own a hash provides only authentication, not privacy. it's no surprise that passwords are not stored in a plaintext file, that would make things too easy for an uninvited visitor but as you said it's no defense against a brute force attack. i wonder if it's public knowledge which hash algorithim ubuntu uses? if it is then IF someone was able to obtai the digest of your password then it wouldn't be too hard to retrieve the password

az
June 30th, 2005, 02:11 AM
Very hard...we don't have a default su account in Ubuntu.


Ever read "Smashing the stack for run and profit?"

Every single vulnerability that is labelled "priviledge escallation" is just that - something that can become root. There are many such vulnerabilities. Nothing is secure.
All things being relative, it is a bigger concern on a microsoft system, because it is easier to exploit and the vulnerabilities are generally more severe.

sonny
June 30th, 2005, 02:20 AM
on it's own a hash provides only authentication, not privacy. it's no surprise that passwords are not stored in a plaintext file, that would make things too easy for an uninvited visitor but as you said it's no defense against a brute force attack. i wonder if it's public knowledge which hash algorithim ubuntu uses? if it is then IF someone was able to obtai the digest of your password then it wouldn't be too hard to retrieve the password
So as my understanding... the machine doesn't keep the password, only generates a hash for the password, then an algorithim to match up with the hash. Am I right, or I missunderstood the whole thing?... I'm asking all this cuz I often get this questions by windows above-average-educated users, so please teach me.

Optimal Aurora
June 30th, 2005, 02:37 AM
That is why it a program that is the equilivant to antivirus needs to be default for the ubuntu installation... No system is ever completely secure, however with selinux and other programs like (antivir and others) should be worked on regularly... Heck a Mac OSX or OS9 etc... never seems to have a virus on it but they do from time to time, so that is why we need to make one for linux, if over 2500 HPD is registered on Distrowatch and I know a lot more people than that actually use ubuntu and linux in general, WE NEED AN ANTIVIRUS PROGRAM THAT IS ALWAYS UP TO DATE. Sorry for shouting but I wanted to make a point...

egon spengler
June 30th, 2005, 02:51 AM
So as my understanding... the machine doesn't keep the password, only generates a hash for the password, then an algorithim to match up with the hash. Am I right, or I missunderstood the whole thing?... I'm asking all this cuz I often get this questions by windows above-average-educated users, so please teach me.
one of the properties of a hash is that when a text string is entered into it it produces a unique output. lets say for example i apply my hash to your name sonny and it produces the output "skirufy748fhvn". sonny should be the only word in the world that will produce that same output of "skirufy748fhvn".

what i imagine ubuntu does is when you create a password the actual password is never saved, instead the string entered is hashed and saved as password-digest. from then on whenever you enter a password the password you enter is hashed and compared to password-digest. because a string should always produce a unique output when hashed if they match then it means the correct password was entered

davahmet
June 30th, 2005, 03:24 AM
That is why it a program that is the equilivant to antivirus needs to be default for the ubuntu installation... No system is ever completely secure, however with selinux and other programs like (antivir and others) should be worked on regularly... Heck a Mac OSX or OS9 etc... never seems to have a virus on it but they do from time to time, so that is why we need to make one for linux, if over 2500 HPD is registered on Distrowatch and I know a lot more people than that actually use ubuntu and linux in general, WE NEED AN ANTIVIRUS PROGRAM THAT IS ALWAYS UP TO DATE. Sorry for shouting but I wanted to make a point...
No. Actually we do not. *puts on his lecturing hat and clears throat*

True, there are Linux virii in existance, more as proof of concept than anything else. The problem for virus writers is how to actually propagate the virus, and even more difficult is how to propagate the virus undetected. You have to remember, the difference between Linux and Windows is more than just the look, software availability and price, but some fundamental differences in design.

Windows by design is a virus-friendly environment because of its very porous barrier between kernel and user space which allows processes residing in user space to write to kernel space arbitrarily. Very, very bad idea although it gives an appearance of higher usability since processes aren't challenged before they take resources. It also encourages the mixing of data with code, again a very bad idea. This comes from Window's early design as a stand-alone, not network OS that focused on usability.

Since Linux was designed as a multi-user, networking OS from the start, it is much more paranoid about processes crossing the boundary from user-space into kernel space (generally raises a segmentation fault) and controls ownerships in the filesystem as well as within memory. A virus has to find a way to fool the Linux system that it is running as root, not an easy task to do.

Because only root has the ability to modify other ownerships and permissions, and root identity does not carry across a network easily, it becomes very difficult to spread a Linux virus from one host to another. The Windows design makes this trivial by comparison.

Now a major arguement against this the existance of Unix virii and worms still in the wild. However, although similar in design, Unix and Linux have a tremendous difference. Unix is a proprietary OS with closed source, proprietary collection of utilities. The open nature of Linux development provides a built-in auditting system to quickly identify and remove any malicious inclusion of code. MD5 signature verifications of Linux packages raise additional difficulty in sneaking malware into open source software. Unix and other non-open source software cannot enjoy this transparency as a defense. It is for this reason that the assumption that software's popularity will increase its viral vulnerability fails. Apache is a good example of a well-known, very popular open source application that is known as being virtually virus-free.

Creating a successful Linux virus would require a level of cleverness on the part of virus-writers that we frankly have not yet seen in the 17 year history of virii and worms. Not saying that some evil genius will never create one, but it is extraordinarily difficult. So difficult in fact that the resources needed to develop a Linux antivirus could be more effective used to improve an already good system.

poofyhairguy
June 30th, 2005, 05:44 AM
No. Actually we do not. *puts on his lecturing hat and clears throat*

True, there are Linux virii in existance, more as proof of concept than anything else. The problem for virus writers is how to actually propagate the virus, and even more difficult is how to propagate the virus undetected. You have to remember, the difference between Linux and Windows is more than just the look, software availability and price, but some fundamental differences in design.

Windows by design is a virus-friendly environment because of its very porous barrier between kernel and user space which allows processes residing in user space to write to kernel space arbitrarily. Very, very bad idea although it gives an appearance of higher usability since processes aren't challenged before they take resources. It also encourages the mixing of data with code, again a very bad idea. This comes from Window's early design as a stand-alone, not network OS that focused on usability.

Since Linux was designed as a multi-user, networking OS from the start, it is much more paranoid about processes crossing the boundary from user-space into kernel space (generally raises a segmentation fault) and controls ownerships in the filesystem as well as within memory. A virus has to find a way to fool the Linux system that it is running as root, not an easy task to do.

Because only root has the ability to modify other ownerships and permissions, and root identity does not carry across a network easily, it becomes very difficult to spread a Linux virus from one host to another. The Windows design makes this trivial by comparison.

Now a major arguement against this the existance of Unix virii and worms still in the wild. However, although similar in design, Unix and Linux have a tremendous difference. Unix is a proprietary OS with closed source, proprietary collection of utilities. The open nature of Linux development provides a built-in auditting system to quickly identify and remove any malicious inclusion of code. MD5 signature verifications of Linux packages raise additional difficulty in sneaking malware into open source software. Unix and other non-open source software cannot enjoy this transparency as a defense. It is for this reason that the assumption that software's popularity will increase its viral vulnerability fails. Apache is a good example of a well-known, very popular open source application that is known as being virtually virus-free.

Creating a successful Linux virus would require a level of cleverness on the part of virus-writers that we frankly have not yet seen in the 17 year history of virii and worms. Not saying that some evil genius will never create one, but it is extraordinarily difficult. So difficult in fact that the resources needed to develop a Linux antivirus could be more effective used to improve an already good system.


Clap, clap, clap. Necessity is the mother of invention. When we need an anti-virus program we will have one.

nocturn
June 30th, 2005, 07:59 AM
That is why it a program that is the equilivant to antivirus needs to be default for the ubuntu installation... No system is ever completely secure, however with selinux and other programs like (antivir and others) should be worked on regularly... Heck a Mac OSX or OS9 etc... never seems to have a virus on it but they do from time to time, so that is why we need to make one for linux, if over 2500 HPD is registered on Distrowatch and I know a lot more people than that actually use ubuntu and linux in general, WE NEED AN ANTIVIRUS PROGRAM THAT IS ALWAYS UP TO DATE. Sorry for shouting but I wanted to make a point...

Actually, I do not believe in AntiVirus programs as a solution. It has way to many drawbacks.

As the number of viruses increase, you see that scanning becomes slow to impossible.
Each new virus has a window of opportunity to thrive from release till the availability of AV signatures, so AV adds no security in that period.

What I see as the solution is good design decisions like the privilege seperation on Unix-like systems. We need to work further on this, implementing Pax to catch generic buffer overflows and developing generic mechs for preventing exploits.

AntiVirus is something like a system monitoring your car tires for incoming nails (so without update, it does not detect glass) with a small kitt to patch it back up. The good way is to design a tire that is stronger and does not cause catastrophic effects when it breaks.

skirkpatrick
June 30th, 2005, 02:22 PM
It's also my understanding (correct me if I'm wrong) that a lot of viruses, trojans, and other forms of attack, tend to concentrate on buffer overflow problems.

For the non-programmers out there, in C programming, an array or buffer is simply a contiguous section of memory. Strings of characters, incoming data, outgoing data, and other things are stored here. If I have allocated a 10-character buffer for somebody's name and there is nothing to prevent me from trying to store 100-characters to that memory. The first 10 characters store correctly and the next 90 characters would just overwrite whatever is next in memory. This can be data or in some instances can be code. The simple C string functions have no concept of how much space an array occupies and the test must be done in code. The virus simply dump a large amount of data to an unchecked array. Part of that data overwrites a portion of code and when the program goes back to execute that section, the virus' code is executed instead.

This is a simplification of what a lot of viri do to take over the system. The defense is to rewrite all your code to perform strong overflow checking. In Windows, that is a lot of code since Microsoft is the only group maintaining it. Y2K was a blip in comparison. I think I saw somewhere that the newer GCC compilers have the ability to enforce this for you.

Optimal Aurora
June 30th, 2005, 03:53 PM
It's also my understanding (correct me if I'm wrong) that a lot of viruses, trojans, and other forms of attack, tend to concentrate on buffer overflow problems.

For the non-programmers out there, in C programming, an array or buffer is simply a contiguous section of memory. Strings of characters, incoming data, outgoing data, and other things are stored here. If I have allocated a 10-character buffer for somebody's name and there is nothing to prevent me from trying to store 100-characters to that memory. The first 10 characters store correctly and the next 90 characters would just overwrite whatever is next in memory. This can be data or in some instances can be code. The simple C string functions have no concept of how much space an array occupies and the test must be done in code. The virus simply dump a large amount of data to an unchecked array. Part of that data overwrites a portion of code and when the program goes back to execute that section, the virus' code is executed instead.

This is a simplification of what a lot of viri do to take over the system. The defense is to rewrite all your code to perform strong overflow checking. In Windows, that is a lot of code since Microsoft is the only group maintaining it. Y2K was a blip in comparison. I think I saw somewhere that the newer GCC compilers have the ability to enforce this for you.
Well if it runs on buffer over flow, then AMD64 hit it on the head with their buffer overflow run protection (they call it hardware level virus protection)... I still say that linux needs an antivirus even if it was just for a single wrong click of the keyboard to start the virus (I know that that can't happen, but some one like me or another developer make a software program and implant it), linux does need an antivirus protection software program that is constantly up to date... I understand the difference between windows and linux, but I am a pro-active person, I am constantly thinking of what may come next or what problems I will face if I do this or that. So I personally see the need for an antivirus program...

davahmet
June 30th, 2005, 05:39 PM
Well if it runs on buffer over flow, then AMD64 hit it on the head with their buffer overflow run protection (they call it hardware level virus protection)... I still say that linux needs an antivirus even if it was just for a single wrong click of the keyboard to start the virus (I know that that can't happen, but some one like me or another developer make a software program and implant it), linux does need an antivirus protection software program that is constantly up to date... I understand the difference between windows and linux, but I am a pro-active person, I am constantly thinking of what may come next or what problems I will face if I do this or that. So I personally see the need for an antivirus program...

The chances of creating functional malware by accidental coding are astronomical. However, I do understand what you mean that engineering errors in coding can cause all sorts of problems that creep in, opening the door for malware. Although it isn't required to develeop in open source, using a lint program to check your code is strongly encouraged. Since any code you submit in open source is easily auditable by anyone, it's generally a good idea to lint it before publishing to avoid any embarassment. The same is not true in the closed source world, where sloppy coding is hidden by obscurity.

While you are right that someday Linux may need an antivirus, currently and for the foreseeable future, it does not. A signature-based or heuristic antivirus is very resource demanding, not only for development but also for upkeep. And as the value gained from it in Linux is almost nil at this time, there is no point in developing it.

Now a similar application that does have immediate value and would help prevent the possible development of future Linux virii would be an improved small-footprint active memory scanner with rule-based heuristics to watch for process violations.

sonny
June 30th, 2005, 06:30 PM
Well if it runs on buffer over flow, then AMD64 hit it on the head with their buffer overflow run protection (they call it hardware level virus protection)... I still say that linux needs an antivirus even if it was just for a single wrong click of the keyboard to start the virus (I know that that can't happen, but some one like me or another developer make a software program and implant it), linux does need an antivirus protection software program that is constantly up to date... I understand the difference between windows and linux, but I am a pro-active person, I am constantly thinking of what may come next or what problems I will face if I do this or that. So I personally see the need for an antivirus program...
My guess is that when Linux needs and antivirus, we are going to have a lot of background, to start with the AV, learning from Windows experiences, I guess that is one key feture of the Linux community, we actually learn from the mistakes of others, so when the time comes, we are going to be better prepared for the virus attack than windows is righ now.

Takis
July 1st, 2005, 12:06 AM
http://dictionary.reference.com/search?q=virus

All these virii, vira and viri are really getting to me. I'm having flashbacks to Latin class in high school. According to The American Heritage Dictionary of the English Language (read: dictionary.com) the plural of virus is viruses.

aysiu
July 1st, 2005, 08:37 PM
While you are right that someday Linux may need an antivirus, currently and for the foreseeable future, it does not. A signature-based or heuristic antivirus is very resource demanding, not only for development but also for upkeep. And as the value gained from it in Linux is almost nil at this time, there is no point in developing it. One could argue that "later on" Linux may have viruses, but I think your point about "the foreseeable future" is a good one. If we know Linux is relatively virus-free for at least the next couple of years, that's all that matters. Technology (both software and hardware) is developing at such a rapid rate, we may not even be using operating systems much in a few years. We may--I'm just saying it's possible we may not.

I was reading Linux Torvald's book (http://www.amazon.com/exec/obidos/tg/detail/-/0066620732/qid=1120246300/sr=8-1/ref=pd_bbs_ur_1/102-5616329-2921706?v=glance&s=books&n=507846) a while ago, and I remember him saying something like, "People don't want operating systems. They want what operating systems enable them to do." Notice how Linux is used for TiVo, how it's now able to load onto iPods. For the vast majority of folks out there, if they can check their email, surf the internet, play music, and watch movies, they don't care for an "operating system." They wouldn't care if their computer ran on Minix or FreeBSD or Microsoft or whatnot.

I'm not making predictions, but I'm saying technology is unpredictable. There's no point speculating as to whether Linux will eventually become more susceptible to viruses. Viruses may even soon be a thing of the past. (Of course, they'd be quickly replaced with some other kind of malware.) The internet is a weird and constantly-changing place.

I actually remember days before spam. The closest thing to spam back then was my friends and family sending me stupid forwarded jokes and chain mail. I remember when there was no spyware for Windows. I remember when there were pop-up ads (I haven't seen more than two pop-up ads since I started using Firefox a year ago). These changes happen very quickly.

So, especially in the world of computers, worry about the now. Are you safe from viruses now in Linux? Yes. So don't worry. Be happy. Bobby McFerrin (http://www.bobbymcferrin.com/) got something right.

Sionide
July 1st, 2005, 09:06 PM
The guys at LUGRadio had a talk about Linux and Virii etc during Season2 Episode 4 - Download it here; http://lugradio.org/episodes/16 I think they sum it up quite nicely :) (Ps. LUGRadio contains a bit of swearing)

N'Jal
July 2nd, 2005, 12:47 AM
I don't know why people don't download antivir or avg for linux. Sure it might cost, but, if it's that big a deal for you im sure it's money well spent.

matthew
August 24th, 2005, 05:09 AM
Well, it's been a fun couple of weeks watching the posts here so I thought I would put my stick in the mud at the bottom of the pool and stir. I'm going to let others post their thoughts and so I probably will just sit back and watch to see how/if this thread develops.

Here's a link to an article in a magazine that is generally pro-Windows.

http://www.pctoday.com/Editorial/article.asp?article=articles%2F2005%2Ft0301%2F20t0 1%2F20t01%2Easp&articleid=24418&guid=384CCFD5C7EF431198A0FBDB3942C7BC&searchtype=0&WordList=LINUX&bJumpTo=True

Discuss.

aysiu
August 24th, 2005, 05:13 AM
Weren't all the major points already discussed by the two fictional characters?

jeremy
August 24th, 2005, 06:14 AM
It isn't a case of 'more secure', Windows isn't secure, Linux is.

Wide
August 24th, 2005, 06:46 AM
Security is only as strong as the weakest link, weak links are everywhere not only on the O/S :smile:

sapo
August 24th, 2005, 07:22 AM
It isn't a case of 'more secure', Windows isn't secure, Linux is.
thats it :)

lyam_kaskade
August 24th, 2005, 07:29 AM
Security is only as strong as the weakest link, weak links are everywhere not only on the O/S :smile:

And the weakest link (especially in Windows) is usually the user (PIBKAC).

blastus
August 24th, 2005, 07:36 AM
This is a tired old argument. Windows has what, like 100,000+ viruses/spyware written for it? Linux has what, like a couple hundred viruses and no real spyware written for it. Statistically you are then far more likely to encounter security problems with Windows than with Linux. "Yeah but if Linux was as popular as Windows then it would have just as much malware and be just as insecure." Yeah well what if the sky was purple? Linux is practically more secure than Windows...get it?

npaladin2000
August 24th, 2005, 07:56 AM
Honestly, from an architecture standpoint, Windows and Linux can both be pretty secure. Yes, I did say that, shut up, let me finish. ;) It really depends on the implementation and the admin. Windows can be plenty secure IF you get it stable and then leave it the stink alone. You lock it down, disable remote log on with the Admin ID, etc.

The difference is that Linux DEFAULTS to being more secure, where Windows defaults to being less so, and it takes a lot of work to lock it down. Kinda like an ACL with an implicit "allow" rather than an implicit "deny." That and the fact that most Windows paches require a reboot. Only patches to the Linux kernel need reboots mostly, and if you have 2 kernels installed, even THAT can be gotten around with some chroot-ing.

Anyway, it's a matter of useage philosiphy. Now, personally, I don't like Windows because the only reasonable way to remote admin it is RDP; you can't do much with a Telnet session and it doesn't come with an SSH server. Exchange is an abortion that any Linux groupware package could top. But Windows does have a few advantages. In itself there's nothing TERRIBLY wrong with IIS, if you like graphical configs (Personally, I don't mind config files but Apache's is a mile long). WIndows Server 2003 has got a GREAT set of setup wizards for it's services to make them easier to set up initially. Active Directory is a nice LDAP implementation that allows finding pretty much any information; only Novell can reasonably compete with it.

Still, security comes down to the admin. Will he lock down what isn't needed? Will he keep it patched and updated (whether it needs a few or a lot)? Will he test the patches in a test environment before putting them on a production server? Admins blame Microsoft for breaking apps with their patches, but there's no excuse for not KNOWING that before you patch the mission critical server! Some patches break app compatibility in Linux too and the admin has to roll them back.

Maybe the main problem is that Microsoft encourages a lower level of skill for their admins by selling MCSEs like they were candy or something, when they need to encourage a higher scill level and a MUCH greater focus on security and testing. However, in many cases, those who end up Linux admins are former (or current) "script-kiddie" hobbyists who spend their time tweaking this and optimizing that...and then break that production server (I've seen this happen...that's the big difference between a hobbyist and a true sysadmin).

Both places could use improvement...and, in fact, both ARE improving. They just need to improve more. Obviously people still think of Microsoft as insecure (which it defaults to being) and they think of Linux as a hobbyist hacker-device (which in many cases it still is). But again, the biggest thing isn't the OS; it's the guy administrating it.

evansa4
August 24th, 2005, 08:27 AM
there is a backdoor in to every system diffently windows but linuxs has tried to stop ot and may hackers and crackers use windows because it easyer to use BUT if they ued linuxs the virus would be more power full and take down more pcs and my be microsoft and wouldent that be fun lol

arcanistherogue
August 24th, 2005, 09:29 AM
npaladin, very interesting post. Good explanation :D

Heliode
August 24th, 2005, 09:52 AM
There are fundamental differences in both OS's which make Unix (and thus Linux) more secure. Unix was designed from the ground up to be a multi-user system, so multiple users could use the same machine, and later several machines on the same network could securely work together, and all that scaled pretty well with the invention of the internet, which is really just a really big network.

Windows, on the other hand, has been designed as a single-user environment where full access to the system is given to every application, therefore was easy to program for. This was a mayor advantage for Microsoft, because getting people to program for your OS is the only way to get lots of applications available for it. User authentication in Win95 was a joke. At the login-prompt, you could just press ctrl+alt+del, go to 'execute->' and type in 'explorer.exe' et voila, you'd be in. Windows was never designed to be used by different users on a large network (the internet). NT is a step in the right direction, but is also build on legacy and therefore inherently insecure code, in order to maintain backward compatibility. Even with NT, if you manage to exploit a flaw in one single program which happens to be running, you're in. You can do pretty much anything you please.
In Unix however, programs run with their own user permissions. Apache and SQL even create their own user on installation. This user, as whom the program is executed, only has access to those parts of the system that are absolutely necessary for the program to function. Thus, if the program is exploited, mayor harm is avoided since the exploited application simply does not have access to important parts of the system.

There are people claiming Linux has 'security through obscurity' going for it, with which they mean that it isn't targeted like Windows is because there are less people using it. This might be true to some extent, but if you think about it, that doesn't make sense. If we take as an example the Apache webserver and Microsofts IIS server. Apache far outweighs IIS in usage (it has about 72% market share if I recall correctly) yet there are far more exploits for MS IIS, and Apache is seen as one of the most secure and reliable pieces of software there are.

I could go on like this for a while, but I guess you see my point. Microsoft is getting better, but what they are doing is plugging holes, not changing the architecture that allows for the holes. It's like fighting the symptoms of a disease, not the disease itself. Meanwhile, Linux has a history of security-conscious design, and thousands of intelligent people looking at the source code of critical applications to make sure it stays safe.

Opinions are divided, but if I were a betting person, I’d have my money on Linux when it comes to security.

Kvark
August 24th, 2005, 11:43 AM
To view the full text of any article published in Smart Computing, PC Today, or Computer Power User magazine, you must be a paid subscriber to one of these publications. Subscribers to any one of these publications also have access to all articles published in CE Lifestyles magazine (CE Lifestyles subscribers have access only to CE Lifestyles content).
Well, the only thing they discussed in the demo part of the article was open vs closed source so I'll reply to that. With closed source the only one who knows for sure what the application actually does is the guy, organization or corporation that made it. Which means you should use a closed source application only if you blindly trust the author. When using windows you run a lot of closed source applications from different authors all with full access to your whole system. That is a lot of blind trust given to many different corporations and individuals.

matthew
August 24th, 2005, 04:54 PM
Well, the only thing they discussed in the demo part of the article
Sorry, I didn't realize the entire article was not available til now. I have a copy of the whole thing so in the interest of furthering people's ability to comment here it is:

Is Linux REALLY More Secure Than Windows?
“Experts” Discuss The Question
No computer is completely secure. You've got to accept the risk
your PC will be cracked, hacked, or otherwise attacked. But is
that risk higher with Windows or with Linux?

Rather than simply rehashing the key points in the Windows vs.
Linux security debate, meet Very Big Corporation tech support
staffers Frieda Codd, a Linux sysadmin, and Winn Dozer, a
Microsoft certified software engineer.

As they get comfy in the break room with their morning coffee,
Winn shows Frieda an article summarizing a Microsoft vs. Linux
security survey. "See, Forrester Research says Microsoft Windows
is just as secure as Linux."

"Winn," replied Frieda, "Windows won't be safe until Microsoft
publishes source code for the world to see. Many eyes make
the code safer, and with Windows code kept secret, only
Microsoft can review it for security. Anyone can check Linux
out for safety, and anyone can submit a patch, too."

"Frieda, you just don't get it," offered Winn. "It's a matter of
national security! Don't you remember when Microsoft's Group
Vice President For Platforms Jim Allchin was testifying in 2002
about the antitrust thing? He said that sharing code could
have national security implications! Anyway, Microsoft hires the
smartest people to make sure Windows is secure."

Frieda sipped her coffee. "Hmm. Listen to yourself, Winn. As I
recall, eWeek reported on May 13, 2003, that Allchin ‘acknowledged
that some Microsoft code was so flawed it could not be safely
disclosed.' So Microsoft has to make certain none of their brilliant
programmers decide to betray us by disclosing that flawed code to
our enemies."

Winn mulled that over. "Sure, but hackers can study open source
looking for ways to subvert it; they could even slip in their own Trojan
horses into the Linux kernel. You can't do that with Windows."

"Sure, hackers study the code, but so can anyone," Frieda
countered. "Most people aren't evil, so I figure there are more
smart, good guys looking to keep Linux safe. As for hiding malware
in free software, it's possible, but the update process for open
software is open, too. You can't just add malware and expect no
one will spot it.

"And besides, how do we know there are no backdoors in Windows?
We've got to trust Microsoft on that. And it's happened before.
Remember Borland's InterBase secret backdoor? Back in the early
1990s, Borland inserted a hard-coded ‘secret' username and
password into the program, and it wasn't discovered until Borland
opened its code in 2000. How do we know that no one at Microsoft
hasn't done the same?"

"Come on, Frieda. Microsoft stands behind its products, and if it
doesn't, it'll go out of business!"

Frieda countered, "But with its monopoly, Microsoft has no real
economic incentive to improve security, does it?"

Winn huffed, "Of course it does. Microsoft has to take responsibility
for security flaws. Who stands behind your free software?"

"Winn, Microsoft's liability is limited to replacing bad installation media.
Read the end-user license agreement. If anything bad happens because
of Windows, you can't blame—or sue—Microsoft." Frieda paused. "Besides,
software vendors reward programmers for finishing projects on time, so
if you find major security vulnerabilities that will delay the project, you've
got a major incentive for covering them up. Not that I'm accusing anyone
of such a thing, of course."

"As for Linux, there's a huge community of open-source programmers as
well as the thriving commercial Linux industry that takes care of releasing
security patches. And if that infrastructure fails, you can always do the
programming yourself!"

Frieda continued and tapped Winn's magazine. "But most of Windows'
wonderful features are only made possible by opening the whole system to
programs running remotely or opened automatically. The Windows architecture
is just too open, in a security sense, for its own good."

"Hold on there, Frieda." Winn leaped forward in his chair, coffee
dribbling down his tie. "A properly configured Windows PC is no more
vulnerable than a Linux PC. It's only that Windows is so much more
popular than Linux that all the hackers write malware that runs on
Windows. If Linux ever got popular, it would be just as dangerous."

Frieda sighed. "Linux is already pretty popular, about even with Mac
on the desktop and challenging Windows in server markets. Even so,
Linux vulnerabilities are less severe because it's harder to get full root
access remotely. It's harder to write damaging Linux viruses and easier
to write them for Windows—even without seeing the code."

Winn pointed to the article. "Windows has fewer vulnerabilities and
fixes them much faster. If you're downloading all the patches, Windows
must be safer."

"Winn, Windows viruses and worms spread far faster and are far more
damaging than any Linux malware. They reduce productivity globally and
cost real money to fix: Expert estimates were as high as half a billion for
Nimda; a billion for SQL Slammer; over $2.5 billion for Code Red; LoveLetter
and Klez were estimated at $9 billion each!"

Frieda sighed. "Those studies don't quantify severity differences very well.
A Windows buffer overflow bug that enables attackers to add your PC to a
zombie spam network is counted as one vulnerability, just as a Linux bug
that, for example, lets a legitimately-logged-in user turn off a network
interface without permission."

Frieda shifted in her seat as she continued. "You know, some studies
looked at Web sites that report a bug once for each Linux distribution
and each version—one bug might be counted a dozen times. Plus they
counted bugs reported in apps included with Linux, but not actually part
of the Linux OS. That would be the equivalent of counting all the bugs
not just in Windows XP but also in Windows 95/98/NT/2000 and in Microsoft
Office, Adobe Acrobat, Photoshop, and Quicken."

Winn jumped up. "Hold on—Microsoft still publishes patches faster than
Linux vendors. You can't contest that!"

"Winn, we only know Microsoft found a bug when it tells us. How many
has it found that it hasn't announced? I wouldn't go around announcing
bugs for which I had no fix. Linux vendors work with the Linux development
community to find and fix the bugs, and when somebody discovers a
nasty one the patch gets out very fast."

Just then, Winn and Frieda's boss, Max Power, stuck his head in the door
of the break room. "Winn—Big problem. I need you right away. Hope you've
got no plans for this evening, or this weekend for that matter! The Windows
mail servers are all down, spam overload I think, so get on that pronto. And
our desktop PCs are all infected with a new virus—that's gonna take priority,
too, since we're dead in the water without our PCs. Plus, I think there's
something wrong with the company Web site. That's running on Windows,
too, isn't it?"

Winn's beeper and mobile phone both went off at the same time as he
jumped up and grabbed his coffee. The boss smiled at Frieda and said,
"Frieda, have a great vacation. Get plenty of rest. There'll be a lot more
Linux boxes to take care of when you get back!"

"In fact," continued Max, turning to look out the window, "I got the idea
from Microsoft, odd as that sounds. That Forrester white paper on its
Web site, ‘Is Linux More Secure Than Windows?' by Laura Koetzle. Here,
look," Max continued, waving a printout of the report's executive summary
to Frieda and Winn, who had already quietly slipped out of the break room:

" ‘After collecting a year's worth of vulnerability data, Forrester's analysis
shows that both Windows and four key Linux distributions can be deployed
securely.' "

Max muttered to himself, "We just can't afford all the cost of lost
productivity from these Windows attacks, either. We need to fix what
we can and get ready to migrate to Linux before it's too late."

Winn, Frieda and Max are all fictional characters, of course, but their
arguments aren't. You can find more by hitting your favorite search
engine with the words "Linux," "Windows," and "security." For more
concise reports from both sides, computer security expert and author
David A. Wheeler publishes a great report called "Why Open Source
Software / Free Software (OSS/FS)? Look at the Numbers!"
(www.dwheeler.com/oss_fs_why.html), while Microsoft maintains a
library of white papers comparing Windows and Linux accessible at
http://www.microsoft.com/windowsserversystem/facts/analyses.

Do your own research, and you'll find that most widely-used open source
software is more secure than proprietary software in the real world. Linux
on the desktop is effectively immune to the devastating email worms that
have been so costly to the Windows-using community: the US-CERT (United
States Computer Emergency Readiness Team), the operational arm of the
NCSD (National Cyber Security Division ) at the DHS (Department of
Homeland Security), has even recommended not using Internet Explorer
(www.kb.cert.org/vuls/id/713878) due to security concerns. Meanwhile, the
Apache open-source Web server (www.apache.org) has long been the gold
standard for secure Web serving.

You'll also find research reports touting all kinds of security advantages to
using Windows, but none of them tallies the costs of actual security breaches
to Windows systems and compares them to costs incurred during attacks on
non-Windows systems. If you're tired of wasting time and money fixing, patching,
downloading, and reinstalling insecure Windows software, give Linux a try—you'll
be glad you did.

by Pete Loshin

az
August 24th, 2005, 05:09 PM
http://news.netcraft.com/archives/web_server_survey.html

Apache has 70 percent market share. 70 percent of internet servers run apache. 20 percent run windows server.

How many viruses have been able to attack windows server in the past few years? (A few dozen?***)

How many viruses have been able to attack apache? (zero?***)


But apache has more than three times the market share. Opensource web servers are much more prevalent than window's. The argument that once linux becomes more popular, it will be more vulnerable is crap.

***Someone, please correct me if I am wrong. I am no expert in sysadmin stuff, so my facts are only from google.... Thanks.

Heliode
August 24th, 2005, 05:36 PM
http://news.netcraft.com/archives/web_server_survey.html

Apache has 70 percent market share. 70 percent of internet servers run apache. 20 percent run windows server.

How many viruses have been able to attack windows server in the past few years? (A few dozen?***)

How many viruses have been able to attack apache? (zero?***)


But apache has more than three times the market share. Opensource web servers are much more prevalent than window's. The argument that once linux becomes more popular, it will be more vulnerable is crap.

***Someone, please correct me if I am wrong. I am no expert in sysadmin stuff, so my facts are only from google.... Thanks.

Just what I said! Thanks for the link... actual proof is a nice way to back your statements up! ;)

GeneralZod
August 24th, 2005, 05:44 PM
[url]
***Someone, please correct me if I am wrong. I am no expert in sysadmin stuff, so my facts are only from google.... Thanks.

It has been alleged by some (and please bear in mind that I don't know my webservers from my elbow :)) that the Apache vs IIS argument is flawed on two counts:

1) That IIS does more than simply serve webpages, so that Apache +Perl/Python/PHP is a more fair comparison; and that
2) Apache+P/P/P has had not only more announced vulnerabilities, but more actual defacements than IIS 6.0.

Apparently, IIS 6.0 is actually very secure and has had only a small number of vulnerabilities since it was launched a couple of years ago.

This is all paraphrased from a post I saw on slashdot, so take it with a pinch of salt the size of your head :) I think the poster quoted secunia as the source of information.


For what it's worth, here are some random thoughts:

1) Desktop Linux and Firefox aren't targetted by spyware/ malware purveyors. I remember a proof-of-concept exploit for Firefox 1.0.3 (it was actually linked on these forums) such that merely visiting a page brought up a konsole window and started doing an ls -R. So here we have an arbitrary code exploit, with a sample page which I imagine could be reversed engineered effortlessly, and yet we completely fai to see this exploit actually exploited anywhere! However, I definitely do not agree with the conclusion some people draw from this: that if Linux and Windows swapped places popularity-wise, that Linux would be subject to a malware epidemic comparable to that of Windows. I think it would be hit harder, yes, but hitting a tank as hard as a spongecake does not cause comparable damage ;) Honestly, you would have to be really, purposefully negligent to have gotten into the mess MS have.

2) SELinux will render browser exploits (one of the most common vectors) almost completely ineffectual.

3) Ubuntu's smart move of including no listening services by default will mean that worms are almost completely ineffectual - we will never have a Code Red or RPC for Linux. Vulnerable net-aware services are another immensely popukar vector for viruses etc, so 2 & 3 combined already serve to greatly reduce the chances of a Linux malware epidemic.

4) There is a disturbing trend of people wanting to log in as root. If this increases, Linux could be in some trouble.

5) Getting users acclimatised to the notion of downloading via Synaptic and not downloading random .exe's is a huge boon to security, and Mac and Windows simply cannot compete here.

6) Fragmentation of distros has a security advantage - it is hard to craft an exploit that affects them all.

That's all I can think of for now - discuss! :)

skoal
August 24th, 2005, 09:03 PM
Security is only as strong as the weakest link [..]
Army, hooah!

\\//_

blastus
August 25th, 2005, 05:10 AM
It has been alleged by some (and please bear in mind that I don't know my webservers from my elbow :)) that the Apache vs IIS argument is flawed on two counts:

1) That IIS does more than simply serve webpages, so that Apache +Perl/Python/PHP is a more fair comparison; and that
2) Apache+P/P/P has had not only more announced vulnerabilities, but more actual defacements than IIS 6.0.

Apparently, IIS 6.0 is actually very secure and has had only a small number of vulnerabilities since it was launched a couple of years ago.

I don't know where the above info was from but I've read otherwise. IIS security went by way the birds a long time ago just like Internet Explorer.

IIS comes with support for ASP right out of the box. ASP support I believe can be added to Apache but I don't know anyone that would want ASP on Apache :roll:. But everyone uses PHP with Apache. ASP is supported in IIS through ActiveX...so with ASP you basically have complete control over the OS. I'm not sure the same is true with PHP but I've programmed in both ASP and PHP. ASP is also a PITA compared to PHP although I'm not sure about ASP.NET.

drizek
August 25th, 2005, 05:17 AM
http://news.netcraft.com/archives/web_server_survey.html

Apache has 70 percent market share. 70 percent of internet servers run apache. 20 percent run windows server.

How many viruses have been able to attack windows server in the past few years? (A few dozen?***)

How many viruses have been able to attack apache? (zero?***)


But apache has more than three times the market share. Opensource web servers are much more prevalent than window's. The argument that once linux becomes more popular, it will be more vulnerable is crap.

***Someone, please correct me if I am wrong. I am no expert in sysadmin stuff, so my facts are only from google.... Thanks.
It might be because the people who set up apache webservers know what they are doing and hte people who set up windows ones are idiots.

the same can be said about desktop linux. What if Joe-idiot saw a popup that said "add "deb /www.hackerz.com/viruseseses" to your sources.list and then go into synaptic and install Trojan.Horse"? that could screw up hteir system really badly. linux is more secure, but it is not, and can never be, idiot proof.

weasel fierce
August 25th, 2005, 05:42 AM
Wouldnt it make sense that a bunch of virus writers and "haxx0r" would want to be the guy who managed to crack linux and break it ?

Prestige and all that ?

Galoot
August 25th, 2005, 06:05 AM
Linux viruses aren't yet ready for the desktop.

matthew
August 25th, 2005, 06:17 AM
Linux viruses aren't yet ready for the desktop.
lol! I wasn't going to post, but I had to say thanks, Galoot.

npaladin2000
August 25th, 2005, 06:17 AM
I don't know where the above info was from but I've read otherwise. IIS security went by way the birds a long time ago just like Internet Explorer.

IIS comes with support for ASP right out of the box. ASP support I believe can be added to Apache but I don't know anyone that would want ASP on Apache :roll:. But everyone uses PHP with Apache. ASP is supported in IIS through ActiveX...so with ASP you basically have complete control over the OS. I'm not sure the same is true with PHP but I've programmed in both ASP and PHP. ASP is also a PITA compared to PHP although I'm not sure about ASP.NET.

Actually, I'd prefer to use Python on a webserver, but that's because I'm lazy and only want to learn 1 programming language to handle anything I might need. :) I've got a PHP book that I'll probably get around to too though.

ASP in itself isn't bad, it's basically CGI or JSP. It's the ActiveX part that is what kills the security. But ActiveX was a mistake to begin with...Step1 in securing Windows is disabling it. Allowing that much access to the OS on either end was a mistake and even Microsoft is starting to realize that. The functionality gained isn't worth the security lost.

endy
August 25th, 2005, 06:33 AM
Ok, a quick looks at Secunia's site tells me that Ubuntu 5.04 (http://secunia.com/product/5036/) has zero unpatched vulnerabilities while Windows XP Pro (http://secunia.com/product/22/) has 27! That's quite alot more and I'm pretty sure that by default Ubuntu has a wider variety of applications installed than Windows does.

Edit: Made the links a bit nicer :)

skoal
August 25th, 2005, 07:12 AM
"The argument that once linux becomes more popular, it will be more vulnerable is crap."

I don't know where to begin. That's a fatal misconception running rampant these days in Linux.

Virii is wriiten for potential impact, not possible influence. There is a subtle difference there. Do you really think crackers won't find exploits in T-bird or the like once every "ma and pa" start using it on their linux desktop with a theoretical 30+% market share? There aren't any mail clients that don't have a hole. Period. Petty thieves waste time jacking F/OSS 7-11s. HIgh rollers hit the IE/Outlook banks. It's where the "money" is.

Alternative case in point: How many times do you regularly update linux? albeit from a pre-emptive security alert, lib update, or the like? How often do you do that on Windows? There's a window of opportunity there for crackers on Windows systems. That's changing. Once linux becomes easy enough or MS applications portable enough to use here, you'll see that same "ma and pa" laissez faire take _root_ here. Guaranteed!

* I've been using Unix since the mid 80s, and linux since it's infancy. I've seen it all at _any_ give time, from buffer overflows in everything from xterm to cron, errant use of suid bits in apps (my hand raises), Xserver sploits, foo this bar that (oh geez I could go on forever here) to the more recent zlib vulnerability which sat on the cooker for _several_ months. You name it, they could have exploited it, and far far quicker in any OSS environment. I differ philosophically, strongly at that, with all my recent linux convert buddies in that context. Morris Worm? ARPAnet? Unix? Anyone? Use, _not_ history, has been linux's saving grace...

I feel like a street walker heralding "The end is near!" at times on all the linux forums I visit. No one seems to listen either. By all means, turn the deadbolt on your front door as I do. However, there's still a loose brick dangling from an upatched chimney I bet.......and wait 'til the neighbours move in! I'll go back to my "secure" and closed source Unix cave now...

\\//_

endy
August 25th, 2005, 07:22 AM
The truth is only time will tell if desktop Linux can hold it's own if it continues to gain market share (IMHO server Linux is doing fine now with a nice enough market share). But I'm optimistic that the individuals and companies involved will do their best to make sure Linux is as secure as it can be. However, I'm not sure the same can be said for Microsoft if you look at their past, security hasn't often been their focus :)

Kvark
August 25th, 2005, 12:09 PM
the same can be said about desktop linux. What if Joe-idiot saw a popup that said "add "deb /www.hackerz.com/viruseseses" to your sources.list and then go into synaptic and install Trojan.Horse"? that could screw up hteir system really badly. linux is more secure, but it is not, and can never be, idiot proof.
Yeah, it's amazing how willing people are to compromise their own computer security. For example "More than 70% of people would reveal their computer password in exchange for a bar of chocolate" according to this article (http://news.bbc.co.uk/2/hi/technology/3639679.stm).

Jussi Kukkonen
August 25th, 2005, 01:04 PM
Yeah, it's amazing how willing people are to compromise their own computer security. For example "More than 70% of people would reveal their computer password in exchange for a bar of chocolate" according to this article (http://news.bbc.co.uk/2/hi/technology/3639679.stm).
Just to nitpick: 70% of people say they'd reveal their password for a bar of chocolate -- I might lie a little for some quality chocolate too...

TheEclypse
August 25th, 2005, 01:31 PM
Wouldnt it make sense that a bunch of virus writers and "haxx0r" would want to be the guy who managed to crack linux and break it ?

Prestige and all that ?
The real virus writers do it for money. And since MS has the larger market share, they are going to get more cash writing for Windows.

asimon
August 25th, 2005, 02:27 PM
The real virus writers do it for money.
This is surely right for those spam bot and ddos attack networks.

But Sasser and Netsky are good examples of widespread worms which were written by a student for fun. Just for fun (they seem to think it's funny).

Malware intented for industrial espionage is usually specialized for their intended company networks and don't affect Joe User's desktop. The chance that the antivirus labs get a copy of one of these beasts and include them in their next signature update is also much smaller if only a specific company network is affected. I think many payed malware developers fall in this last category where the developers have very specific aims and don't want to have their malware on every second computer.

Brunellus
August 25th, 2005, 02:49 PM
"The argument that once linux becomes more popular, it will be more vulnerable is crap."

I don't know where to begin. That's a fatal misconception running rampant these days in Linux.

Virii is wriiten for potential impact, not possible influence. There is a subtle difference there. Do you really think crackers won't find exploits in T-bird or the like once every "ma and pa" start using it on their linux desktop with a theoretical 30+% market share? There aren't any mail clients that don't have a hole. Period. Petty thieves waste time jacking F/OSS 7-11s. HIgh rollers hit the IE/Outlook banks. It's where the "money" is.

Alternative case in point: How many times do you regularly update linux? albeit from a pre-emptive security alert, lib update, or the like? How often do you do that on Windows? There's a window of opportunity there for crackers on Windows systems. That's changing. Once linux becomes easy enough or MS applications portable enough to use here, you'll see that same "ma and pa" laissez faire take _root_ here. Guaranteed!

* I've been using Unix since the mid 80s, and linux since it's infancy. I've seen it all at _any_ give time, from buffer overflows in everything from xterm to cron, errant use of suid bits in apps (my hand raises), Xserver sploits, foo this bar that (oh geez I could go on forever here) to the more recent zlib vulnerability which sat on the cooker for _several_ months. You name it, they could have exploited it, and far far quicker in any OSS environment. I differ philosophically, strongly at that, with all my recent linux convert buddies in that context. Morris Worm? ARPAnet? Unix? Anyone? Use, _not_ history, has been linux's saving grace...

I feel like a street walker heralding "The end is near!" at times on all the linux forums I visit. No one seems to listen either. By all means, turn the deadbolt on your front door as I do. However, there's still a loose brick dangling from an upatched chimney I bet.......and wait 'til the neighbours move in! I'll go back to my "secure" and closed source Unix cave now...

\\//_
case well-made for staying vigilant.

a-nubi-s
August 25th, 2005, 02:56 PM
Originally Posted by endy
Ok, a quick looks at Secunia's site tells me that *SNIP* the data they provide says it all really.

Solution Status (to security risks based on advisories from 2003-05)

Ubuntu 5.04
Vendor Patch 100%

Fedora Core 4
Vendor Patch 100%

Mandrake 10.1
Vendor Patch 100%

Suse 9.3
Vendor Patch 100%

Slackware 10
Vendor Patch 100%

FreeBSD
Vendor Patch 100%

Gentoo
Vendor Patch 99%
Vendor Workaround 1%

Debian 3.1
Vendor Patch 94%
Partial fix 4%
Unpatched 2%

Mac OS X
Vendor Patch 98%
Unpatched 2%

MS Windows XP Professional
Vendor Patch 74%
Partial fix 1%
Unpatched 24%

http://img367.imageshack.us/img367/7871/mspro0iq.th.png (http://img367.imageshack.us/my.php?image=mspro0iq.png)

Edit: Link to the graph didn't work, should now

poofyhairguy
August 25th, 2005, 06:10 PM
I feel like a street walker heralding "The end is near!" at times on all the linux forums I visit. No one seems to listen either.

Two reasons why:

1. Linux users are usually the computer savy type- we don't have really bad malware/virus problems on Windows machines. We (well....the majority is) aren't the type to get fooled by pop up Windows that look like Windows Update. If a virus comes, none might not feel it.

2. The system is designed to be more secure. The developers have a good plan for security. The lack of a universal binary in Linux makes malware that much harder to produce.

In Linuxland, each virus.....each spyware....would need to be custom made for each distro. It would be madness.

Stormy Eyes
August 25th, 2005, 06:45 PM
4) There is a disturbing trend of people wanting to log in as root. If this increases, Linux could be in some trouble.

Such people need to be smacked. I have never, ever needed to login as root when my system is in multiuser mode (Single user is another issue, and a very rare case). What in Shabranigdo's name do these people do that they need to be root all the time? Sudo is enough for me.

Lovechild
August 25th, 2005, 07:57 PM
+6 years without getting owned.. +6 years without windows.. a coincidence?

darkmatter
August 25th, 2005, 08:06 PM
What in Shabranigdo's name do these people do that they need to be root all the time?

Uhhh...Windows? ](*,)

skoal
August 25th, 2005, 08:17 PM
Two reasons why[...]
poofy, I would never disagree with my fellow Texan. That would be like steppin' over the Red River into Yankee territory. So, lemme just say I never disagreed with 1 and 2. When I proclaim, "The End is Near", what I mean is, "The End of Innocence is Near". Yes, Linux is more secure than Windows. But no, security --, -> usability ^ popularity <-> insecurity.

In Linuxland, each virus.....each spyware....would need to be custom made for each distro. It would be madness.

How custom would a decompression algorithm using zlib need to be for <insert fav distro here>? Pre Z.C. (zlib current) testbed systems showed how to crash any browser rendering any images. Fortunately, no other serious exploits were _known_ (although quite possible), which is why it didn't receive the highest alert possible. Windows uses zlib extensively too of course. We can thank Mark Cox (of RedHat) and others for prior zlib alerts/fixes, and Tavis Ormandy (http://dev.gentoo.org/~taviso/blog/archives/2005/07/) (of gentoo) for discovering a more effective exploit of it. In that sense, maybe linux developers/auditors at large are more securcious than their Window counterparts, and even helping secure Windows for them...

\\//_

GeneralZod
August 25th, 2005, 08:25 PM
Such people need to be smacked. I have never, ever needed to login as root when my system is in multiuser mode (Single user is another issue, and a very rare case). What in Shabranigdo's name do these people do that they need to be root all the time? Sudo is enough for me.

I genuinely have no idea. The worst thing is that even when people take the time to explain to them the workings of sudo and how much more secure it is, and that the fact that users run as admins by default in Windows is a heavy contributor to the Malware Epidemic, these people just say "Oh well, I really want to do it anyway". Even the fact that Ubuntu not only doesn't allow root-logins by default but also makes you jump through hoops to do it doesn't deter them! The mind boggles, quite frankly. ](*,)

aysiu
August 25th, 2005, 08:32 PM
I genuinely have no idea. The worst thing is that even when people take the time to explain to them the workings of sudo and how much more secure it is, and that the fact that users run as admins by default in Windows is a heavy contributor to the Malware Epidemic, these people just say "Oh well, I really want to do it anyway". Even the fact that Ubuntu not only doesn't allow root-logins by default but also makes you jump through hoops to do it doesn't deter them! The mind boggles, quite frankly. ](*,) It's really like saying, "Oh, yeah. I know getting a lock for the front door of my house is a good idea, but I'm too lazy to keep locking the door every time I leave and unlocking it every time I come back. It's a lot more user-friendly to have a house that's just open. I've been robbed only a couple of times."

Kyral
August 25th, 2005, 09:48 PM
We should program in something that is very obnoxious when you login as root (as in like a MASSIVE "DON'T LOGIN AS ROOT!" wallpaper that is locked (somehow). I know XChat "yells" at you for using it as root

GeneralZod
August 25th, 2005, 10:28 PM
We should program in something that is very obnoxious when you login as root (as in like a MASSIVE "DON'T LOGIN AS ROOT!" wallpaper that is locked (somehow). I know XChat "yells" at you for using it as root

If I recall correctly, Mandrake gave a nice, scary red background whenever you logged in as root. Just need a skull and cross bones and a ticking bomb and we'll ne set :D

az
August 26th, 2005, 02:20 AM
If I recall correctly, Mandrake gave a nice, scary red background whenever you logged in as root. Just need a skull and cross bones and a ticking bomb and we'll ne set :D

Gnome 1.4 in debian Woody did this (may 2002). The backgroud flashed red and you heard a beeping-buzzing sound from your speakers!

Of course, my first daughter was just born and I tried this a two in the morning as she slept on my shoulder.... Reason enough to never do that again right there.

Kvark
August 26th, 2005, 12:31 PM
I know XChat "yells" at you for using it as root
I had to try, it didn't really yell at me, it just calmly called me stupid. :neutral:


Gnome 1.4 in debian Woody did this (may 2002). The backgroud flashed red and you heard a beeping-buzzing sound from your speakers!

Of course, my first daughter was just born and I tried this a two in the morning as she slept on my shoulder.... Reason enough to never do that again right there.
Flashing may be a bit too annoying but a special nuclear emergency look for root sounds cool.

The sudden and annoying noises part, thats why I always have the speakers off unless I'm listening to music or playing a game, ever since a popup went screaming "HELLO I AM LISA AND I AM GOING TO SHOW YOU....[rant]" and angry mom came storming in asking "who the hell is that Lisa you got in the computer? where you watching porn??".

duffydack
October 23rd, 2005, 07:56 PM
with nearly every program in use having its "source" available to anyone, and the kernel source available, could some bright chap/chapette just discover weakness in the apps or the kernel itself and just hack the SH*T out of ya?

Its just something that i think of now and then and makes me wanna know 2 things
1) Are there any virus`s out there for linux , if so how many
2) Who here can say they`ve been "compromised" using linux...

xequence
October 23rd, 2005, 08:04 PM
Linux is way more secure then windows.

I had always wondered if people could just look at the source... But it doesent seem like anything big has happened yet, in terms of hacking linux.

I heard there were three linux viruses ever, but I only have info on one. It was back awhile ago and it didnt infect many people and the people it did infect, it didnt do much damage to, and was EXTREMLY VERY VERY rare. It got in through firefox but was quickly fixed.

Jonne
October 23rd, 2005, 08:09 PM
1) Very few, and not a lot of them are in the wild. This is because of two things:
-smaller user base (viruses don't get widespread this way)
-security holes usually get fixed a lot faster then microsoft does (because everyone can see the code)
-executing a virus would require you (the user) to set a file's permissions to 'execute', because otherwise it would just open in a text editor or something.
-there's not a lot of common apps a virus writer can count on to be there. Basicly (almost) everyone is running the same kernel, but that's about it: X.org or Xfree86? Gnome or KDE? Galeon, Firefox, Mozilla or Konqueror? Thunderbird, Mutt or Evolution? Vi or eMacs? apt-get, emerge, or rpm (or gcc for the 1337er people)? etc...
Someone targetting windows is almost certain he'll find Internet Explorer as the system default, and outlook or outlook express. The monoculture is working against Windows.
2) I can't, but I haven't had viruses in windows either (without running an antivirus even). If you use common sense (keeping your box updated, not running that cool screensaver you got from a random person, not running as administrator/root etc), you won't get infected.


People that get infected with viruses usually are the careless ones. Regardless of OS. But Linux has some extra safeguards compared to windows, making it even safer, even for the more clueless users.

aysiu
October 23rd, 2005, 08:19 PM
Your question isn't really about Linux but Open Source.
I haven't ever seen any of Firefox's supposed exploits actually exploited, and they're usually patched within days.
Internet Explorer's get breached every week at my workplace.

duffydack
October 23rd, 2005, 08:21 PM
also read a post on another forum about someone who thought he got hacked, as he had a txt file left by the hacker. Well he was hacked but was told he was hacked and said that he (the hacker) had locked him down a bit, hehe...mad
Having an easy to guess password (if they know ur username and u have the password the same/similar) would make u easy to hack on any OS i guess...which is what this guy probably had.

Jonne
October 23rd, 2005, 08:31 PM
link please?

having a weak password is never a good idea, and it has nothing to do with either viruses nor the OS involved. Linux will not protect you from being an idiot ;).

Lovechild
October 23rd, 2005, 08:52 PM
we are marginally better, but Linux is still horribly insecure.

Sirin
October 23rd, 2005, 08:53 PM
Having an easy to guess password (if they know ur username and u have the password the same/similar) would make u easy to hack on any OS i guess...which is what this guy probably had.

That's not a vulnerability in the software/kernel, but a hole in that user's precautions. If he chose a pass word such as "a" (Not his real password, mind you), of course someone's gonna get into your computer.

A password is not insecure unless the intruder knows every single letter. ;)

duffydack
October 23rd, 2005, 09:02 PM
yeah i know its not Os related but was the reason prolly for that guy being hacked. My main thoughts were mainly, the open source world, and how can having everyone able to see the source code, make a program/OS secure?
i mean, windows got its source leaked and all hell broke loose....more than usual
Yeah i know its more widely used and such but linux aint far behind really is it

Jonne
October 23rd, 2005, 09:16 PM
No, windows always had security issues. That code leak didn't change anything about it.

It is very much possible to write a secure operating system and give out the source. I don't really follow your reasoning of 'if the haxxorz have the source, they can haxxor me'. There still needs to be a security hole in the system itself.

BatsotO
October 23rd, 2005, 09:18 PM
1) Very few, and not a lot of them are in the wild. This is because of two things:
-smaller user base (viruses don't get widespread this way)
-security holes usually get fixed a lot faster then microsoft does (because everyone can see the code)
-executing a virus would require you (the user) to set a file's permissions to 'execute', because otherwise it would just open in a text editor or something.
-there's not a lot of common apps a virus writer can count on to be there. Basicly (almost) everyone is running the same kernel, but that's about it: X.org or Xfree86? Gnome or KDE? Galeon, Firefox, Mozilla or Konqueror? Thunderbird, Mutt or Evolution? Vi or eMacs? apt-get, emerge, or rpm (or gcc for the 1337er people)? etc...
Someone targetting windows is almost certain he'll find Internet Explorer as the system default, and outlook or outlook express. The monoculture is working against Windows.
2) I can't, but I haven't had viruses in windows either (without running an antivirus even). If you use common sense (keeping your box updated, not running that cool screensaver you got from a random person, not running as administrator/root etc), you won't get infected.


People that get infected with viruses usually are the careless ones. Regardless of OS. But Linux has some extra safeguards compared to windows, making it even safer, even for the more clueless users.

the small user base dont make linux or open source safer.
Most of web servers runs open source Apache, and fewer number uses Microsoft IIS, yet the number of the attack was greater and more severe on IIS. The most notable was the code red worm, and this worm stop because it stop by it's own will, not by any patch from microsoft.
So IMHO the reason for these viruses in linux doesnt get wide spread is more on the design view, not number-based. From what you stated above it is way too hard for viruses to infect a linux machine, though it's posible , and way harder for the virus to repeat the process, so the posibility decreased

duffydack
October 23rd, 2005, 09:19 PM
having the kernel source i think would give (anyone with tons of brains) the info they need to find the holes.. > ? wouldnt it?

I still think its more secure but the whole thing about sources being available to all and sundry sometimes makes me think...maybe i dont need to worry ..

Sirin
October 23rd, 2005, 09:31 PM
yeah i know its not Os related but was the reason prolly for that guy being hacked. My main thoughts were mainly, the open source world, and how can having everyone able to see the source code, make a program/OS secure? i mean, windows got its source leaked and all hell broke loose....more than usual Yeah i know its more widely used and such but linux aint far behind really is it
Because other users can find holes and bugs in the code and send patches to the vendor. :)

Windows, on the other hand... is targeted because of it's easy-to-mess-up Hybrid Kernel, so they're making themselves at home. Linux however, uses a Monolithic Kernel, which not very much malware writers are not known to bring down.

Here's the only ones that are allowed to legally modify, or even have access to the Windows kernel: http://www.bugkid.com/veggietales/pictures/006.jpg

duffydack
October 23rd, 2005, 09:32 PM
Lol

Kvark
October 23rd, 2005, 09:32 PM
how can having everyone able to see the source code, make a program/OS secure?
i mean, windows got its source leaked and all hell broke loose....more than usual
So if the source of an insecure system leaks then all hell breaks loose. If an insecure system would be completely open source then all hell would break loose all the time. A closed source system can survive even if it is full of security flaws cause it's hard to find them. An open source system has to be secure or otherwise it would quickly be slaughtered.

23meg
October 23rd, 2005, 09:34 PM
The fact that everyone has the source code is a plus in terms of security in the open source world because open source hackers don't tend to exploit security vulnerabilities to cause damage or annoyance; instead, when they find them, they fix them and make the patch available upstream, and the OS immediately benefits from it. With closed source systems such as Windows they couldn't do this even if they wanted to, so they resort to causing damage instead, which is their only way of grabbing attention to the security flaw, or themselves.

Jonne
October 23rd, 2005, 09:37 PM
the small user base dont make linux or open source safer.
Look, I'm sick of people posting that crap over and over. I KNOW Linux and Apache et all are a lot safer than most of commercial counterparts for the following reasons:
-they usually don't have marketing people sceaming they need feature x, and that good code and security aren't important. Deadlines are rare too ;) (or they're self-imposed, on a realistic schedule).
-everyone sees the code, so the devs usually make sure it's clean (a bit of vanity ;) ), readable, and according to the 'rules'.
-sometimes other people read the code too, and stumble on bugs or security holes. These get patched fairly quickly then.

The point about user base is this: you can't write an e-mail worm (example) for Evolution (example), and expect it to spread. Only a minority uses it, so it would 'die' at the first node (I don't have *any* contacts using Evolution). If you target a hole in Outlook and/or Outlook Express, you have a bigger chance of your worm spreading.

So avoiding a monoculture of any kind protects you from getting the whole world infected in a week.

And Open Source allows people to choose. You can choose to use the 'official' kernel, you can choose a fork that is focused more on security, and you have millions of choices for all other building blocks of your OS.

I'm not saying that a minority of users will protect you from everything, but you can't deny that it helps.

Malphas
October 23rd, 2005, 09:47 PM
It's a mistake to think that the fact a piece of software is open source makes it less secure, actually it could be argued that the opposite is true as anyone can examine the source and report and security holes they happen to spot to the development team. When anything is reliant on secrecy for security it generally means that the security is rather weak.

dbott67
October 24th, 2005, 12:10 AM
Here is a snippet of something I wrote in another post, as well as some additionaly thoughts:

Contrary to popular belief, Linux (in general) is not more secure than Windows XP/2000/2003 (in general). BTW, I'm not saying that Windows is more secure than Linux --- only that an improperly secured OS is vulnerable, whether it be Windows, Linux or OSX. A somewhat older study from 2004 states that Linux is the most hacked OS (http://www.smh.com.au/articles/2004/03/01/1077989482304.html):

The group said it had analysed 17,074 successful digital attacks against online servers and networks in January 2004, with Linux accounting for 13,654 breaches, and Windows for 2005 followed by BSD and Mac OS X with 555 breaches worldwide.
Keep in mind that these are SERVERS, not desktop users but the overall point is valid. Take a look at some of the major security vulnerabilities at sans.org (http://www.sans.org/top20/). Of the recent vulnerabilities discovered, there are far more open-source vulnerabilities than MS (granted, many are not that severe, but the point is MS is getting much better).

There have been severe vulnerabilities discovered in virtually every major piece of software, in Windows, Unix, OSX, Linux; in applications like PHP, Oracle, MS-SQL, MS Office --- just take a look at the "details" next time you run Ubuntu update and take a look at the reason some of the packages are being updated.

As someone who has been professionally administering computer networks for over 10 years, failure to keep your OS and applications up-to-date (as well as properly configured), is the primary reason that systems get hacked, not because the vendor failed to do anything about it. In fact, slammer, blaster and virtually every other exploit had fixes well-before anyone had figured out how to take advantage of it. It is only the incompentence of the sysadmin for failing to apply the necessary patches.

REAL SECURITY relies on the administrator (or home user, as the case may be) to perform some very important functions:

1. Keep their OS up-to-date (as well as applications) (i.e. run Windows update / Ubuntu update)
2. Run a firewall (this prevents the 'background radiation' of the internet --- worms like slammer and blaster and other automated scanners from detecting & infecting your computer).
3. Turn off unneeded services (this is a big one --- don't run a mail/web server unless you know what you're doing, as these services are regularly targeted)
4. Don't run in admin/root mode
5. Run an antivirus and keep the definitions up-to-date (at present, linux has a very low profile for viruses and spyware, but that is more likely due to the fact that there are far fewer linux-users than Windows-users, and it's easier to infect Windows because there are so many users that do not follow the above precautions).


Linux does have the benefit of having a better security model (in my opinion) for software installation than Windows, however, a buffer overflow of an unneeded or improperly configured service could grant root access to a hacker who could easily install a rootkit and 'own' your computer without your knowledge.

As the popularity of Linux continues to rise and it comes into the hands of the same inept users who can't run WindowsUpdate, or can't keep their AV up-to-date, or need to open every attachment that arrives in their inbox, hackers and malware writers will come up with new & interesting ways to infect users.

Major banks, credit card companies, NASA, Microsoft, the Defense Department, NYTimes and countless others have been hacked because they were all big targets. Now, hackers are going after home users to infect their computers and turn them into a legion of zombies to do their dirty work.

Security is a constant battle... open source has it's advantages, but those same advantages can be used to infiltrate systems.

Linux is NOT more secure than Windows (nor is Windows more secure than Linux). If both are properly configured, secured and kept up-to-date, they are equally secure. The problem is that in an effort to make the PC easier to use (and reduce the number of support calls), MS had made some decisions that have come back to haunt them:

1. Failure to enable the firewall by default in XP (pre-SP2)
2. Failure to force users to run in 'limited access' mode, as opposed to 'administrator'
3. Failure to disable many 'unneeded' services and force the user to explicity turn them on only if needed.

Before you take MS to task for this, think about this: how many linux distros allow you to run in root mode if desired? How many have a firewall enabled by default?

Linux allows the user freedom of choice, but using it does not prevent an incompetent/ignorant/careless user from getting hacked. If they fail to update or properly configure their system, they will eventually get hacked.

-Dave

BatsotO
October 24th, 2005, 12:12 AM
I just want to point out the contradiction. If linux gain more user, dont stop using it just because more user will take away the benefit of having small number of user. Some even call small number-means-safer a myth and discouraging to the new user.
As regard to user base point of view, It is the modular design of linux that allowed users to choose from tons of open source softwares to fits their need ( avoiding monoculture ) and constant reviewing by huge number of users ( more time and effort will be dedicated ) that add security factor on linux.
The modular design on linux prevent a bug in evolution to effect nautilus or GDM or any other part of the system that doesnt require evolution service. This dont work in windows, for a bug in IE will be surely effect outlook, windows explorer and next the entire system due to it's monolitic design.

Even if more linux users uses evolution, a bug in it wont likely effect the whole operating system, thus it safer by design.

majikstreet
October 24th, 2005, 12:54 AM
Because other users can find holes and bugs in the code and send patches to the vendor. :)

Windows, on the other hand... is targeted because of it's easy-to-mess-up Hybrid Kernel, so they're making themselves at home. Linux however, uses a Monolithic Kernel, which not very much malware writers are not known to bring down.

Here's the only ones that are allowed to legally modify, or even have access to the Windows kernel: http://www.bugkid.com/veggietales/pictures/006.jpg
why you forgot bill!

http://www.aaxnet.com/images/billg.jpg

aysiu
October 24th, 2005, 02:28 AM
Linux allows the user freedom of choice, but using it does not prevent an incompetent/ignorant/careless user from getting hacked. If they fail to update or properly configure their system, they will eventually get hacked. I can definitely agree with these sentiments. We can argue all year about how "secure" or "insecure" any OS or piece of software is by design, but the user ultimately determines how secure it is by her or his actions (easy-to-guess passwords are quite common). Reminds me of a Seinfeld episode...

JERRY: Stolen?
ELAINE: [Kramer enters the apartment] Someone left the door open. [it's clear that she means Kramer; she walks to the bathroom]
JERRY: [to Kramer] You left the door open?!
KRAMER: Uh, Jer, well ya know, I was cookin' and I, I uh, I came in to get this spatula...and I left the door open, 'cause I was gonna bring the spatula right back!
JERRY: Wait, you left the lock open or the door open?
KRAMER: [bobs his head guiltily] The door.
JERRY: The door? You left the door open?
KRAMER: Yeah, well, I was gonna bring the spatula right back.
JERRY: Yeah, and?
KRAMER: Well, I got caught up... watching a soap opera...[with a broken voice] The Bold and the Beautiful
JERRY: So the door was wide open?
KRAMER: Wide open!
JERRY: [Elaine enters the living-room] And where were you?
ELAINE: I was at Bloomingdale's...waiting for the shower to heat up.
KRAMER: Look, Jerry, I'm sorry, I'm uh, you have insurance, right buddy?
JERRY: No.
KRAMER: [looks shocked] How can you not have insurance?
JERRY: Because...I spent my money on the Clapgo D. 29, it's the most impenetrable lock on the market today...it has only one design flaw: the door...[shuts the door] must be CLOSED.

BatsotO
October 24th, 2005, 02:54 AM
A somewhat older study from 2004 states that Linux is the most hacked OS (http://www.smh.com.au/articles/2004/03/01/1077989482304.html):



There are many who questioning the methology of the research and even the credibility of the researcher.
Llinux does encourage more secure behaviour for the user, for it required to create root account and normal account on instalation. MS never bother to do this on instalation and leave the users with one administrative account until they realize that they were stupid enough to did that, and tragicly Lindows do this too.
Malware and Spam are as bad as any buffer overun. At least i dont have to worry about them in Linux.

dbott67
October 24th, 2005, 04:12 AM
There are many who questioning the methology of the research and even the credibility of the researcher.
True --- I encourage people to read the article. My point is that Linux gets hacked --- in the same realm as Windows. It's not some sort of magical OS that, as Ron Popeil (Ronco) would say, "Just set it and forget it."

There are two components to making sure a computer is secure: the developers need to release timely patches when vulnerabilities are discovered AND the end-user must apply them. Do you think that the same people that fail to update XP will regularly update Linux? In all honesty, both Ubuntu and MS make it pretty easy to keep the OS up-to-date.

Llinux does encourage more secure behaviour for the user, for it required to create root account and normal account on instalation.
It does, but it doesn't force a lazy person not to use root as their own personal account. Some people just can't be bothered to "type in a password every time I want to do something" (which is why XP home runs the default user as 'admin').

Windows is capable of it... they just don't encourage it (or make it easy, for that matter).


MS never bother to do this on instalation and leave the users with one administrative account until they realize that they were stupid enough to did that, and tragicly Lindows do this too.
Yes, they (MS) did --- a tragic mistake in my opinion. They should have taken a hard look at the way OSX and some linux distros require users to enter their password to make system changes.


Malware and Spam are as bad as any buffer overun. At least i dont have to worry about them in Linux.
I'm assuming you mean spam-zombies (ie. home computers that are infected with some virus and just spew spam and other crap all over the internet --- because even though Linux is a really great OS, it still can't stop spam! :) ). In response to your point though, it's true, Linux does have a much lower profile for malware/spyware at this point in time, although I'm sure that will change as Linux's usage rises around the world.

Ubuntu (in particular) relies on a set of repositories to make it easy to install applications, but I'm certain that as the popularity of Linux increase, software developers will compile specific versions of their software for some of the more popular distros. A case in point would be for the web browser 'Opera'. If you go to their site to download, they have versions pre-built for all the major OSes; no need to compile it yourself or download it from repos.

Most end-users (that would be coming over from the Windows-world) don't know about or care about whether or not software is open-source or not. If a new company came along with a free (but proprietary & close-source) KILLER app that took the internet by storm (think of Napster and all of the music/file-sharing apps that followed), they could include whatever spyware/scumware/malware they wanted --- because the end-user would CHOOSE to install it right from their website (as opposed to a trusted repo). A particularly malicious company may include a rootkit, keystroke logger, whatever... you get the point. The same people who don't read the EULA in Windows when they install Gator will not read the EULA in Linux and install the same sort of crud.

Today, it's unlikely to happen, but in five years hackers and malware writers will see a new generation of inexperienced Linux users.

-Dave

Zensunni
November 9th, 2005, 02:26 AM
Okay, not that I have a problem with viruses because I'm behind a router, but I'm just wondering...

Is lunix completely protected? If I set up ubuntu or red hat (or any linux for that matter) with a full installation and connect it directly to the internet, am I safe from all the viruses attacks entirely?

I was talking about the matter to somebody else and they said that there are still a few linux viruses floating around. I know there's never any virus updates for linux, so has linux beaten virus contraction entirely, or is it just safety in numbers, such as with MACs?

briguy
November 9th, 2005, 02:33 AM
Well, first off, a router won't necessarily protect you from a virus. And secondly, linux is probably just as susceptible to viruses as Windows is, it's just "under the radar" in that there aren't as many linux desktops out there. You can install anti-virus software (System -> Administration -> Add Applications and add Aegis Anti-Virus, or you can install clamAV, search this forum).

I personally don't worry too much about it, but that's not to say that viruses for Linux won't arrive. Today a linux worm for web servers was discovered, so perhaps the viruses won't be too far behind...

bjweeks
November 9th, 2005, 02:34 AM
No.

az
November 9th, 2005, 02:34 AM
Viruses prey on security vulnerabilities that do not exist in linux. It doesn<t work that way. They are not the same. That is not to say that there are no security vulnerabilities, but you can safely plug a default ubuntu install directly on the net and not worry about getting owned or spyed-on.

shamrock_uk
November 9th, 2005, 02:34 AM
Your friend is quite correct - they are some floating around, although most are laboratory-only.

It's probably prudent to install a firewall (eg Guarddog (http://www.simonzone.com/software/guarddog/)) and there are decent virus solutions in the form of ClamAV (http://www.clamav.net/whos.html) for example.

You'll probably get along just fine without the above (and I certainly have) - but that is, after all, relying on security by obscurity - far better to have proper safeguards in place, just in case.

adwait
November 9th, 2005, 02:34 AM
To an extent it is safety in numbers. There are still too few linux machines as compared to windows machines for virus writers to concentrate on it. But its not only this. The other reason is the strong permission system in linux.
eg: If you are not running as root, and even if you execute a file which is infected bya a linux virus, it won't do much harm, because it can't touch the files which require root access. So at the most, the virus can damage files in your home directory......severly limiting the damage. This is also the reason why running as root is discourages in linux.

erikpiper
November 9th, 2005, 02:34 AM
I heard of one virus. Trojan horse. You had to conciously give it root privliges or something :p

And people say automation in windows is an advantage. :rolleyes:

xequence
November 9th, 2005, 03:01 AM
There have been viruses that affect Linux, but the chances of getting them are extremly low. You probably have a better chance of winning the lottery then getting one.

If you have a normal installation you dont have to worry about it at all. The only time you should worry is if you had a super heavy duty server that is mission critical. With them you take no chances at all.

Zensunni
November 9th, 2005, 04:36 AM
So, from what I take, when viruses actually DO get in, they can only attack the user that it entered on.

....If a virus "knew" your root password and name, could it then attack your system, or does the file have to have it's permissions changed before it could, infact, execute itself as root?

How does the pocess of "getting in" work, anyways? How does a typical virus jump the gap from the internet to another computer?

Briguy: You said viruses can get through routers. What can they do to get around them? (I'm still not sure how routers are better than a hub, concerning viruses - I've just been told they are).

Sorry for the dumb questions. I'm sure they don't have just some simple answer. There's probably websites that explain this all. If you know one, just post a link.

etc
November 9th, 2005, 04:49 AM
How does the pocess of "getting in" work, anyways? How does a typical virus jump the gap from the internet to another computer?
The user downloads something from a shady source, thinking it's something else.

Qrk
November 9th, 2005, 04:55 AM
The user downloads something from a shady source, thinking it's something else.

That or uses outlook.

ljamie82
November 9th, 2005, 04:59 AM
here's a quicky . . . i always open terminal and type su and password as opposed to sudo and pass . . . does that make a difference? i just type su because it always works, i know this.. . . i don't know if there's any limitations to sudo,. . . but it's not really important. . . what i've been wondering is if there's any problems that could come from always using sudo when i could use su . .. thanks

Zensunni
November 9th, 2005, 04:59 AM
Oh really?

So any virus that's contracted is just downloaded by the user? I thought most viruses (for windows, anyways) get on your system by themselves, through open ports.

If viruses are just downloaded by the user, it's pretty much a no-brainer to avoid viruses just by making sure your downloads are virus free.

nocturn
November 9th, 2005, 10:15 AM
And secondly, linux is probably just as susceptible to viruses as Windows is, it's just "under the radar" in that there aren't as many linux desktops out there.

I strongly disagree with this. Unix-like systems and Apache have always dominated the server market, while it is IIS on Windows that takes all server-viruses despite being a small fry.

Linux uses a very different security model that does not make it immume to virusses, but lessens the impact when they do hit. Besides that, the variety in Linux distributions makes it much harder to make a catch-all virus.

nocturn
November 9th, 2005, 10:23 AM
So, from what I take, when viruses actually DO get in, they can only attack the user that it entered on.

Correct.



....If a virus "knew" your root password and name, could it then attack your system, or does the file have to have it's permissions changed before it could, infact, execute itself as root?


Basicly, yes. It has to have a way of getting to your root account to infect the entire machine, which is not that easy.



How does the pocess of "getting in" work, anyways? How does a typical virus jump the gap from the internet to another computer?

This depends on the virus. Most viruses today use Microsoft's virus propagation toolkit (also known as Outlook and IE). Both apps have the annoying tendency to execute remote code locally, most of the time without asking. And Windows defaults to always running with admin privileges (root), making the impact of an infection much worse.

On Unix like systems, most existing viruses target specific holes in software (like Apache, PHP, ...). On a properly configured system, even if they get in, they run with the privilige of the user running the service (not root).



Briguy: You said viruses can get through routers. What can they do to get around them? (I'm still not sure how routers are better than a hub, concerning viruses - I've just been told they are).


Routers are just intelligent machines that 'route' traffic from one point to another, they do not inspect or modify the content, so they do not care about viruses
Firewalls are for blocking traffic, but it is hard for them to distinguish bad content from good, so a lot of viruses to get through (thinke of a virus in an E-mail, a firewall will not block this without blocking all mail).

nocturn
November 9th, 2005, 10:34 AM
How does the pocess of "getting in" work, anyways? How does a typical virus jump the gap from the internet to another computer?


To explain a bit clearer, I'll demonstrate the most common way to infect computers using Outlook and Windows:

1# I create a virus in let's say visual basic. It compiles as myvirus.exe
2# I rename myvirus.exe to loveletter.txt.exe
3# I mail loveletter.txt.exe to a couple of Outlook users

4# They receive the mail, but because of a default setting in Windows, known extensions are hidden, so they see the attachment as loveletter.txt.
5# The victim opens loveletter.txt .EXE which executes. It infects his computer (installing itself as notepad.exe let's say) to do whatever I as the writer want.
6# loveletter.txt.exe now locates his Outlook address book (very conviently using MS own functions) and mails itself to everyone in the addressbook...

Easy as pie, and there are a lot more variations on this (so closing this specific hole will not stop the problem).

GeneralZod
November 9th, 2005, 10:40 AM
This weekend, I'll try and finish off my piece on security (http://ubuntuforums.org/showthread.php?p=395155#post395155). I am absolutely not a security expert, but I think I've sat in on enough aruments to know most of the points and counter-points in a range of debates and so hopefully whip up something that won't be wildly erroneous :)

nocturn
November 9th, 2005, 10:40 AM
So any virus that's contracted is just downloaded by the user? I thought most viruses (for windows, anyways) get on your system by themselves, through open ports.


There are several types of viruses. The one I described (with the outlook mail) is called a trojan horse (because you are tricked into thinking it is something harmless).
Viruses targetting open ports are called worms. They are also commonplace on Windows, but take a little bit more effort and knowledge to write.

A lot of vulnerabilities in microsoft products (like outlook) make it possible to have code executed locally without warning on opening a mail message, visiting a webpage or using a .doc file with macros in it.

To be fair, although filtering out .exe, .vbs, .scr, .bas etc attachment from E-mail would kill 90% of the viruses out there today, the vulnerable security model in windows would just cause a shift to new attacks on IE and Office (macro's).
Blocking is a patch on a wound, but not the elimination of the cause.

Zensunni
November 9th, 2005, 01:01 PM
Wow, thanks guys,

You've been more than helpful! All this stuff makes more sense now. I even know a little more than what I initially wanted.

Good to know the definition of a "worm" too. Did not know what made them different.

super
November 12th, 2005, 03:34 AM
i saw a post on here recently asking about linux and it's vulnerability to viruses so i decided to check it out.

this is the most informative article i found even tho it's a little dated (Oct 2003)


"There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux. Most of the Windows viruses are not important, but many hundreds have caused widespread damage. Two or three of the Macintosh viruses were widespread enough to be of importance. None of the Unix or Linux viruses became widespread - most were confined to the laboratory."
the register (http://www.theregister.co.uk/2003/10/06/linux_vs_windows_viruses/)


also here is a link to a numerical count of known viruses
est total number of linux viruses = 130
% of total known viruses = 0.46%
virus collection (http://vx.netlux.org/vl.php?dir=stat)

matthew
November 12th, 2005, 04:11 AM
http://www.viruslibrary.com/virusinfo/Linux.htm

Sirin
November 12th, 2005, 01:17 PM
"There are about 60,000 viruses known for Windows, 40 or so for the Macintosh, about 5 for commercial Unix versions, and perhaps 40 for Linux. Most of the Windows viruses are not important, but many hundreds have caused widespread damage. Two or three of the Macintosh viruses were widespread enough to be of importance. None of the Unix or Linux viruses became widespread - most were confined to the laboratory."

So the Mac is just as safe from the viruses as Linux?

public_void
November 12th, 2005, 01:56 PM
To mess up a Linux box, you need to work at it; to mess up your Windows box, you just need to work on it.

Sums it all up.:)

ruffneck
November 28th, 2005, 09:36 PM
This is awesome info. Just what I was looking for. Thanks to everyone who contributed! This Ubuntu community is really what makes switching from Windows so much easier!

Touche!

phen
November 28th, 2005, 10:36 PM
I disagree to the statement that linux is "under the radar". There are so many webserver running on linux, that hacking them would be very worthwile. It is the simple thing of a root acount and a true multi user system architecture that makes the difference. (and the openess of the software as far as i can judge on that).

Example: a virus uses a buffer overflow of a running daemon. for example the network printer daemon. the hacker has got root access on windows, but only the printing user's privileges on a unix box. simply spoken: he is able to print something. he can waste the paper in your printer.

how does a buffer overflow work?
thats a bit more complicated, and i will explain it with an easy example, maybe not entirely 100% correct. but the main aspects are right :-).

if you code a piece of software, you use variables. for example, the data users enter in forms have to be sent to the webserver via a gateway. try googles search, you can see the information in the adressbar. now imagine, google uses a 128character variable to store the received information before it starts the search. now the hacker types 128 characters PLUS some special commands that - let's say - shutdown the computer. he types "blablabla .... blalbashutdown -h now\n"

that might be possible, if the webserver is not securely coded, and by chance, the space in the memory next to the variable "search_terms" is used as a command line buffer.

i dont know if that specific security hole ever existed, but thats how it works generally.


AHH: quick edit: after rethinking my post i have to add something: the "shutdown -h now" example was a simplification. that might be possible, but more likely the hacker will have to write machine code.

please correct me if i am wrong

Find FAQs Documentation and security news here:
http://www.linuxsecurity.com/content/view/101892/155/

theres also information on linux virusses. try a search.

phen
November 29th, 2005, 10:57 AM
Why, this Tuesday, three Windows image-rendering flaws have made XP, W2K and 2003 users' PCs vulnerable to takeover attacks. Your Windows PC could be gutted like a fish simply by viewing a rigged image in Outlook, Internet Explorer, or Word.


Yeow!


This is a perfect example of a Windows-only problem. First, even if there were the same holes in three Linux applications, say Thunderbird, Firefox and OpenOffice.org Writer, it still couldn't hammer a Linux system the way it could Windows. Linux simply doesn't have those useful, but dangerous, Windows internal links.


Make no mistake though, while Linux is far more secure than Windows, it is not invulnerable. No operating system is.


Security is a process, not an operating system or a product. It's just that when using Linux, today and tomorrow, you start ahead of the game.

found here: http://www.desktoplinux.com/news/NS6909870737.html

Mr_J_
November 29th, 2005, 04:34 PM
I had little idea of this.
I think this is the part of linux the people in companies know little about.
We should tell others about this specific part of linux.

My father works as a Systems Administrator on a Factory. He has years of experience in Windows, Servers and PCs. The first time I said to him what I knew about viruses and security in linux he was trying Ubuntu that same week.

There are still some places where the jobs of the computers being used have nothing required from windows and are only using them because they think linux is some sort of fashion statement and not using your smarts.

Like my fathers said when I described what I could with Ubuntu.
Father - "So it's not Windows but it's pretty close."
Me - "But it doesn't have viruses; or spyware, or adware that you install."
Father - "No! Really?"

The next day he was asking me about Ubuntu to try it on his free computers at work.:D

arphe_el
December 1st, 2005, 08:11 AM
the clamav anti virus i installed is outdated from the synaptic since when im trying to update it using #sudo freshclam it says that i need to install the updated one.

is there a way to install it manually in ubuntu 5.04 hoary? i downloaded from their site the whole chuncks of it with this package "clamav-0.87.1.tar.gz"

any suggestions on how to install it?

thanks GODspeed!

nocturn
December 1st, 2005, 08:31 AM
the clamav anti virus i installed is outdated from the synaptic since when im trying to update it using #sudo freshclam it says that i need to install the updated one.

is there a way to install it manually in ubuntu 5.04 hoary? i downloaded from their site the whole chuncks of it with this package "clamav-0.87.1.tar.gz"

any suggestions on how to install it?

thanks GODspeed!

This is a huge drawback on my server too.
What we would need is something like Debian Volatile for things like AV, rkhunter etc.

atoponce
December 4th, 2005, 08:05 PM
No doubt you have heard on these forums and many other places that Linux is far more secure than Windows and that you don't need to worry about spyware, adware, malware, trojans, worms, viruses, etc. Have you ever stopped to think why that is? Or maybe whoever made that claim is just full of it? Here, I describe exactly how Linux behaves versus Windows when it comes to the security front.

First, you have to understand a little about your hardware- specifically, the processor. Practically every processor built to date boots in two modes known as user mode and protected mode (also referred to as kernel mode or system mode). The reason for the two boot modes is because certain instruction sets should not be allowed to the user or any application that the user interacts with. At least not without elevated system privileges provided by a system administrator. For example, a user should not be able to make system calls directly to the processor.

Second, you need to understand the design of each operating system. Windows was designed from the ground up as a single user operating system, that has since evolved into a multiuser operating system. Because of this single-user paradigm, the user by default is given system administration privileges to the OS. This was designed so the user can install/remove software, configure services, edit system files, etc. all without the aid of an admin. It was designed this way on purpose. As such, all the protected mode instruction sets are available in their entirety to the user and the software he/she runs.

Linux on the other hand was cloned after UNIX which was designed as a multiuser operating system. Within the user domain, groups were setup to allow specific administrative duties based on trust. The coveted account was root, the default system admin account built into every UNIX/Linux kernel. Root has VIP all-access to system calls, instruction sets and directories. However, when a user is setup on these operating systems, they are not given these elevated privileges unless specified by an admin. Even then, they are given only what they need to accomplish their day-today tasks. In other words, users on a UNIX/Linux system cannot boot the processor into protected mode.

Viruses and malicious software are designed to take advantage of the processors instruction sets only available when booted in protected mode. Because Windows boots the processor in protected mode for the normal user, malicious software writers can replicate their programs throughout the system, taking control of certain processes or whatever they want. This is why we see such a vast array of patches and fixes for Windows users. Because every user is an admin to the computer, and as such the software he infects his computer with has access to what it defintely should not.

Malicious software behaves differently on a UNIX/Linux system. Because the user has booted the computer, the processor has only booted into user mode, thus not allowing access to system calls and the such. When a virus enters a UNIX/Linux system, it needs that capability. Unfortunately for the software (and ultimately, it's writers), there is no where to go with nothing to do. Even if root booted the computer, the processor still only boots in user mode, allowing only the hardware drivers to have access to the elevated system calls and never the software.

To make the long story short, viruses, trojans, worms and all the rest need access to system calls and direct access on a hardware level to spread and cause the havoc they do. Windows freely opens the door, allowing all to come in and play, by giving software dircet access to hardware which should be protected. Linux does not. As such, UNIX/Linux systems will always be virtually bulletproof when it comes to gaping security flaws.

On a side note- I have heard many say that the reason UNIX/Linux and Macintosh systems do not receive the attacks at any scale compared to Windows is because they do not occupy the market share that Microsoft currently holds. As such, they are not receiving the attention of these malicious software writers. This couldn't be farther from the truth. While UNIX/Linux and Macintosh do not hold a competitive amount of desktop market share, UNIX/Linux do hold a great deal in server market share- almost half! They do receive plenty of attention from crackers to get viable information. It is because they way the systems are designed that will keep malicious software from ever becoming a problem. Not because of lack of attention.

LordHunter317
December 4th, 2005, 09:04 PM
First, you have to understand a little about your hardware- specifically, the processor. Practically every processor built to date boots in two modes known as user mode and protected mode (also referred to as kernel mode or system mode).Nope, this isn't quite right.

The IA-32 family of processors has two modes you can be concerned with: Real Mode. This is traditional 20-bit segmented memory model of the 8086 with no memory protection features Protected mode. This enables different protection rings, and is the model used by modern operating systems. It's also the model closest to use by processors that don't support legacy memory models (i.e., virtually everything else).x86_64 adds long mode, which is protected mode with 64-bit registers enabled, and all the changes that come with it (which are quite substantial for the kernel). There are also a few other modes of operation for a IA-32 processor I'm not going into here, as they're not relevant and not often used.

Everyone else has different privilege modes code can run at. At the very least, there's a kernel and user mode. Most processors also support a few other privilege modes: executive, supervisor, etc. Depends on the exact processor in question, however. The important thing is that these modes are equvialent to the protection rings used in IA-32 protected mode.

The key issue with your statement above is they're not boot modes. The processor boots into a single mode, and it's always the same one. These modes (or privilege rings, on IA-32) are switched to depending on which task (application, in the broadest sense; specifically, thread-of-execution) is currently running on the processor. On your home PC, you switch between ring 0 (kernel) and ring 3 (userspace) all the time, usually many times a second.


At least not without elevated system privileges provided by a system administrator.Nope. On all modern operating systems, code normally run by the Administrator is still run at userspace protection levels. On Linux/x86, code run by root is run in ring 3. The difference is that root has the ability to tell the kernel (ring 0) to load modules and perform certain operations. However, the hardware protection has little to do with this.


For example, a user should not be able to make system calls directly to the processor.No, that's not true at all. The general rule with protection levels is: less privileged levels may call code at higher privileged levels (3 being lowest, 0 highest on x86) but not modify data; higher privileged levels can modify lower privileged level's data, but not call their code. It takes a little convincing to see how that scheme provides a sane sense of security, but it does. As an aside: the second part has exceptions: signals are a mechanism where the kernel forces userspace to run a specific function. These edge cases aren't interesting though, as they exist on all operating systems and have comparable semantics.


Windows was designed from the ground up as a single user operating system, that has since evolved into a multiuser operating system.No, that's not true at all. Windows NT was always built to be a multi-user operating system. Windows XP is based on NT. This would only be true if we were talking about Windows 9x/ME, which isn't interesting to say the least.


As such, all the protected mode instruction sets are available in their entirety to the user and the software he/she runs.Nope, that's not true. See above.

An interesting side-note when talking about the security scheme of Windows NT is that Administrator isn't actually equal to root; the account cannot bypass all security checks performed by the operating system. Only the SYSTEM account can do that, which users can't normally access or use.

That being said, the Administrator can do enough damage to normally be quite devestating.


Root has VIP all-access to system calls, instruction sets and directories.Nope, see above. If this were really true, then MAC systems like SELinux or Trusted Solaris wouldn't work at all. Their very existance shows your statement is impossible.


In other words, users on a UNIX/Linux system cannot boot the processor into protected mode.Again, false. All UNIX have code running in kernel mode/ring 0. They must.


Viruses and malicious software are designed to take advantage of the processors instruction sets only available when booted in protected mode. Nope, that's not true at all. There are very few forms of malcious software that need kernel-level privileges. Most of them are rootkits, and are designed for the explicit purpose of cloaking other malicious software on the system.

At this point, before I continue, I highly recommend you read some books and articles on basic processor design and such. For IA-32, the 3rd volume of the software developer's manual covers all of this in excruciating detail, and will help you correct your misunderstandings.


Because Windows boots the processor in protected mode for the normal user,Just like UNIX, if we're talking IA-32. If we're talking MIPS, Alpha, or PPC, then into kernel mode, just like UNIX.


Because every user is an admin to the computer, and as such the software he infects his computer with has access to what it defintely should not.The privileges given to a user have very little (really, nothing) to do with the hardware privilege levels enforced by the processor. You're confusing two essentially different things.


Malicious software behaves differently on a UNIX/Linux system. Because the user has booted the computer, the processor has only booted into user mode, thus not allowing access to system calls and the such.No, I can make system calls all day long. On IA-32, user-space code can still call kernel-level code. How else would the operating system function?


Even if root booted the computer, the processor still only boots in user mode, allowing only the hardware drivers to have access to the elevated system calls and never the software.This statment is contradictory with everything else you've said, and is still rather wrong.


To make the long story short, viruses, trojans, worms and all the rest need access to system calls and direct access on a hardware level to spread and cause the havoc they do.Nope, they do not.


As such, UNIX/Linux systems will always be virtually bulletproof when it comes to gaping security flaws.No, it won't. Did you know that NIST has actually given Win 2K a higher common criteria EAL rating than any commercial Linux it's evaluated? Hrm. So no, I think there is a flaw here.


UNIX/Linux do hold a great deal in server market share- almost half! They do receive plenty of attention from crackers to get viable information.And hence a long an infamous list of software with poor track records: BIND 4 BIND 8 Sendmail wu-ftpd wu-imapd Apache Lots of PHP applications PHP itselfI could continue, but you get my point, I think.

aysiu
December 4th, 2005, 09:26 PM
I like this article (http://www.theregister.co.uk/2003/10/06/linux_vs_windows_viruses/).

Frankly, though, I don't know if any of this really matters, at least not to me personally.

On Windows, my installation (system files and all that) were what were most important to me, as sometimes I didn't always keep good track of my installer discs and activation key codes, so a borked installation was a pain in the booty.

On Linux, though, especially Ubuntu... I don't really care if the installation gets fried. I mean, first of all, I don't have a restrictive license on my use of Ubuntu. I can download another one (I could have five spare copies of Ubuntu... or ten or twenty if I have them from ShipIt) and burn it on another computer, and it's not piracy.

Also, contrary to what a lot of frustrated newbies have said, I've found Ubuntu far easier to install than Windows. I sometimes reinstall just for fun (not kidding). I never reinstalled Windows for fun, trust me. And once you get a set of programs you know you want, you can easily make a text file of them and just copy and paste them into a terminal preceded by
sudo apt-get update
sudo apt-get install and then wait for them all to install. I have such a text file.

What I really worry about, in terms of security, is what I (not root or passworded sudo) have access to--my files, my documents, my music, my pictures, etc. I can afford to lose a Ubuntu installation because I can always reinstall. I can't afford to lose my files.

So, really--although I like the Linux default security model better than the Windows one and although I am generally safe about stuff--I kind of don't think it's a big deal. I back up my files regularly. If I get compromised and my files get erased, I'll just replace them with my backups.

Of course, I'm speaking only for myself (I don't run as root, and I do back up my files, and I do enjoy reinstalling Ubuntu), but I thought a different viewpoint should be heard.

blastus
December 4th, 2005, 11:29 PM
Microsoft's practice of binding products to Windows and others (http://www.summitstrat.com/assets/LMnov03COL) to extend their monopoly into other markets, is a security disaster. One only has to look at the track record of Internet Explorer (and ActiveX) and the sheer number and severity of the security problems. Because IE is bound to Windows, a hole in IE has the potential to expose the entire operating system. It's one thing to bundle or integrate one product into another. It's another thing to bind two products together such that one cannot function without the other, and they can never be separated.

Because Windows and IE are permanently bound together, it increases the complexity and the number of dependencies in the whole system. Microsoft has chosen a monolithic software engineering paradigm. Monolithic systems are more difficult to maintain than modular systems. This is apparent with the release of SP2 for XP, and it is why Microsoft claimed that SP2 was a massive undertaking and that they could not port it to Windows 2000. If IE was truly a separate and modular product, they could have just released a simple service pack for IE that would have even worked on Windows 2000.

For the longest time, Microsoft has maintained that IE is not a separate product, even though they are viewed as clearly separate products by everyone else. They have given no reason to justify why Windows and IE are inexplicably bound together and Windows cannot function without IE. If you modify the registry in Windows XP, for example, and change the security settings for the Local Machine Zone in IE, you'll find that certain parts of Windows (like the Services panel) may not work properly.

This is one reason of many why I feel GNU/Linux (like Ubuntu) is more secure than Windows.

Danielle
December 5th, 2005, 02:06 AM
hi, so what program should i use to protect from kernel hooks and startups?

i understand a little bit about hooking system calls and buffer overflow from using windows but how do things startup on *unix systems i don't know one startup place :(

can you help me find a program to monitor these places? LordHunter, have you written anything? thanks.

LordHunter317
December 5th, 2005, 04:18 AM
I like this article (http://www.theregister.co.uk/2003/10/06/linux_vs_windows_viruses/).Also terribly, horribly, and totally wrong, unless you're solely interested in the desktop. Even then, it's still inaccurate, as opposed to useless.


I can download another one (I could have five spare copies of Ubuntu... or ten or twenty if I have them from ShipIt) and burn it on another computer, and it's not piracy.You're legally entitled to a backup copy no matter what the EULA for your software says, in the US anyway.


So, really--although I like the Linux default security model better than the Windows one and although I am generally safe about stuff--The security model is the same save for the default privilege level of the default account. And if that's a big deal, you can always create and operate under an unprivileged account on Windows; nothing is stopping you.


Because IE is bound to Windows, a hole in IE has the potential to expose the entire operating system.No, that's not true in the least. If that were true, then on Linux, konqueror could do the same, or natulius or any other application. The fact that IE is shipped with Windows has no more bearing on the overall security of the system than any other application. IE doesn't run any special kernel-code, nor has any portion that runs at privileges beyond that of your user. So like any other user application, the damage from an exploit in it is limited solely to what privileges the users have.


Because Windows and IE are permanently bound together, it increases the complexity and the number of dependencies in the whole system.They're not in the least. IE can be disabled, so end-users can't run it. All that's left is the DLLs that other applications embed. Your argument would helped substantially if you were using modern-day facts and not rethoteric from 1999.


Microsoft has chosen a monolithic software engineering paradigm.No, they haven't. NT is a more modular kernel than Linux is. You don't have the foggiest idea about what you're talking about.


This is apparent with the release of SP2 for XP, and it is why Microsoft claimed that SP2 was a massive undertaking and that they could not port it to Windows 2000. If IE was truly a separate and modular product, they could have just released a simple service pack for IE that would have even worked on Windows 2000.This statement is a non-sequitur. Service Pack 2 for Windows XP? Or a service pack for IE? I have no clue what you're talking about.


hi, so what program should i use to protect from kernel hooks and startups?Don't run as root. Patch and keep any programs that must run as root up to date. In short, any mechanism to protect yourself is really complicated and usually carries extreme performance penalties. However, you could look into SELinux and the syscall auditing facilties in 2.6. if you wanted to learn more. They're not fool-proof: they're only as secure as the policies they follow, and writing secure, functional policies is incredibly hard.

aysiu
December 5th, 2005, 04:33 AM
Also terribly, horribly, and totally wrong, unless you're solely interested in the desktop. Even then, it's still inaccurate, as opposed to useless. Please be more specific. I'm open minded, generally, but I want to hear more about what you think it wrong with it. I'm not that technically minded, so please try to explain in plain English. The article seems to make sense to me, even though it is rather old.



You're legally entitled to a backup copy no matter what the EULA for your software says, in the US anyway. And this backup copy would come from... where? And my activation key would come from... where? Would I have to call a Microsoft representative to activate my Windows installation? Legal entitlement is only one of the problems. Ubuntu is just an ISO download away.



The security model is the same save for the default privilege level of the default account. And if that's a big deal, you can always create and operate under an unprivileged account on Windows; nothing is stopping you. Really? So I can just operate as user in Windows, and when I want to install software, it prompts me for my sudo password, and I can temporarily assume administrator privileges?

Cyril
December 5th, 2005, 04:38 AM
Thank goodness for people like Lordhunter. It is rare to come across an ubiased view on this issue nowadays.

LordHunter317
December 5th, 2005, 04:46 AM
Please be more specific. I'm open minded, generally, but I want to hear more about what you think it wrong with it.The virus counts are totally wrong, to begin with. Unless you're ignoring things like trojan horses, which makes the count not interesting. Moreover, looking at raw security exploits these days is probably a fairer metric. And as I listed eariler, there's plently of software in UNIX's long history that's been quite exploitable. Installing say, a RH 7 box on the Internet not-protected would cause it to be exploited near instantly, much like installing an unprotected Win 2K RTM, XP RTM or NT 4 machine would.

Now, if you're talking about pure viruses in the sense of what comes through e-mail, or something you run on a floppy disk, then yes, there are far fewer than those on UNIX and Linux than Windows.

But, it's worth remembering many of those viruses go back to DOS and Windows 9x, which have radically different security models (there isn't one) and still exist in the wild today. It's also worth noting some of the famous Windows e-mail viruses wouldn't have been nearly as bad if they didn't exploit flaws in Outlook Express or Outlook. So in the analysis, if trojans were excluded, those e-mail viruses would have been excluded as well.

Virtually all of the "huge" virus/trojan horse storms that occured on the Interent were caused by code exploits in software, so they weren't traditional "Haha, the user ran something bad" viruses. This is worth remembering, because ultimately, Linux is just as subsceptible to running malicious software due to bad programming as Apache Slammer shows, among many many others.


And this backup copy would come from... where?You'd create it. I have backups of almost every application and game I own. If not in a phyiscal form, tucked in an ISO or equivalent on a HDD.


And my activation key would come from... where?Your license key? You'd keep that safe, I'd presume. Write it down and store it in a vault or similar. Most of my license keys I have 3 or 4 copies of, somewhere.


Really? So I can just operate as user in Windows, and when I want to install software, it prompts me for my sudo password, and I can temporarily assume administrator privileges?Windows XP does guess for installations anyway. You can get a sudo like command for it, or you can do an su equivalent via runas.

Danielle
December 5th, 2005, 04:47 AM
In short, any mechanism to protect yourself is really complicated and usually carries extreme performance penalties.
do you mean they hook the kernel to protect it?

LordHunter317
December 5th, 2005, 04:50 AM
Yes, all of them have a in-kernel portion. How else are you going to audit actions going on inside the kernel?

Danielle
December 5th, 2005, 04:59 AM
Windows is not very good running as a limited user. i could never get it to "Run As" (sudo, i think) it just doesn't work for me. also, if you installed software in the admin account half the time it doesn't install in the limited account so when you start using it as a limited user you don't know which security patches, hacks etc have been accepted.

you can make windows very safe though using a sandbox, and registry monitor running at kernel level. they will intercept rootkits as they try to install.

aysiu
December 5th, 2005, 05:00 AM
Thanks for explaining a bit about that article. I honestly don't know that much about viruses and malware. I'm kind of an ignorant computer user--just one of those people who knows I've gotten adware and other crap in Windows XP and not in Ubuntu.



You'd create it. I have backups of almost every application and game I own. If not in a phyiscal form, tucked in an ISO or equivalent on a HDD. See, that's what I'm not a big fan of. If you don't create that backup ISO before something goes wrong, then... well, it's not very convenient. However, if Ubuntu gets borked, I can download an ISO from my wife's Powerbook and burn it there.



Your license key? You'd keep that safe, I'd presume. Write it down and store it in a vault or similar. Most of my license keys I have 3 or 4 copies of, somewhere. Yeah, I realize that's workaround, but I just find that annoying, personally.



Windows XP does guess for installations anyway. Really? Whenever I've tried to install as a regular user, it just tells me I probably won't be able to install the application properly and warns me to quit ("Are you sure you want to continue?")


You can get a sudo like command for it, or you can do an su equivalent via runas. I'm okay. I like that sudo is built into Ubuntu. It's one of the things I've really learned to love about Ubuntu and OS X.

Danielle
December 5th, 2005, 05:01 AM
Yes, all of them have a in-kernel portion. How else are you going to audit actions going on inside the kernel?
like you mentioned earlier, ring 3

LordHunter317
December 5th, 2005, 05:38 AM
like you mentioned earlier, ring 3Nope, won't work. What we're interested in auditing is calls from ring 3 -> ring 0. This is performed by a hardware instruction (on IA-32, a software interrupt or the SYSCALL instruction) and as such, can't be done at ring 3.

Adding syscall auditing code into glibc would provide auditing for applications that use glibc, but not everyone does that; moreover, an attacker inserting malicious code can simply not use the glibc syscalls and make the calls directly himself.

As such, these activities must be done in kernel.

LordHunter317
December 5th, 2005, 05:43 AM
See, that's what I'm not a big fan of. If you don't create that backup ISO before something goes wrong, then... well, it's not very convenient.Getting replacement media from your OEM or MS directly shouldn't be impossible. Probably quite painstaking, though.


Really? Whenever I've tried to install as a regular user, it just tells me I probably won't be able to install the application properly and warns me to quit ("Are you sure you want to continue?") It's not perfect; you sometimes have to runas manually.

prizrak
December 5th, 2005, 07:30 AM
LordHunter:
I could be wrong but to my knowledge IE doesn't simply ship with Windows it actually is a part of the OS, for instance the file manager uses the IE engine to display the contents. The biggest security holes in Windows are ActiveX and registry. There is also the fact that many applications plain refuse to work if you are not running as an Admin (tried enough times to know).

The reasons *nix architecture is more secure is because it has been a multi user OS for much longer than Windows (and even then the NT architecture includes too much compatibility to be truly multiuser so is still vulnerable). Windows programs actually get hooked directly into the kernel as opposed to the *nix practice of kernel running as a completely separate process and the other programs actually sending messages to get stuff done.

The BIGGEST and most important part of *nix security is the amount of *nix versions. You can write a virus for Linux but will it work on Red Hat? Or Ubuntu? Or maybe Gentoo? Of course the open source helps it be more secure since there are so many people actually looking over the code. Another important thing to remember is that Windows is harder to secure because of the way it installs programs, in *nix all programs are basically copied onto the drive and run from the executable. In Windows the programs actually hook into the kernel meanign that if you install a patch it might break w/e programs you have installed. This is the main reason behind so many Windows viruses infecting computers months after a patch has been released, most businesses do not install patches w/o extensive testing first.

The *nix design is modular (I don't mean the kernel, the kernel is actually monolithic, cept for Minix, but the rest of the OS is modular) meaning that I can upgrade my kernel and not be worried (for the most part) that my programs will not run because in essence the programs don't care what version kernel I use as long as it can understand the messages sent to it. Hardware is different of course drivers that are compiled into the kernel will most likely have issues.

However to make it fair Linux is just as susceptible to viruses as Windows, the only difference is that in Windows the entire system is like to be brought down in *nix damage, in most cases, will be contained to the files current user has permissions to modify, which could still mean total loss of your data. After all what good is a bootable system if everything you worked on is gone.

So even if you are a Linux user you should still run a firewall and have a good backup procedure, also be smart about what you open and where you go you. To make an analogy, Linux is like light armor it will protect you from a knife and possibly an indirect bullet but a straight shot will kill you. Windows is like a dress shirt it looks nice but offers no protection.

Edit: Just add some paragraph breaks --aysiu

aysiu
December 5th, 2005, 07:36 AM
Getting replacement media from your OEM or MS directly shouldn't be impossible. Probably quite painstaking, though.

It's not perfect; you sometimes have to runas manually. This is why I prefer Ubuntu.

LordHunter317
December 5th, 2005, 07:43 AM
LordHunter:
I could be wrong but to my knowledge IE doesn't simply ship with Windows it actually is a part of the OS, for instance the file manager uses the IE engine to display the contents.Yes many other things use IE's rendering engine.


The biggest security holes in Windows are ActiveX and registry.Neither are a security hole. At most, you can criticise IE's lax default acceptance of ActiveX controls and some flaws related to how it functioned. Neither are fundamental security flaws or holes; IOW, neither is insecure by design. I don't even know of any exploits that used the registry access functions, though it's possible they might exist. I somehow doubt it.


There is also the fact that many applications plain refuse to work if you are not running as an Admin (tried enough times to know).The application is broken then. There's nothing about Windows that forces them to be that. Blame poor application developers. The same is more than possible on Linux.


The reasons *nix architecture is more secure is because it has been a multi user OS for much longer than Windows (and even then the NT architecture includes too much compatibility to be truly multiuser so is still vulnerable).Utter nonsense.

What compatibilty are you talking about? All versions of NT have had multiple accounts running all the time, since NT 3.5. They still do today. No compatibilty subsystem has any impact on that.

Aside: If you're going to post that Windows NT+ isn't multiuser, just do not as you're plain wrong.


Windows programs actually get hooked directly into the kerneNo, they don't. Not in any way that's different from the way Linux does. Userspace runs in ring-3 and syscalls to ring-0. Only drivers and the kernel executive run in ring-0.


l as opposed to the *nix practice of kernel running as a completely separate processThe kernel isn't a seperate process traditionally under UNIX. Modern UNIX and Linux run several different threads-of-execution at kernel-mode and none of them can truly be considered processes, on Linux anyway. More microkernel like OSes are a bit different, including Windows NT, suprisingly.

Did you even read my initial post in the thread, which shows why reasoning like this is totally fundamentally wrong?


The BIGGEST and most important part of *nix security is the amount of *nix versions. You can write a virus for Linux but will it work on Red Hat? Or Ubuntu? Or maybe Gentoo?Generally it will trivally work on all of them, because they're all run the same basic source code. You know nothing what you talk about, and this sort of claim proves it rather plainly, I'm afraid. See Apache slammer source for a great example.


Of course the open source helps it be more secure since there are so many people actually looking over the code.That's never been conclusively shown since the beginning of the F/OSS movement. It's not conclusively true, nor do I believe it to be so even generally. It's really just propoganda, ultimately.


In Windows the programs actually hook into the kernel meanign that if you install a patch it might break w/e programs you have installed.They do nothing of the sort. You have no clue what you're talking about. If so, write me a program any user can run that uses no exploits that causes a BSOD. If you're in kernel-mode, you can do that.

You won't be able to, so I know it's impossible.


This is the main reason behind so many Windows viruses infecting computers months after a patch has been released, most businesses do not install patches w/o extensive testing first.They don't do it on UNIX either, if they're remotely competent. Have you even have run an enterprise shop or a HA setup on either platform? I have. I know what's involved. Substantial testing of everything.


The *nix design is modular (I don't mean the kernel, the kernel is actually monolithic, cept for Minix, but the rest of the OS is modular)So's Windows, and there are plently of UNIX microkernels and hybrids out there. OS X, OSF/1, Tru64, etc.


meaning that I can upgrade my kernel and not be worried (for the most part) that my programs will not run because in essence the programs don't care what version kernel I use as long as it can understand the messages sent to it.You can do that on Windows too. In fact, you have on Windows XP several times and you wouldn't even know it.


the only difference is that in Windows the entire system is like to be brought down in *nix damage, in most cases, will be contained to the files current user has permissions to modify, which could still mean total loss of your data.Windows and UNIX are no different in this regard. And actually, it's impossible to kill the whole system as any user other than SYSTEM, due to the fact you can't bypass the mandatory file locking any other way.


Linux is like light armor it will protect you from a knife and possibly an indirect bullet but a straight shot will kill you. Windows is like a dress shirt it looks nice but offers no protection.This couldn't be further from the truth.

blastus
December 5th, 2005, 07:49 AM
Because IE is bound to Windows, a hole in IE has the potential to expose the entire operating system.

No, that's not true in the least. If that were true, then on Linux, konqueror could do the same, or natulius or any other application. The fact that IE is shipped with Windows has no more bearing on the overall security of the system than any other application. IE doesn't run any special kernel-code, nor has any portion that runs at privileges beyond that of your user. So like any other user application, the damage from an exploit in it is limited solely to what privileges the users have.

That is a good point and I agree with it. However, I'm not talking about kernels and user privileges. You can't sit there and tell me that if product A is tightly bound to product B and both products are codependent on each other such that they cannot function without each other, that this has absolutely no more potential influence on a hole in product A affecting product B and vice-versa than if the products were simply distributed together.


Because Windows and IE are permanently bound together, it increases the complexity and the number of dependencies in the whole system.

They're not in the least. IE can be disabled, so end-users can't run it. All that's left is the DLLs that other applications embed. Your argument would helped substantially if you were using modern-day facts and not rethoteric from 1999.

Obviously, I'm not strictly talking about the IE user interface. So what if the IE user interface can be hidden or icons on the desktop removed? How is that relevant to this discussion? If IE is not bound to Windows, then explain how it can be completely uninstalled from Windows...including those DLLs you mention.

Since you believe the DOJ findings of fact are irrelevant to today, please feel free to cite your findings of fact on how the architecture of Windows/IE/ActiveX has changed substantially since the DOJ ruling such that IE is no longer bound to Windows, and Windows is no longer dependent on it, and IE can be completely uninstalled from Windows (unless of course you disagree with the DOJ and the Washington DC Court of Appeals.)


Microsoft has chosen a monolithic software engineering paradigm.

No, they haven't. NT is a more modular kernel than Linux is. You don't have the foggiest idea about what you're talking about.

Let me rephrase this; in my opinion, regarding the specific binding of Windows and IE, Microsoft has chosen a monolithic software engineering paradigm. But since you don't agree that IE is bound to Windows, you obviously will have a different opinion.


This is apparent with the release of SP2 for XP, and it is why Microsoft claimed that SP2 was a massive undertaking and that they could not port it to Windows 2000. If IE was truly a separate and modular product, they could have just released a simple service pack for IE that would have even worked on Windows 2000.

This statement is a non-sequitur. Service Pack 2 for Windows XP? Or a service pack for IE? I have no clue what you're talking about.

What is there not to understand? I said that if IE was truly a separate product from Windows, then Microsoft could have released a simple service pack for IE that would have even worked on Windows 2000. I believe the majority of the issues that SP2 addressed were in IE. There is no reason why the IE-related part of SP2 could not have been bundled as a service pack just for IE 6.0 that could have even run on Windows 2000 (which was still under their product life cycle at the time.)

It was virtually impossible for Microsoft to release a service pack for IE 6.0 that would include changes to the Local Machine Zone, a popup blocker, tighter control over the execution of ActiveX controls etc...that would work on Windows 2000, because IE is bound to Windows and its features are comingled with Windows.

DevilFingers
December 5th, 2005, 07:50 AM
Vbulletin isn't secure either :(

blastus
December 5th, 2005, 08:08 AM
The biggest security holes in Windows are ActiveX and registry.

Neither are a security hole. At most, you can criticise IE's lax default acceptance of ActiveX controls and some flaws related to how it functioned. Neither are fundamental security flaws or holes; IOW, neither is insecure by design.

That is obviously not the consensus of security experts worldwide. If you are not aware, ActiveX does not have a permissions-based security model--it is insecure by design. ActiveX controls, unlike Java applets, run under an all-or-nothing security model. And it is not just IE's handling of ActiveX controls as ActiveX is not just an IE thing, but is a fundamental COM architecture used throughout Windows.

LordHunter317
December 5th, 2005, 08:09 AM
You can't sit there and tell me that if product A is tightly bound to product B and both products are codependent on each other such that they cannot function without each other, that this has absolutely no more potential influence on a hole in product A affecting product B and vice-versa than if the products were simply distributed together.Yes, I can.

Any windows application is dependent on the Windows kernel for operation, yet an vulnerability there doesn't ipso facto mean that application can be exploited and/or used for compromise.

An exploit in the PERL interpreter doesn't mean that every PERL script ever written (and they all require PERL) are instantly vulnerable, does it?

It can mean that. But it doesn't have to. And no, I see no reason to believe that dependent (or even co-dependent) applications are more vulnerable than independent ones.


If IE is not bound to Windows, then explain how it can be completely uninstalled from Windows...including those DLLs you mention. Because other things, like HTML help, use the IE rendering engine. If you removed all those components or had them embed the IE rendering engine, then sure, you could remove IE. But that's rather silly, and defeats the entire point of modular programming, doesn't it?

Which is why it's not done.


Since you believe the DOJ findings of fact are irrelevant to today,They are. They aren't about XP.


please feel free to cite your findings of fact on how the architecture of Windows/IE/ActiveX has changed substantially since the DOJ ruling such that IE is no longer bound to Windows, and Windows is no longer dependent on it, and IE can be completely uninstalled from WindowsIt isn't, presently. Microsoft would be foolish to do that. The point is, if the absolutely had to, they coudl remove IE and either embed the components of IE other applications use inside of them, or they could rewrite them.

That's just highly unattractive.


Let me rephrase this; in my opinion, regarding the specific binding of Windows and IE, Microsoft has chosen a monolithic software engineering paradigm.No, they clearly haven't. Your own rant about IE is proof: if Windows is so dependent on IE, how is that not modular? Tons of things use IE's DLLs.


But since you don't agree that IE is bound to Windows, you obviously will have a different opinion.No, I don't agree that it's irrevocably bound. It could be removed, if it had to be. It won't be done, but it could be.


What is there not to understand? I said that if IE was truly a separate product from Windows, then Microsoft could have released a simple service pack for IE that would have even worked on Windows 2000.No, I don't believe that's true. Any application can be dependent on features such that backporting is difficult, even ignoring the reliance of portions of Windows on IE functionality. VMware is a good example on both platforms. udev another on Linux.


It was virtually impossible for Microsoft to release a service pack for IE 6.0 that would include changes to the Local Machine Zone, a popup blocker, tighter control over the execution of ActiveX controls etc...that would work on Windows 2000, because IE is bound to Windows and its features are comingled with Windows.But IE isn't that tightly bound to windows, because otherwise I'd always have to upgrade them in lockstep, and I don't.

IE 6 on Windows 2K would be an utter impossiblity if that were true. They're not totally codependent, despite what one might think.

LordHunter317
December 5th, 2005, 08:12 AM
That is obviously not the consensus of security experts worldwide. If you are not aware, ActiveX does not have a permissions-based security model--it is insecure by design.Really? Then why can I pick what ActiveX controls do and do not run?


ActiveX controls, unlike Java applets, run under an all-or-nothing security model.Yes, there is no sandboxing. Their access to the local system is limited to the privileges of the user, just like any other application the user runs. So unless you're claiming the privilege model used by both UNIX and Windows NT is flawed, your statement can't possibly be true. And I doubt you wish to make such bold claims.

The only issue is if something is allowed to run with out the user's permission, and IE has had several implementation flaws that allow that to occur. That doesn't make ActiveX insecure by design.

LordHunter317
December 5th, 2005, 08:42 AM
blastus:
To be fair, yes I'll agree to the fact that IE will probably never be removed from at least a US version of Windows, and that the number of components that are dependent on it will ever decrease. So in a sense, yes, IE is permamently bound because MS won't ever do the work to free it. What I want to make clear is there is no technical reason why it cannot be replaced, though that's probably rather unattractive.

What I won't agree to is that somehow makes the operating system any less secure. If that were true, than modular architectures are a security flaw, and the entire idea of shared libraries are a joke. But I think we can all agree that there's nothing inherently wrong with that design, and that's what everything else depends on: the shared libraries.

GeneralZod
December 5th, 2005, 09:40 AM
This is awesome stuff; do keep on going! :)

prizrak
December 5th, 2005, 02:30 PM
I don't claim to be a security expert so my questions shouldn't be taken as an attack.

Yes many other things use IE's rendering engine.

Doesn't it mean then that they are also vulnerable to w/e IE is?

Neither are a security hole. At most, you can criticise IE's lax default acceptance of ActiveX controls and some flaws related to how it functioned. Neither are fundamental security flaws or holes; IOW, neither is insecure by design. I don't even know of any exploits that used the registry access functions, though it's possible they might exist. I somehow doubt it.
Well the entire idea of ActiveX is a security hole, and an unnecessary one IMO besides alot of things need it so you can't just turn it off. Registry is used by alot of spyware so there is a whole in the OS for ya.

The application is broken then. There's nothing about Windows that forces them to be that. Blame poor application developers. The same is more than possible on Linux.
The application might be broken but it is understandable for software makers to expect you to be Administrator, while possible on Linux no one designs software like that (unless it has to do something with root access).

Utter nonsense.

What compatibilty are you talking about? All versions of NT have had multiple accounts running all the time, since NT 3.5. They still do today. No compatibilty subsystem has any impact on that.

Aside: If you're going to post that Windows NT+ isn't multiuser, just do not as you're plain wrong.

Windows NT while designed to be multiuser and by a very smart man (one behind VMS) MS had to include backwards compatibility with alot of DOS/Win9x applications effectively destroying what could have been a great thing. Note: I do not claim NT not to be multiuser it could have been a great OS actually, also the separation between users isn't as strong as it should be.

No, they don't. Not in any way that's different from the way Linux does. Userspace runs in ring-3 and syscalls to ring-0. Only drivers and the kernel executive run in ring-0.
I'm sorry I have to go WTF on you for this one. When was the last time you would BSOD from a random crash of the GUI in Linux? Happens on Windows alot, I've been in many situations where a locked up program could only be killed by a full shutdown. The only times I experienced the same on Linux was drivers that are compiled directly into the kernel. Also I would like for you to explain why Windows needs to be restarted when most applications are installed if they are not linked directly into the kernel. Since in Linux which doesn't install things into the kernel you don't have to restart unless you upgrade the aforementioned kernel or one of its modules.

The kernel isn't a seperate process traditionally under UNIX. Modern UNIX and Linux run several different threads-of-execution at kernel-mode and none of them can truly be considered processes, on Linux anyway. More microkernel like OSes are a bit different, including Windows NT, suprisingly.

Did you even read my initial post in the thread, which shows why reasoning like this is totally fundamentally wrong?

Well I am aware of NT being a microkernel, I have read your post but I didn't see anything that would have anything to do with such reasoning being faulty.

Generally it will trivally work on all of them, because they're all run the same basic source code. You know nothing what you talk about, and this sort of claim proves it rather plainly, I'm afraid. See Apache slammer source for a great example.

I'm sorry but I do know what I'm talking about in this case it seems like you don't. As I have not read enough about Apache slammer I can assume that it affects Apache, what does it have to do with Linux? Apache runs on Windows just as well and I'm sure would be affected just the same. I was talking about viruses that could actually affect the OS not just an app that runs on top, which are plentiful in the Windows environment. In this case difference in distributions makes a big difference for viruses, installing programs from source very often lands you in trouble with dependencies, why would a virus have an easier time?

That's never been conclusively shown since the beginning of the F/OSS movement. It's not conclusively true, nor do I believe it to be so even generally. It's really just propoganda, ultimately.
Well this is kinda like religion you can't prove it to be true or wrong, but F/OSS programs do tend to be more stable and secure.

They do nothing of the sort. You have no clue what you're talking about. If so, write me a program any user can run that uses no exploits that causes a BSOD. If you're in kernel-mode, you can do that. You won't be able to, so I know it's impossible.
If they do nothing of the sort how come there are many documented examples of that happening. As an example the company my father works for as a DBA installed an OS patch to close a hole in their Windows servers broke the MSSQL servers that ran on top of it.

They don't do it on UNIX either, if they're remotely competent. Have you even have run an enterprise shop or a HA setup on either platform? I have. I know what's involved. Substantial testing of everything.
That is obviously what would make sense, however in a *nix environment missing a patch as soon as it is released somehow doesn't make you as exposed as you are with Windows where an exploit is released for each hole in alot of cases weeks after it was found.

You can do that on Windows too. In fact, you have on Windows XP several times and you wouldn't even know it.

A documented and well publicized issue after installing the SP2 on XP was that MS Office suit would actually stop working and had to wait for a special patch that made it compatible with SP2 I had OpenOffice at the time and it worked just fine, if the application is not integrated to some degree into the kernel why would it break?

Windows and UNIX are no different in this regard. And actually, it's impossible to kill the whole system as any user other than SYSTEM, due to the fact you can't bypass the mandatory file locking any other way.
This might very well be true but somehow the design of Linux does not allow this to happen, the aforementioned Apache slammer would be an example. As well as tons of Outlook and IE viruses. From that I can only surmise that if the design was the same then Windows doesn't enforce it's own policies and gives just about every application SYSTEM permissions. When was the last time anyone heard of an Evolution virus?

This couldn't be further from the truth.
I very much think you are wrong about that. The simple and hard facts are that there are thousands possibly millions of malware programs for Windows and there are hardly any for Linux and the ones that are out for it aren't really in the wild. Everytime I had to reinstall Windows I would have to make sure that the ethernet cable was unplugged, the couple of times I didn't I was attacked on the first boot couldn't even install any patches. I'm sorry its just that facts seem to say that *nix has a much better security architecture than Windows. While on the desktop *nix is tiny according to the latest statistic I ran across Windows only runs 49% of the servers which means that the rest are run under *nix so there are plenty of targets for virus makers yet somehow only Windows gets attacked. I refuse to believe that Windows admins are idiots and that is why they get attacked by viruses.
Looking forward to your responses, you do have interesting points, and I like to learn it just seems that so far everything goes against everything I read/experienced. Also if you would advise on a good book on OS design and security I'll be happy to read up on the subject.
Another thing I forgot to mention is the RPC that Windows uses. In Windows the RPC is used locally to communicate between two servers/services running on the same physical machine, this behavior is by design. This is a HUGE hole, especially on a home users machine, since there are very few instances when such a service is needed by the home user and it cannot be turned off because just about everything depends on that service. Again this is by design, its the way they made it. Now the general design of both MIGHT be the same, however the fact remains that specific implementation of said design by MS is lacking compared to that of just about any *nix system save for ones like Linspire (default root, shudder).

LordHunter317
December 5th, 2005, 04:38 PM
Doesn't it mean then that they are also vulnerable to w/e IE is?No, it doesn't, because they don't use all of IE. Some just use the HML rendering engine, without the extra ActiveX, Javascript, etc. Some use other parts. They can be vulnerable.

Indeed some widespread vulnerabilities have occured during the life of Windows XP that were IE-related. I'll leave it to anyone to go through the KB and figure out what they are.


Well the entire idea of ActiveX is a security hole,Running applications you download off the Internet is a security hole?


and an unnecessary one IMO besides alot of things need it so you can't just turn it off.Yes, you can. The only thing that needs it is Windows update. Turning it on just then isn't terribly difficult. Alternatively, downloading it's controls and then blocking the installation of everything else.


Registry is used by alot of spyware so there is a whole in the OS for ya.A place to store information is a security hole?

No, you're quite wrong. They could just as easily (and often do) store files on the harddrive. Do you even know what the registry is used for? If what you stay is true, then harddrives and filesystems are security holes.



The application might be broken but it is understandable for software makers to expect you to be Administrator,How is it understandable? It's not. Most users using Windows DO NOT have Administrative access, because they are LIMITED USERS on a corprate domain.

So no, you're quite wrong.


MS had to include backwards compatibility with alot of DOS/Win9x applications effectively destroying what could have been a great thing.And they do it via the WOW32 subsystem, which runs the DOS applications in the context of the executing user. They also use a special processor mode that protects the system. And, it disables certain operations that would be dangerous. If you don't believe me, run a DOS application and look at the user executing the process in task manager. Log in as someone else and repeat. Note how it's different users. Clearly, even DOS applications are executed as different users.


also the separation between users isn't as strong as it should be.It's as strong as it is on Linux. Individual users can't edit other users files or data, unless they've been privileged to do so. They can't edit system applications either.


I'm sorry I have to go WTF on you for this one. When was the last time you would BSOD from a random crash of the GUI in Linux?Frequently in-fact, because the Nvidia drivers are crap. But no more regular than I've seen it in Windows.


Happens on Windows alot, I've been in many situations where a locked up program could only be killed by a full shutdown.I haven't on XP. And what was the BSOD? Could have been any number of things, including bad/buggy driver, failing hardware, etc. Hundreds of things can cause a kernel panic. You can't use the fact a userspace application once was running when a BSOD occured to infer that userspace runs in ring-0. You must use a test like I challenged you to.


Also I would like for you to explain why Windows needs to be restarted when most applications are installed if they are not linked directly into the kernel.Because you have something that was configured at system startup and is not reread until system reboot. Some do it out of simple parnoia to make sure everything is installed, especially on upgrade. Again, you can't use this fact to infer what you're inferring, you must use a test like I challenged you to. If you're really operating in ring-0, then you could freely interact with all the kernel services and crash the machine at will. You're not so you can't.


Well I am aware of NT being a microkernel, I have read your post but I didn't see anything that would have anything to do with such reasoning being faulty.You claim the kernel ran as a seperate process. It doesn't. It occupies a completely different execution mode. Process is a term with well defined (albiet different) semantics on Linux and Windows, and the kernel doesn't meet them.


I'm sorry but I do know what I'm talking about in this case it seems like you don't. As I have not read enough about Apache slammer I can assume that it affects Apache, what does it have to do with Linux?It attacked Apache running on Linux, including the different SSL libraries on different distributions of Linux. Download the sourcecode and look. You'll see an array that shows different Linux distributions and the OpenSSL entrypoint that was being compromised.


Apache runs on Windows just as well and I'm sure would be affected just the same.Actually, it wasn't, IIRC. Mostly because the entry vector was mising.


I was talking about viruses that could actually affect the OS not just an app that runs on top, which are plentiful in the Windows environment.No, they're not. Nearly all viruses and trojans affect some application, many one that's not even mandatory. You have no clue what you're talking about.


In this case difference in distributions makes a big difference for viruses, installing programs from source very often lands you in trouble with dependencies, why would a virus have an easier time?Because a virus could be as simple as this:
#!/bin/sh
echo "HAHA YOU RAN THE HAHA VIRUS"
rm -rf /*


And because everyone compiling the same source yields the same binary, ignoring patches. And the patches don't make it impossible, as Apache Slammer proves. So no, you have no clue what you're talking about. I know for a fact you do not.


Well this is kinda like religion you can't prove it to be true or wrong, but F/OSS programs do tend to be more stable and secure.Then why does Firefox leak more than on Windows, and randomly freeze up? OO.org the same? No, you're quite wrong again.


If they do nothing of the sort how come there are many documented examples of that happening.Because you're inferring things you cannot possibly infer.


As an example the company my father works for as a DBA installed an OS patch to close a hole in their Windows servers broke the MSSQL servers that ran on top of it.And? I can ship an "OS patch" that disables SysV shared memory on Linux. This will break PostgreSQL, which requires that feature for operation. By your logic, this means that PostgreSQL is part of the kernel. Yet, UNIX doesn't run user stuff in the kernel by your own claims.

However, these two statements are in logical contradiction, so what you say about must be false. The only thing such an occurance allows you to conclude is that the application depended on some OS faciltity that was changed/broken by the patch. That's all.


That is obviously what would make sense, however in a *nix environment missing a patch as soon as it is releasedReally? So leaving OpenSSL unpatched when I'm running Apache makes me immune to the still active Slammer? No, you're quite wrong. This makes no sense whatsoever: you're vulnerable as soon as the exploit is releasd, just like on Windows. The platform has nothing to do with this: this is true of all software everywhere, no matter what.


somehow doesn't make you as exposed as you are with Windows where an exploit is released for each hole in alot of cases weeks after it was found.Exploits are release just as quickly for UNIX software. Go read bugtraq (or it's archives) or look at the CERT data, or read full-disclosure. You painfully have no clue.


A documented and well publicized issue after installing the SP2 on XP was that MS Office suit would actually stop working and had to wait for a special patch that made it compatible with SP2 I had OpenOffice at the time and it worked just fine, if the application is not integrated to some degree into the kernel why would it break? Because it depends on a feature provide by the operating system the patch broke. If Office was intergrated into the kernel, a crash of it would take out the operating system every single time. Yet this doesn't happen, so it's not in the kernel.

That's what a BSOD or kernel panic is FWIW. The kernel crashing. An unrecoverable situation.


This might very well be true but somehow the design of Linux does not allow this to happen, the aforementioned Apache slammer would be an example.The security models of Linux and Windows are identical, they're nearly identical in implementation, and no.


As well as tons of Outlook and IE viruses. From that I can only surmise that if the design was the same then Windows doesn't enforce it's own policies and gives just about every application SYSTEM permissions.Nope, it does not. Looking as task manager would prove this. And the existance of a virus for somethign doesn't mean the application is privileged. Look at my virus above. That will still cause plenty of damage just to a user's data unprivileged.


When was the last time anyone heard of an Evolution virus? Ahh, but Firefox has legendary IE-like vulnerabilites (and has many) that could have allowed an IE like worm to come out. None did, however. But the chance for exploit was certainly there, on both Windows and Linux.


I very much think you are wrong about that. The simple and hard facts are that there are thousands possibly millions of malware programs for Windows and there are hardly any for Linux and the ones that are out for it aren't really in the wild.So Apache slammer doesn't exist? What about several other of the classical UNIX worms? Did you even read my notes about what happens if you install old Linux unprotected on the Internet, much like old Windows? Obviously you didn't as, you wouldn't be making such claims otherwise. Google around if you don't believe me.


Everytime I had to reinstall Windows I would have to make sure that the ethernet cable was unplugged, the couple of times I didn't I was attacked on the first boot couldn't even install any patches.Same is true of not up to date Linux.


I'm sorry its just that facts seem to say that *nix has a much better security architecture than Windows.NIST (You know, the US federal government) says you're wrong. Look over the common criteria evaluations on their website if you do not believe me. CC is evaluation of the security architecture of a product. One interesting thing to note is Windows and Linux are being evaluated to the exact same model, CAPP. As such, you cannot possibly make that claim, becuase their model is the same. You're wrong, they both use DOC.


While on the desktop *nix is tiny according to the latest statistic I ran across Windows only runs 49% of the servers which means that the rest are run under *nixNo, it doesn't. There are plenty of other servers out there running operating systems I'm quite sure you've never heard of.


so there are plenty of targets for virus makers yet somehow only Windows gets attacked.And there are plenty of UNIX worms out there, despite what you'd like to believe. Automated dictionary SSH attacks don't exist?


I refuse to believe that Windows admins are idiots and that is why they get attacked by viruses. Largely in the highly-published Internet
"crashes", that was the case. Systems were not up-to-date and not properly secured when they had to be not updated.


Also if you would advise on a good book on OS design and security I'll be happy to read up on the subject.


This is a HUGE hole, especially on a home users machine, since there are very few instances when such a service is needed by the home user and it cannot be turned off because just about everything depends on that service. Then your Linux system is vulnerable to the same hole: as it's running D-BUS. Whoops. UNIX has had RPC way longer than windows: NFS uses RPC as part of it's operation. KDE has used RPC since 2.x.

You can simulate RPC in lots of other ways both operating systems provide: PIPEs, FIFOs, shared memory.

You cannot possibly make this claim about one and not the other, as they both provide the same facilties with essentially comparable semantics. So if one is broken by design, the other must be by equvilance.


Again this is by design, its the way they made it.How does allowing two processes to talk create a security issue? It's no more/less dangerous then handling user input.


Now the general design of both MIGHT be the same, however the fact remains that specific implementation of said design by MS is lacking comparedNo, it isn't. It was totally redone after several RPC worms.

[edit]Removed a response to something I misread.

blastus
December 5th, 2005, 09:02 PM
That is obviously not the consensus of security experts worldwide. If you are not aware, ActiveX does not have a permissions-based security model--it is insecure by design.

Really? Then why can I pick what ActiveX controls do and do not run?

ActiveX controls, unlike Java applets, run under an all-or-nothing security model.

Yes, there is no sandboxing. Their access to the local system is limited to the privileges of the user, just like any other application the user runs. So unless you're claiming the privilege model used by both UNIX and Windows NT is flawed, your statement can't possibly be true. And I doubt you wish to make such bold claims.

The only issue is if something is allowed to run with out the user's permission, and IE has had several implementation flaws that allow that to occur. That doesn't make ActiveX insecure by design.

Obviously you see absolutely no problem with every browser plugin (signed or not) running with the same privileges as a standalone application. Well I absolutely do. The whole model is tied to the integrity of the browser to properly prompt a user to run an ActiveX control, and that the user won't be somehow tricked into running it via social engineering. All it takes is for a hacker to find an exploit in that mechanism in the web browser or to trick the user to find a way to execute the ActiveX control. It is common knowledge that one of the reasons why ActiveX is insecure is precisely because it does not use a permissions-based security model. It is also used throughout Windows and that compounds or amplifies the issue.


To be fair, yes I'll agree to the fact that IE will probably never be removed from at least a US version of Windows, and that the number of components that are dependent on it will ever decrease. So in a sense, yes, IE is permanently bound because MS won't ever do the work to free it. What I want to make clear is there is no technical reason why it cannot be replaced, though that's probably rather unattractive.

What I won't agree to is that somehow makes the operating system any less secure. If that were true, than modular architectures are a security flaw, and the entire idea of shared libraries are a joke. But I think we can all agree that there's nothing inherently wrong with that design, and that's what everything else depends on: the shared libraries.

OK so I'll take your other post as largely irrelevant as you are no longer claiming that IE is not bound to Windows. Whether Microsoft can unbind IE from Windows is also irrelevant to whether IE is actually bound to Windows. Although I agree they could unbind IE from Windows if they wanted to, they probably never will. So from my perspective IE is permanently bound to Windows.

I refer you back to the start of this post. ActiveX is one of the major reasons for the security problems in IE to the begin with. ActiveX is also part of the glue that helps bind IE to Windows because it blurs the lines between web applications and standalone applications. That is, it allows the browser to run applications inside it with the same privileges and functionality as a standalone application (and there is no other way applications can be run.) This was the goal of ActiveX.

Because IE is so deeply entrenched into Windows, and because ActiveX is insecure by design, the potential for a hole in IE to affect the OS is larger than it should be. I could quote you hundreds of articles that literally say the same thing, but it would be a waste of time since you do not see any issue with ActiveX. Here's four quotes:

A quote from Gartner researchers (http://www.smh.com.au/news/Breaking/Gartner-caution-on-Firefox-takeup/2005/02/09/1107890254074.html?oneclick=true) from this year:


"Because IE is integrated into the Windows operating system, flaws in IE have a greater impact than flaws in a stand-alone browser. Also, it takes longer to create fixes (since regression testing must include the entire operating system), and applying IE patches is often more time-intensive and expensive (requiring reboots, for example)," the researchers wrote.

A quote from US-CERT (http://www.kb.cert.org/vuls/id/713878) from last year:


There are a number of significant vulnerabilities in technologies related to the IE domain/zone security model, trust in and access to the local file system (Local Machine Zone), the Dynamic HTML (DHTML) document object model (in particular, proprietary DHTML features), the HTML Help system, MIME type determination, the graphical user interface (GUI), and ActiveX. These technologies are implemented as operating system components that are used by IE and many other programs to provide web browser functionality. These components are integrated into Windows to such an extent that vulnerabilities in IE frequently provide an attacker significant access to the operating system.

A quote from the Mozilla foundation (http://www.mozilla.org/security/security-announcement.html):


Mozilla browsers maintain a separation between the application and the operating system. IE browsing functionality is becoming increasingly integrated into Windows; a security problem in browsing functionality may therefore affect services which are shared with, or relied on by, other parts of the operating system. This makes a multi-layered defensive strategy complex to design and implement effectively. The convergence of Internet Explorer and the Windows operating system has provided fertile ground for malicious programmers.

And some rhetoric from the U.S. DOJ:


Microsoft has harmed even those consumers who desire to use Internet Explorer, and no other browser, with Windows 98. To the extent that browsing-specific routines have been commingled with operating system routines to a greater degree than is necessary to provide any consumer benefit, Microsoft has unjustifiably jeopardized the stability and security of the operating system. Specifically, it has increased the likelihood that a browser crash will cause the entire system to crash and made it easier for malicious viruses that penetrate the system via Internet Explorer to infect non-browsing parts of the system.

If anything, we have witnessed the fulfilment of this statement from the U.S. DOJ.

LordHunter317
December 5th, 2005, 09:57 PM
Obviously you see absolutely no problem with every browser plugin (signed or not) running with the same privileges as a standalone application. Well I absolutely do.Yes, I don't because if I did, that would mean EVERY USER application is bad.


The whole model is tied to the integrity of the browser to properly prompt a user to run an ActiveX control, and that the user won't be somehow tricked into running it via social engineering.And how is that any different from me sending an email:
From: sexy@sex.com
To: yuo@example.com
Subject: Naked Pictures

See naked pictures of me insideWith a virus in a zip file?

It's not. Or some program you download and installing also installing malware (e.g., Kazaa)? It's not.

It's only different iff the control is installed without user permission. Which could happen in IE due to implementation flaws. You cannot conclude from that that IE insecure by design.

At this point, I'm simply going to ignore further claims from you that ActiveX is insecure by design. I advise everyone else to do the same. Until you can show technical or logical reasons along another path of reasoning, or show why my above conclusion is invalid, your claim is invalid. The conclusions that must be drawn are completely unreasonable. If they were true, then I should just shut my computer off now, as there's nothing I can do to prevent myself from being hacked. Because every application is insecure by design.


All it takes is for a hacker to find an exploit in that mechanism in the web browser or to trick the user to find a way to execute the ActiveX control.Which doesn't make ActiveX insecure by design. It means there's an implementation flaw in the loading mechanism. It would only be a design flaw if it were impossible to rectify this behavior. The fact MS has managed to do so for all know exploits strong implies that no, this is not a design flaw.


It is common knowledge that one of the reasons why ActiveX is insecure is precisely because it does not use a permissions-based security model.That's wrong. It uses the same model as every other application the user runs. You said so yourself even. This statement is contradictory with your own posts.


It is also used throughout Windows and that compounds or amplifies the issue.So COM is a security flaw, now? How so? Last I checked, unless the COM control was specifically coded in a such a way to allow me to bypass permissions for something, I cannot. Certainly, the mere existance of COM on your system isn't a flaw.


I refer you back to the start of this post. ActiveX is one of the major reasons for the security problems in IE to the begin with.Portions of it's implementation perhaps.

Moreover, if you really believe that, then Firefox plugins are bad and extensions are bad, because they have the same problem. See the Greasemonkey exploits for examples.

Moreover, Java sandboxing is still ulitimately up to client control: it can be disabled. Meaning, we can reduce the protection provided by the sandboxing to a social engineering problem (ask the user to disable it). Which you claimed is a flaw in ActiveX. Therefore, sandboxing provides no extra protection unless it cannot be disabled. And that doesn't exist, making that specific case uninteresting.

So either all dynamically loadable content on the web is bad, or it's not. You can't have your cake and eat it here. It means you're giving up Flash, shockwave, Java, videos, etc. In all browsers on all platforms.

Somehow, once again, I think your logic has reached an unreasonable conclusion.


That is, it allows the browser to run applications inside it with the same privileges and functionality as a standalone application (and there is no other way applications can be run.) This was the goal of ActiveX.Right, and that's not a security problem. After all, we let other applications run at that level, so why can't content I installed from the web run at that level? It's only an issue in either case if the program is installed without my permission. Something we don't tolerate in either case.


Because IE is so deeply entrenched into Windows, and because ActiveX is insecure by design, the potential for a hole in IE to affect the OS is larger than it should be.If that were true, then all shared libraries would be bad.

Yes, other applications using IE DLLs mean they are potentially (operative word) vulnerable if a flaw exists in them. But the same is no different of a glibc vunlerability on Linux. There's the potential for all applications to be at risk from that.

That's just a reality of using shared libraries. There's no way around it either.
If that were really true, then all shared libraries are bad. That would mean every application would need to provide it's own unique XML engine, own unique HTML rendering, own unique libc, etc. But you still can't get rid of the pesky kernel everyone's dependent on....

So no, your conclusion is invalid. Yes, DLLs can possibly create higher risk. However: They're applicable to all platforms and you're not implying the issue evenly. Fallacy of exclusion. There's no evidence everyone writing their own code for every task is more secure. It's probably not, but there's no proof either way. So you have no support for your claim, as there's only one other valid alternative. You've failed to show in the specific case of the IE DLLs, that there is any specific design related to them that increases the risk of compromise.


but it would be a waste of time since you do not see any issue with ActiveX.That's not true. There's been issue with ActiveX where controls can be installed without my permission. That does not mean ActiveX is insecure by design, WHICH IS YOUR CLAIM.


A quote from Gartner researchers (http://www.smh.com.au/news/Breaking/Gartner-caution-on-Firefox-takeup/2005/02/09/1107890254074.html?oneclick=true) from this year:Invalid. This is just restating your claim and Gartner is hardly a valid expert, so this is an invalid appeal to authority.


A quote from US-CERT (http://www.kb.cert.org/vuls/id/713878) from last year:Proof-texting does not an argument make. At no point does the article conclude that ActiveX is insecure by design. It merely shows one flaw in the manner in which pages are trusted into zones. It was fixed, so it doesn't support your argument. The page even links to the patch.




A quote from the Mozilla foundation (http://www.mozilla.org/security/security-announcement.html):Invalid appeal to authority again, as it's not like Firefox has been any better in recent memory. Moreover, plently of things embed the Gecko rendering engine. If a Mozilla OS existed, I'm sure plently of things would use Gecko. So no, invalid.


And some rhetoric from the U.S. DOJ:Non-sequitur by irrelevance. Windows 98 is a different operating system with a different security model. Things that apply there do not apply to Windows NT.


If anything, we have witnessed the fulfilment of this statement from the U.S. DOJ.Yeah, and people stopped using 98 :rolleyes:.

Danielle
December 5th, 2005, 11:21 PM
Nope, won't work. What we're interested in auditing is calls from ring 3 -> ring 0. This is performed by a hardware instruction (on IA-32, a software interrupt or the SYSCALL instruction) and as such, can't be done at ring 3.

Adding syscall auditing code into glibc would provide auditing for applications that use glibc, but not everyone does that; moreover, an attacker inserting malicious code can simply not use the glibc syscalls and make the calls directly himself.

As such, these activities must be done in kernel.
OK, thanks LordHunter. i can't remember what i read but i think it was something to do with the ProcAddresses and the injected DLL :confused: BTW this is on a windows system.

Danielle
December 5th, 2005, 11:50 PM
hi, i just want to say that the windows registry is a great idea, far better then ini files and it's not a security hole at all. the reason spyware is associated with it is becasue of the startup keys localed in the registry.

activex can be quite safe too. it's even hardcoded into windows. if the admin turn on the glow function for vBulletin and you come here using windows and IE you will see it. although alot of bad people use it to load code onto your computer.

blastus
December 6th, 2005, 01:21 AM
It is common knowledge that one of the reasons why ActiveX is insecure is precisely because it does not use a permissions-based security model.

That's wrong. It uses the same model as every other application the user runs. You said so yourself even. This statement is contradictory with your own posts.

And you have taken my post out of context. It should have been obvious that this whole discussion about ActiveX is in the context of its role in the web browser.


Moreover, Java sandboxing is still ulitimately up to client control: it can be disabled. Meaning, we can reduce the protection provided by the sandboxing to a social engineering problem (ask the user to disable it). Which you claimed is a flaw in ActiveX. Therefore, sandboxing provides no extra protection unless it cannot be disabled.

Are you saying that any security feature that can be disabled by the user is useless?


At this point, I'm simply going to ignore further claims from you that ActiveX is insecure by design. I advise everyone else to do the same. Until you can show technical or logical reasons along another path of reasoning, or show why my above conclusion is invalid, your claim is invalid. The conclusions that must be drawn are completely unreasonable. If they were true, then I should just shut my computer off now, as there's nothing I can do to prevent myself from being hacked. Because every application is insecure by design.

You can take my posts out of context all you want-for the record I did not cite those quotes to explicitly say that ActiveX was insecure by design. Really I don't care if ActiveX is insecure by design or if it just its implementation. The fact is, is that ActiveX is designed to run web applications with the same privileges as standalone applications, and there are no other options, and I disagree with that design.

If I want to run a standalone application then I will explicitly download it, perhaps give it execute permissions, and run it outside of the web browser. I do not want my web browser to run web applications with the same privileges and full functionality of a standalone application by design just by simply clicking on a button in my web browser. At least if it were to run in a sandbox mode, that gives me an extra line of defense against the control running via a drive-by-download exploit, me accidentally running it, or otherwise.

For the record, yes, I have no Firefox plugins enabled and I keep my extensions to a bare minimum. I realize that no architecture is really secure or bulletproof, but my understanding is that the Mozilla plugin architecture does not mandate that every plugin and every extension has to have the same privileges as the user and has the full functionality of a standalone application.

You can advise everyone to ignore my posts and argue over frivolous semantics all you want--I really could care less. This discussion is a waste of my time.

aysiu
December 6th, 2005, 01:47 AM
This discussion is a waste of my time. I would actually urge all parties at this point to just drop it, mainly because I don't see an exchange of ideas that serves to broaden the minds of all parties involved.

It seems everyone's made up her or his mind and just wants to state it.

LordHunter317
December 6th, 2005, 01:48 AM
And you have taken my post out of context.No, I haven't.


It should have been obvious that this whole discussion about ActiveX is in the context of its role in the web browser.No, it wasn't. Why did you bring up it's integration into the rest of the operating system if we're only talking about the web browser? :confused:

So no, I think you're backpedaling out of an untenable position. Moreover, even if we were talking about the browser, you've still failed to: Equally apply your criticisms Demonstrate a technical reason why allowing browser plugins to run with the same privileges as the browser itself is bad, and Demonstrating, especially in the fact of social engineering attacks, how a sandbox helps anything.

So even if we were talking about just the browser, your postition is still untenable. At the very least, it's not well supported.

One can make an argument about why the web browser (or any Internet application) should run with less privileges than other user applications, but you've failed to apply any reasonable reasoning this way. More importantly, even if we all accept that as tautology, the implementation details are still incredibly difficult to make the value questionable anyway.


Are you saying that any security feature that can be disabled by the user is useless?In the face of social engineering attacks, quite potentially yes.


You can take my posts out of context all you want-for the record I did not cite those quotes to explicitly say that ActiveX was insecure by design.Yet that's what you've been claiming, so I don't know what else you want me to take them to support.


Really I don't care if ActiveX is insecure by design or if it just its implementation.Utter crock. If that was true, then why did you make such statements as:
If you are not aware, ActiveX does not have a permissions-based security model--it is insecure by design. and:
Because IE is so deeply entrenched into Windows, and because ActiveX is insecure by design, the potential for a hole in IE to affect the OS is larger than it should be. I could go on, but you've repeatedly made this claim, and I want you to support it.

We're in agreement on everything else, AFAICT. IE has had implementation flaws (and might still have a couple) in ActiveX, specifically in the area of allowing controls to be installed without proper user authorization. IE won't be uninstalled for windows.

The only thing we disagree are your claims ActiveX is insecure by design. As I've said, you've provide no technical support for your argument and you can't possibly like the logical conclusions that must be drawn from your own statements. Your position is quite untenable.


and I disagree with that design.You're welcome to disagree with it. That doesn't make it insecure by design.


I do not want my web browser to run web applications with the same privileges and full functionality of a standalone application by design just by simply clicking on a button in my web browser.Why? In effect, that all you do to run any application on your system. The only difference is the install step is done for you at once.


At least if it were to run in a sandbox mode, that gives me an extra line of defense against the control running via a drive-by-download exploit, me accidentally running it, or otherwise.Only for directly malicious attacks. It doesn't save you from social engineering, which you claimed as an issue, unless the sandbox cannot be disabled. Which isn't Java and wouldn't be a sandboxed ActiveX. It's just too necessary.


I realize that no architecture is really secure or bulletproof, but my understanding is that the Mozilla plugin architecture does not mandate that every plugin and every extension has to have the same privileges as the user and has the full functionality of a standalone application.That's not the point: the point is, they can be provided so it's no less of a risk. And the user isn't still prompted or asked about what permissions they have: even if they don't operate all the time with the user's full privileges, they can acquire them anytime they want without my permission. Which makes them effectively the same. There is no actual sandbox, just a pile of sand on the grass. It's useless without the wooden walls, which firefox doesn't provide.


You can advise everyone to ignore my posts and argue over frivolous semantics all you wantThey're hardly frivolous, they're absolutely key to your claims. The permissions a plugin or ActiveX control has are hardly "semantics" :rolleyes: in a discussion about what permissions they have. The logical deductions from them aren't either. You're the one making wild claims without support. I'm simply showing what those claims really mean in our reality.


This discussion is a waste of my time.Everyone's time would be better used if you reasoned through your position before posting. Even someone with no experience in logic should be able to see that the claim "ActiveX is insecure because it uses the same privileges as everything else" is a pretty outrageous claim without further substantation or reasoning applied to it.

prizrak
December 6th, 2005, 03:47 AM
LordHunter:
So let me clarify for my own understanding. You are saying that the NT architecture and design of the OS is in fact exactly the same as it is in Linux, however the implementation of the two is different making Linux a more stable and secure OS because of the defaults it ships with. And Windows's main problem is the fact that it in fact encourages people to run as Admins (if only on the local machine).

A place to store information is a security hole?

No, you're quite wrong. They could just as easily (and often do) store files on the harddrive. Do you even know what the registry is used for? If what you stay is true, then harddrives and filesystems are security holes.
It is a security hole because of the way it works, the information is recorded into it without user permission and it's not easy to find, in the case of files on my harddrive they are right there and visible and in Linux the locations are known and in the case of an install w/o root priviliges pretty much just confined to home and usr directories. (I think it might also install things into shared but at least in Ubuntut that requires root access)

How is it understandable? It's not. Most users using Windows DO NOT have Administrative access, because they are LIMITED USERS on a corprate domain.

So no, you're quite wrong.

It might be true in the corporate world but not in the home user world, and any infrastructure is only as secure as the weakest link, i.e. tons of zombie networks running w/o their users knowledge. Of course there is no defense against social engineering but there are plenty of cases when things get on w/o user knowledge.

You claim the kernel ran as a seperate process. It doesn't. It occupies a completely different execution mode. Process is a term with well defined (albiet different) semantics on Linux and Windows, and the kernel doesn't meet them.

This would be a semantics issue, I used the wrong term for it, what I meant was that the kernel is separate from the applications that run on top if it and is generally not affected by the applications themselves.

So Apache slammer doesn't exist? What about several other of the classical UNIX worms? Did you even read my notes about what happens if you install old Linux unprotected on the Internet, much like old Windows? Obviously you didn't as, you wouldn't be making such claims otherwise. Google around if you don't believe me.And there are plenty of UNIX worms out there, despite what you'd like to believe. Automated dictionary SSH attacks don't exist?
I never said there are no malware for *nix but if you look at data by just about any security company (I have followed top viruses list of major A/V makers for quite some time) the worms that are in the top 80% are all Windows worms. This DOESN'T mean there are no *nix worms but it does show that those are not as prevalent. http://www.fcenter.ru/online.shtml?softnews/2005/09/04#material_id=14697 this is the list of the most prevalent viruses in August 2005 by Kaspersky Labs (latest I could find).

Same is true of not up to date Linux.
Never seen it but that's probably because it's very easy to get up to date Linux vs Windows so I will take your word for it.

NIST (You know, the US federal government) says you're wrong. Look over the common criteria evaluations on their website if you do not believe me. CC is evaluation of the security architecture of a product. One interesting thing to note is Windows and Linux are being evaluated to the exact same model, CAPP. As such, you cannot possibly make that claim, becuase their model is the same. You're wrong, they both use DOC.
Something like that would require a link, the question is though do they test out of the box OS or is it hardened?

Then why does Firefox leak more than on Windows, and randomly freeze up? OO.org the same? No, you're quite wrong again.

Easy, both of the programs you mentioned are positioned against the MS programs they compete with making the developers care alot more about Windows than Linux, OO starts on my Linux machine ALOT faster than Windows and I haven't seen it crash yet on either OS actually.

Then your Linux system is vulnerable to the same hole: as it's running D-BUS. Whoops. UNIX has had RPC way longer than windows: NFS uses RPC as part of it's operation. KDE has used RPC since 2.x.

You can simulate RPC in lots of other ways both operating systems provide: PIPEs, FIFOs, shared memory.

You cannot possibly make this claim about one and not the other, as they both provide the same facilties with essentially comparable semantics. So if one is broken by design, the other must be by equvilance.
How does allowing two processes to talk create a security issue? It's no more/less dangerous then handling user input.

You missed what I was trying to say, RPC has been around for years true, *nix came up with it and allowed MS to use it. However on a Windows machine RPC is used for everything even local connections but it still has ports open to the outside world making firewall a mandatory feature and most home users have no use for RPC and don't know how to configure a firewall or what the damn thing is making this a very insecure design. And yes this would be design not implementation the OS and it's services are DESIGNED to run using RPC for internal communication (and here I'm only talking about MS services/applications not 3rd party). AFAIK such is not the case in Linux, RPC isn't even running as far as I can tell for anything that doesn't need it (I use NFS sharing and according to you NFS runs RPC). This is the thing about the RPC protocol it's not that there is a problem with applications talking to each other, it's the fact that this specific way of talking is accessible to the outside world. It also creates a problem with proliferation of home user wi-fi that tends to be unsecured.

No, it isn't. It was totally redone after several RPC worms.
Well that I have no information on that so I can't say either way.

P.S. It's not that I don't believe you or your knowledge is that as someone who used both systems I can tell that Windows is less secure despite being paranoid and running behind a well configured firewall and A/V as well as disabling anything that could do a drive-by-download I still got spywares.

LordHunter317
December 6th, 2005, 04:05 AM
LordHunter:
You are saying that the NT architecture and design of the OS is in fact exactly the same as it is in Linux,No, I'm saying the security model used by them is exactly the same. Specifically, they both implement a form of discresionary access control (DAC). Certainly, the implementation differencies aren't radical enough to prevent them from being evaluated to the same model (CAPP) by NIST. That can be verified if you don't believe me.


however the implementation of the two is different making Linux a more stable and secure OS because of the defaults it ships with. And Windows's main problem is the fact that it in fact encourages people to run as Admins (if only on the local machine). You'll see no argument from me here.


It is a security hole because of the way it works, the information is recorded into it without user permissionThat's not true. Registry keys have ACLs, just like filesystem objects do. You can't see them normally (and sadly, REGEDIT /still/ can't edit them) but they do exist. If you don't believe me, I can find a script that manipulates them.


and it's not easy to find,Doing Start -> Run -> "regedit.exe" -> ENTER is too difficult? I'll admit regedit doesn't appear anywhere on the menus, but that's on purpose. Overall, it's probably a good thing, when you consider all the issues.

However, all of this is really irrelevant. The point is: the registry is just a place to store information. It's not designed in such a way that unprivileged users can modify keys they're not supposed to be able to. If the registry didn't exist, everything would just be scattered in files around the filesystem. The scenario would be no different from what we have now.


(I think it might also install things into shared but at least in Ubuntut that requires root access)Nope.


It might be true in the corporate world but not in the home user world,So? Your original claim was that many Windows applications require Administrator access. This just isn't reality, and I demonstrated one reason why: because most Windows users aren't privileged.


I never said there are no malware for *nix but if you look at data by just about any security company (I have followed top viruses list of major A/V makers for quite some time) the worms that are in the top 80% are all Windows worms.Yes, but I think that has more to do with marketshare than number of exploits. Basically, any flaw in any sufficently common program will have an exploit written for it, regardless of program.


This DOESN'T mean there are no *nix worms but it does show that those are not as prevalent. Yes, but not for the reasons you'd like.


Never seen it but that's probably because it's very easy to get up to date Linux vs Windows so I will take your word for it.Really? Automatic update on Windows XP prompts you to turn on, then you don't have to do a thing. It's no harder than a good linux distribution.


Something like that would require a link, the question is though do they test out of the box OS or is it hardened?See http://csrc.nist.gov/cc/ and have an absolute party. All your answers are there somewhere, including the exact evaluation profiles used.


Easy, both of the programs you mentioned are positioned against the MS programs they compete with making the developers care alot more about Windows than Linux, OO starts on my Linux machine ALOT faster than Windows and I haven't seen it crash yet on either OS actually.All of this is a non-sequitur. Your original claim was that F/OSS programs are more stable and secure than their properietary brethern. Yet Firefox's crashed more than Opera ever has on me.


However on a Windows machine RPC is used for everything even local connectionsWhich isn't a security issue. Like I said, this is true of your Ubuntu box as well.


but it still has ports open to the outside world making firewall a mandatory featureWhich is why they (now) provide one.


and most home users have no use for RPCThen why does your Linux have it? It's quite useful. You obviously don't know the value of RPC.


and don't know how to configure a firewall or what the damn thing is making this a very insecure design.They don't need to know how the configure the firewall. XP SP2 operates under a proper default-deny OOB.


And yes this would be design not implementation the OS and it's services are DESIGNED to run using RPC for internal communication (and here I'm only talking about MS services/applications not 3rd party).Actually no, that's not the only mechanism available, it's just a commonly used one because it's simple to program and use.


AFAIK such is not the case in Linux, RPC isn't even running as far as I can tell for anything that doesn't need it (I use NFS sharing and according to you NFS runs RPC).Yes, it is. Portmap is the SUN RPC endpoint mapper. If you're using NFS it ought to be running. It certainly is if you're serving NFS, and is publically shared no less.


This is the thing about the RPC protocolRPC isn't a protocol. It stands for Remote Procedure Call. There are hundreds of RPC protocols out there, including SUN RPC, SOAP, DCOP, D-BUS. Of those, 2 is running on your Ubuntu box as we speak (3 if Kubuntu).


it's not that there is a problem with applications talking to each other, it's the fact that this specific way of talking is accessible to the outside world.No, that's not a design issue. It's only a design issue if unprivilged/unauthorized users can abuse teh service, or if the service has a flaw anyone can exploit. Unfortunately, MS has fallen down on the last one on several occassions.


It also creates a problem with proliferation of home user wi-fi that tends to be unsecured.Windows RPC and Wi-Fi APs have nothing in common. This is a total non-sequitur. I don't even see how you could have possibly reached this specious conclusion.


I can tell that Windows is less secure despite being paranoid and running behind a well configured firewall and A/V as well as disabling anything that could do a drive-by-download I still got spywares.No, you've show no reasons why anyone should believe that. And I've shown plently of reasons as to why they shouldn't.

prizrak
December 6th, 2005, 06:21 AM
Doing Start -> Run -> "regedit.exe" -> ENTER is too difficult? I'll admit regedit doesn't appear anywhere on the menus, but that's on purpose. Overall, it's probably a good thing, when you consider all the issues.

However, all of this is really irrelevant. The point is: the registry is just a place to store information. It's not designed in such a way that unprivileged users can modify keys they're not supposed to be able to. If the registry didn't exist, everything would just be scattered in files around the filesystem. The scenario would be no different from what we have now.
Getting TO the registry is simple, getting AROUND it is hard. Unless you are very experienced you have no idea what keys do what. In the case of files being scattered around the filesystem, which could be remedied by the way Linux does it things now where everything goes into predictable places, it is very easy to find which files do what and which programs they belong to. The lack of transparensy(sp?) is what I view as a problem and a potential security exploit.

Windows RPC and Wi-Fi APs have nothing in common. This is a total non-sequitur. I don't even see how you could have possibly reached this specious conclusion.

I think my wording on this one wasn't very good. What I was trying to say is that the way Windows does RPC is by having it accessible to your trusted zone (i.e. LAN) by default, at the very least it runs a network share w/o you allowing it unless some new feature turned it off. This creates a security issue with unsecured Wi-Fi users since it is fairly easy to hop on the LAN (i.e. trusted zone) w/o your permission. (Of course that would be more of a problem of wi-fi device manufacturers, but better defaults by Windows would help)
Also I wasn't aware of more than one RPC protocol thanks for the info.

No, you've show no reasons why anyone should believe that. And I've shown plently of reasons as to why they shouldn't.
Well the only reason to believe that would be experience, which I admit is more or less individual.

All of this is a non-sequitur. Your original claim was that F/OSS programs are more stable and secure than their properietary brethern. Yet Firefox's crashed more than Opera ever has on me.
You are taking the cause and effect out of it. I said that F/OSS programs in general are of better quality, which doesn't mean that there is no such thing as a bad program. Firefox has never crashed on me on either OS though it does run real slow on Linux (well 1.5 is better) but the fact is that quality is driven by focus, if the Firefox and Open Office programmers put more effort into making the Windows version it will be better than the same versions for Linux that didn't have as much effort put into them. To me that makes perfect sense, in general though my experience shows that F/OSS software runs better than proprietary equivalents. (like I said any personal experience is not something to go by it's too limited just what I saw) My point in all this was that neither of us have any proof that F/OSS way of development is inferior or superior to proprietary.

Yes, but I think that has more to do with marketshare than number of exploits. Basically, any flaw in any sufficently common program will have an exploit written for it, regardless of program.

Actually I will agree with you on that, I was gonna make a point that in the server world *nix systems have a large market share, the simple fact is that home users are the ones who are responsible for the large majority of the viruses being propogated. I guess I will leave it at "Linux is a more secure OS by implementation than Windows".

Oh one point I forgot to make in the post was that I very much don't agree that the majority of Windows users are corporate users who run as a domain user. It's more or less impossible, since just about any person who uses a computer at work has one (or more) at home and one (at least) of those computers runs Windows (with very few exceptions 95% market share don't come from nowhere) meaning that at the very least the shares are equal and just about anyone who runs a home computer under Windows runs as Administrator which still doesn't make a program that will not work unless you are Admin broken since it is a very reasonable assumption. I would like to note just for fairness sake that it is changing alot of new programs put their data into the Documents and Settings folder for the user (though still requiring admin access to install but that's not that different on *nix). So yes things are getting better for the Windows users however as it stands now *nix is a more stable and secure choice for an OS (and I include OS X into *nix)

LordHunter317
December 6th, 2005, 06:48 AM
I think my wording on this one wasn't very good. What I was trying to say is that the way Windows does RPC is by having it accessible to your trusted zone (i.e. LAN) by default, at the very least it runs a network share w/o you allowing it unless some new feature turned it off.The default fileshare exported by Windows (C$) can only be accessed by an Administrator with a password. The fact it's exported is useless to anyone. The remote IPC share (IPC$) can be accessed by unauthenticated (NULL) users, but they can't do anything by default in XP, 2003, and 2K (I think, I could be mistaken, I don't deal with it anymore, and the controls are different). All they can do is connect. Which isn't really a big deal.


This creates a security issue with unsecured Wi-Fi users since it is fairly easy to hop on the LAN (i.e. trusted zone) w/o your permission.They can't do anything to your machine but notice it's existance in the SMB/CIFS network browser. They can't even see what services are exported by default, because the Guest account is disabled.


Well the only reason to believe that would be experience,So logic means nothing?


You are taking the cause and effect out of it. I said that F/OSS programs in general are of better quality, which doesn't mean that there is no such thing as a bad program.You're ignoring the reality: Firefox and OO.org are OSS applications and are inferior in many ways to their propertiary compeitors. If they were superior in all ways, people would use them in droves.


Firefox has never crashed on me on either OS though it does run real slow on Linux (well 1.5 is better) but the fact is that quality is driven by focus, if the Firefox and Open Office programmers put more effort into making the Windows version it will be better than the same versions for Linux that didn't have as much effort put into them.See, platform isn't relevant here. I see the issues on both Windows and Linux. This is just a deflection of your original point really.


the simple fact is that home users are the ones who are responsible for the large majority of the viruses being propogated.Nope, that's not true. Remember the famous Code Red worm that completely took down several major corporations? It was all corporate servers doing that (it was an IIS worm after all). Remember the number of commerical machines out there dwarf consumer ones, and they're responsible for way more traffic than you would thing, especially in the face of a quick replicating worm.


Oh one point I forgot to make in the post was that I very much don't agree that the majority of Windows users are corporate users who run as a domain user.


It's more or less impossible, since just about any person who uses a computer at work has one (or more) at home and one (at least) of those computers runs Windows (with very few exceptions 95% market share don't come from nowhere) meaning that at the very least the shares are equal and just about anyone who runs a home computer under Windows runs as Administrator which still doesn't make a program that will not work unless you are Admin broken since it is a very reasonable assumption.You're ignoring the racks upon racks of servers locked away in the server rooms that a home user doesn't have. Hundreds upon hundreds of machines you don't see.


So yes things are getting better for the Windows users however as it stands now *nix is a more stable and secure choice for an OS (and I include OS X into *nix)It's really neither, if you're competent at adminstrating Windows. And certainly bad UNIX administration is no worse than Windows.

super
December 6th, 2005, 07:05 AM
i see that there is probably one million ways to argue this whole security issue.

i try to go by common sense and documented facts.

so,

fact: although there are approximately as many *nix servers as there are microsoft servers, *nix servers have on average far greater up-times (http://en.wikipedia.org/wiki/Uptime) than microsoft.

longest uptimes (http://uptime.netcraft.com/up/today/top.avg.html)

super
December 6th, 2005, 07:12 AM
also, could i ask lordhunter317 which os he feels is more secure and why?

prizrak
December 6th, 2005, 07:17 AM
You're ignoring the racks upon racks of servers locked away in the server rooms that a home user doesn't have. Hundreds upon hundreds of machines you don't see.
You are ignoring the fact that only 49% of those servers run Windows and that they will not be running Need For Speed: Wanted on those things like a home user would, this is a difference in what programs are run (not that NFSW needs to be run as Admin).
I actually went to the site you pointed out and did a sort by assurance level (which isn't explained well so I can only guess that its the "score" they give) and Red Hat is the highest rated Linux there with the EAL of 1 while Windows was rated at EAL4 to be fair though it was Win2000 pro and server with SP3 there was no 2003 server weirdly enough.

So logic means nothing?
There is theory and there is practice, what is true in theory isn't necesseraly true in practice therefore real world experience would (should) be regarded more.

Nope, that's not true. Remember the famous Code Red worm that completely took down several major corporations? It was all corporate servers doing that (it was an IIS worm after all). Remember the number of commerical machines out there dwarf consumer ones, and they're responsible for way more traffic than you would thing, especially in the face of a quick replicating worm.
In that case my original point about *nix being better would stand since commercial machines are the ones that tend to run it. You are also forgetting that many Windows worms attack both commercial and home machines as both run the same default services.

You're ignoring the reality: Firefox and OO.org are OSS applications and are inferior in many ways to their propertiary compeitors. If they were superior in all ways, people would use them in droves.
The fact is that alot of people did switch to Firefox, its market share is higher than that of Opera that has been around for longer. Majority of course still uses IE since it comes with the box. Comparison of OSS and proprietary software in terms of quality cannot be done without a large amount of testing and statistics accumulation using two programs out of thousands doesn't really prove anything.

See, platform isn't relevant here. I see the issues on both Windows and Linux. This is just a deflection of your original point really.
But it is, sure there are always issues, all programs are buggy that's inevitable. There are programs that are optimized for one platform over the other making them run on that platform better. Firefox is one of those examples, it is very good in Windows and is argueably the best browser available in terms of total functionality (useability, security, etc..) but on Linux its very unremarkable even though it's the same program. And Epiphany using the same engine is a much quicker and more lightweight browser so it's not a Linux proble.

prizrak
December 6th, 2005, 07:19 AM
i see that there is probably one million ways to argue this whole security issue.

i try to go by common sense and documented facts.

so,

fact: although there are approximately as many *nix servers as there are microsoft servers, *nix servers have on average far greater up-times (http://en.wikipedia.org/wiki/Uptime) than microsoft.

longest uptimes (http://uptime.netcraft.com/up/today/top.avg.html)
Well this one I can answer, and it has little to do with security. It has to do more with the modular nature of *nix vs Windows. In *nix servers that are running on top of it can be restarted without restarting the OS, in Windows the entier OS has to be restarted in many cases. It just in the way of how they do their thing.

LordHunter317
December 6th, 2005, 07:33 AM
fact: although there are approximately as many *nix servers as there are microsoft servers, *nix servers have on average far greater up-times (http://en.wikipedia.org/wiki/Uptime) than microsoft.Uptimes have nothing to do with security.

I've worked in situations where 100% uptime was a requirement. It was achieved via clustering. When you have multiple machines in an HA cluster, the uptime of an invidiual machine is irrelevant. You can drop a machine for any reason and it doesn't matter, as long as least one cluster node is still running.

In fact, if you need 100% uptime, this is the only way to achieve it save for perfection. So uptime of an individual box just isn't that important. You can't get 100% without at least two machines, and it's possible to get 100% with two with proper planning.

I still fail to see what uptime has to do with anything security related though. Machines are shutdown for many other reasons besides security problems. Even my Windows machines at home go down more often for hardware problems than security ones.


also, could i ask lordhunter317 which os he feels is more secure and why?Neither. I hold them both at about comparable levels of security. Both do things correctly that the other doesn't. Neither is arguably more secure than the other genearlly. Sometimes, one is more secure than the other in a specific situation, but there's no need to go into that.


You are ignoring the fact that only 49% of those servers run Windows and that they will not be running Need For Speed: Wanted on those things like a home user would, this is a difference in what programs are run (not that NFSW needs to be run as Admin).Yes, but you were trying to claim more Windows boxes are home than corporate. And you did so by excluding a huge portion of corporate machines. What software is being run is largely irrelevant.


I actually went to the site you pointed out and did a sort by assurance level (which isn't explained well so I can only guess that its the "score" they give) and Red Hat is the highest rated Linux there with the EAL of 1 while Windows was rated at EAL4 to be fair though it was Win2000 pro and server with SP3 there was no 2003 server weirdly enough.You didn't look well then because RHEL3 Update 4 (or whatever they call it) has an EAL 3/ALC_FCR.3. Windows 2003 Server is being evaluated IIRC, but it hasn't been completed yet. These things take substantial amounts of time.


There is theory and there is practice, what is true in theory isn't necesseraly true in practice therefore real world experience would (should) be regarded more.This is a complete non-sequitur. I wasn't talking about theory at any point in my discussion. I was taking real world facts and making logical deductions from them. Experience hardly trumps that.


In that case my original point about *nix being better would stand since commercial machines are the ones that tend to run it.No, it doesn't, as there are plently of UNIX worms and exploits out there for all the various UNIX and Linux distributions and versions. I gave a big list of classical UNIX server applications that are security issues in my very first post. It would behoove you to go read that list and think about it means.

LordHunter317
December 6th, 2005, 07:36 AM
Well this one I can answer, and it has little to do with security. It has to do more with the modular nature of *nix vs Windows. In *nix servers that are running on top of it can be restarted without restarting the OS, in Windows the entier OS has to be restarted in many cases.In practical terms though, whatever services you were running still have to be restarted, the result's the same. Just because the box wasn't physically rebooted doesn't mean anything if you still have to restart Apache and interrupt your service (even if the time is fractionally shorter).

In reality, if you can afford downtime, the difference between a 3-4 second service restart and a 1-5 minute reboot is nothing. If you can't afford that downtime, then you're running a clustering solution anyway and it becomes irrelevant.

Parading that Linux has to be rebooted less than Windows is simply silly, because in the real world, restarting the machine is unimportant. All that matters is if the service is still running or not, and the services have to be restarted in nearly identical situations on both.

prizrak
December 6th, 2005, 08:16 AM
In practical terms though, whatever services you were running still have to be restarted, the result's the same. Just because the box wasn't physically rebooted doesn't mean anything if you still have to restart Apache and interrupt your service (even if the time is fractionally shorter).

In reality, if you can afford downtime, the difference between a 3-4 second service restart and a 1-5 minute reboot is nothing. If you can't afford that downtime, then you're running a clustering solution anyway and it becomes irrelevant.

Parading that Linux has to be rebooted less than Windows is simply silly, because in the real world, restarting the machine is unimportant. All that matters is if the service is still running or not, and the services have to be restarted in nearly identical situations on both.
Well I wasn't implying that Linux is better because you don't need to restart the entire OS I was just saying that uptime is reported by the OS (unless I'm horribly mistaken) and that higher uptimes for *nix (BSD is at the top AFAIK) would come from the entire OS not being brought down.

No, it doesn't, as there are plently of UNIX worms and exploits out there for all the various UNIX and Linux distributions and versions. I gave a big list of classical UNIX server applications that are security issues in my very first post. It would behoove you to go read that list and think about it means.
You are correct there are plenty of exploits for whatever runs on top of the system. The biggest misconception about security is that if Linux is a harder OS to infect it means that applications running on top of it are as resistant. I think here we had a difference on the level we were talking about, applications are as vulnerable as programmers make them regardless of platform.

This is a complete non-sequitur. I wasn't talking about theory at any point in my discussion. I was taking real world facts and making logical deductions from them. Experience hardly trumps that.

I am so confused now, you say that it was derived from real world facts and you say that the experience doesn't trump them. I'm gonna go reread the thread :)

LordHunter317
December 6th, 2005, 08:28 AM
Well I wasn't implying that Linux is better because you don't need to restart the entire OS I was just saying that uptime is reported by the OS (unless I'm horribly mistaken) and that higher uptimes for *nix (BSD is at the top AFAIK) would come from the entire OS not being brought down.Correct and my entire point is the uptime of an invidiual system is completely meaningless in any sense.

nalmeth
December 6th, 2005, 08:28 AM
Wow..
This is some discussion alright!
Seeing as the exact wording of statements and phrases is extremely important here I will be as articulate as possible, and make sure to dot every t and cross every i. (oh no! don't quote me on that!) Most importantly, I will try not to contradict myself. That would indicate that I am not an indisputed genious in all things at all times..
I'm sorry for being so sardonic but I find this discussion very funny and interesting! I am bored at work and this is very entertaining so I will try not to throw of the balance we are seeing.
Basically I think I echo the statements of all regular folks reading this post that the presence of in-your-face spyware, adware, and viruses in Windows is non-existant on this linux system (or any other I have used or heard about - you can quote and correct me on that if you want!).
Lets say that this is because of 'x' number of reasons, and leave it at that.
Now, what I want to pick out of this discussion, and what is getting harder to decipher given more time and polarization, is a down-to-earth english summary of just how safe and secure THIS operating system is for us regular folks.
We've moved out of the old infested residence and into our hovering freedom homes, but for some of us, things seem too good to be true. Just because we don't live with rats in our couches and cockroaches in our cupboards, how do we know what lives in our walls, or to be fair, what could survive in our walls.
I know a fair bit about linux, and have used it for a couple years in various forms, and as far as I understand, the root - user relationship is a major front for stopping the ants from feeding and multiplying, because, they're not, allowed to..? Or basically for a malicous piece of software to actually perform an operation that involves vital and integral pieces of your architecture (your walls and floorboards), it would require your personalized root password to gain permission to do so. This seems fine and well, but it doesn't put an end to suspicious people like myself.
Just because your paranoid, it doesn't mean they're not out to get you right? Maybe Bill has some cronies working in dirty cellars for an underground front to covertly destroy all opposition to his monolithic software empire! I'm sorry I couldn't help it..
Basically some key questions I and maybe others have are:
Is there anything stopping them whoever they may be, from wandering into your system, even if they are powerless? i.e. maybe a program that monitors your keyboard and with a person on the other side with a keen mind and enough ingenuity to decipher a password?
How are internet ports set up and managed and protected (Windows / Linux)
Does the variety of distributions make it harder for a given LINUX virus to affect a lot of different linux users?
And lastly, ARE THERE even any linux viruses to be on the lookout for?

I am not overly paranoid, and I have no essential personal information that any person, even Bill himself would go through the trouble to gather.
I do however like to think I am safe walking the web, and have the means to protect myself. So far, my feeling is secure, but I do look over my shoulder. Can anybody offer me some reassurance, or validate my paranoid fears?

I'm sorry again for being kind of a donkey. I'm just trying to add a lighter note to the tension here, so if I've made one of myself, throw the book at me!
Gimme whacha got!

LordHunter317
December 6th, 2005, 08:38 AM
Basically I think I echo the statements of all regular folks reading this post that the presence of in-your-face spyware, adware, and viruses in Windows is non-existant on this linux system (or any other I have used or heard about - you can quote and correct me on that if you want!).Yes, to be fair, my Windows desktops don't have spyware, adware or viruses either. Ad-Aware reports nothing on either machine besides a few tracking cookies. I'm sure a few of those on are my Linux machines as well.



Now, what I want to pick out of this discussion, and what is getting harder to decipher given more time and polarization, is a down-to-earth english summary of just how safe and secure THIS operating system is for us regular folks.Both are equally secure as long as you keep your system up-to-date with security patches and you don't do dumb things. This means visiting sites that are malicious, disabling the pop-up blocker, answering that ****** spam, etc.

Beyond that, there's not really much else to do on either platform. On Windows, make sure you have a firewall running all the time, if you're not protected by a consumer-grade router (at home). If you use a laptop and travel, best to leave the firewall on all the time in case you connect to an untrusted network.


Or basically for a malicous piece of software to actually perform an operation that involves vital and integral pieces of your architecture (your walls and floorboards), it would require your personalized root password to gain permission to do so.And, as I've maintained several times, this is no different on Windows. Create a 'Limited user' account in XP (on a patched system) and see how much damage you can do to other accounts and the system if you don't believe me. The key difference here is that most people end up running as Administrator (because the first account has those privileges) and usch privileges are much closer to root.


Is there anything stopping them whoever they may be, from wandering into your system, even if they are powerless?The fact your user can't do much beyond modify his/her own data.


How are internet ports set up and managed and protected (Windows / Linux)Via a firewall, on both platforms. In some cases, the server application can be constrained to limit who it'll accept connections from, and where.


Does the variety of distributions make it harder for a given LINUX virus to affect a lot of different linux users?Nope.


[And lastly, ARE THERE even any linux viruses to be on the lookout for?Several worms. They're only of real interest if you run servers. A few firefox exploits exist, so make sure that's up to date. I know of no active viruses out there that take advantage of it, but sites that take advantage of the exploit(s) do exist.

prizrak
December 6th, 2005, 10:01 AM
This is a complete non-sequitur. I wasn't talking about theory at any point in my discussion. I was taking real world facts and making logical deductions from them. Experience hardly trumps that.
Ok I reread the thread and now can more or less answer. The point I was making that even a hardened IE and Windows are vulnerable to spyware and such because USEFULL browsing with IE means that alot of security features have to be disabled, which could be a problem because IE does tend to have fairly broad access to the system. This of course could be remedied by using another browser such as Opera or Firefox. Cookies are issues on both systems can't really get away from that. Another issue I see is the integration of IE and Outlook AFAIK it is possible to get your address book through IE (say using a certain cookie or ActiveX control) which could be an issue to people. If I'm wrong feel free to correct me.
Nalmeth:
I would like to echo LordHunter on what he said, neither OS is more secure than the other if you are on Windows I suggest running as much non MS stuff as possible like don't use IE or Outlook since there are many exploits for them that been around for a while. I think that one thing that would preclude people from writing worms/viruses/malware for *nix systems is the greater expertise that is needed. MS has Visual Basic which is a very easy language to master and the shared libraries and runtime environments (such as .Net framework) are standard on all WinXP systems. In the *nix world you need to use more involved languages such as C/C++ also as LordHunter demonstrated with the Apache Slammer example you need to take into account the possible differences in the systems which is why that worm had to include exploits for different SSL versions. There is also the problem of shared libraries since there are programs that need glibc2.0.12 to run and I might have glibc2.0.11 installed or .13 and the program doesn't know how to handle it. Basically Linux is better protected from so called script-kiddies and by default but anyone competent can easily create software that will exploit any hole you expose to the world.

LordHunter317
December 6th, 2005, 04:32 PM
The point I was making that even a hardened IE and Windows are vulnerable to spyware and such because USEFULL browsing with IE means that alot of security features have to be disabled, which could be a problem because IE does tend to have fairly broad access to the system.No, that's not true. IE does not have any more access than any other application you run..


as possible like don't use IE or Outlook since there are many exploits for them that been around for a while.Which aren't an issue if you stay patched, like I said.


as LordHunter demonstrated with the Apache Slammer example you need to take into account the possible differences in the systems which is why that worm had to include exploits for different SSL versions.Nope, it was the same exploit, different address to exploit at. Anyone who's capable of writing the exploit in the first place can handle this.


There is also the problem of shared libraries since there are programs that need glibc2.0.12 to run and I might have glibc2.0.11 installed or .13 and the program doesn't know how to handle it.Not really, no. Most don't even use any system features, if they can avoid it. Nevermind glibc's been upwards compatible for several versions now.

aysiu
December 6th, 2005, 07:36 PM
I know this is a futile plea, but what’s the point of arguing? I see this argument as fruitless for the following two reasons:

1. Clearly no one is going to concede to being wrong. I’m not seeing any “Wow. You’ve finally convinced me. Thanks for pointing that out” responses in the near future from any of the involved parties.

2. The sorts of users (anyone arguing about this now) who know as much about security in operating systems, as you all seem to, are likely also to be secure no matter what OS you use. It makes sense mainly to talk about what’s secure for your average dumb user or slightly above average dumb user (like me), not people who know this much about the guts of the computer.

For more on my thoughts about this, watch the Seinfeld episode “The Robbery.”

You may continue arguing if you want, but it’s going nowhere…

LordHunter317
December 6th, 2005, 07:46 PM
2. The sorts of users (anyone arguing about this now) who know as much about security in operating systems, as you all seem to, are likely also to be secure no matter what OS you use.No, that's not true. Anyone who's taken even an undergraduate operating system course can see tons of factual errors by multiple parties in here that would call any statement they make into question.

Some of it's just plain misuse of terminology, but misuse of terminology usually means conceptual misunderstanding as well.

I've pointed several parts out, and even references you can use to verify what I said. If you really don't believe me, like I said, verify it through the IA-32 System Programmer's Manual.


It makes sense mainly to talk about what’s secure for your average dumb user or slightly above average dumb user (like me),That's not how the thread was started though. An attempted discussion of hardware protection mechanisms (though I'm not sure what the OP's point was, see above about errors) is by definition, going to be an "advanced" topic. By "advanced" I mean undergraduate CS or S/W ENGR level. This is pretty basic security stuff for anyone doing system-level programming.

That being said, it is far advanced beyond the level of the casual user, sure.

angkor
December 6th, 2005, 09:46 PM
I know next to nothing about securing a comp nor do I want to know all there is to know about it. I have other interests.

I know my system feels a lot safer with Ubuntu on it than with WinXP....just based on the fact I've never had any trouble with Debian or Ubuntu and I did have trouble using Win98 and WinNT. Of course this is totally subjective and has nothing to do with scientific evidence, but hey...who cares ;)

I do know a lot about debating and the style of debating and I have to agree with Aysiu that the argument (that started out rather interesting) quickly progressed into an unreadable picking apart of eachothers posts which has nothing to do with an intelligent argument.....all the 'non-sequiturs' and the 'I didn't mean thats, I said...not true...yes true....' , etc.

Too bad....it looked promising.

Not to say I didn't learn anything for which I thank all the participants...:)

LordHunter317
December 6th, 2005, 10:07 PM
I do know a lot about debating and the style of debating and I have to agree with Aysiu that the argument (that started out rather interesting) quickly progressed into an unreadable picking apart of eachothers posts which has nothing to do with an intelligent argument.....all the 'non-sequiturs' and the 'I didn't mean thats, I said...not true...yes true....' , etc. Funny. Do you even know what a non-sequitur is or it's importance in a debate of any sort?

aysiu
December 6th, 2005, 10:08 PM
You lost me again, LordHunter.

My point wasn't that everybody's right or has a valid point. Honestly, I don't even really understand half of what you people are talking about, so I'm not in a position to evaluate what's valid or not.

My point was really that if you get to the level of sophistication you are all at, where you're talking about security at a kernel level and a user level and all that other stuff I don't understand, I think you would know pretty well how to secure your own operating system.

So when we talk about security (at least at a desktop level), it really makes sense to address security as it works for those of us who do not have such a deep understanding of security issues (users like myself), as we are far more likely to have our securities breached by the default setup of the operating system.

In case you didn't get my Seinfeld reference...
JERRY: Stolen?

(Kramer enters the apartment.)

ELAINE: (looking at Kramer) Someone left the door open.

(Elaine enters the bathroom.)

JERRY: (to Kramer) You left the door open?!

KRAMER: Uh, Jer, well you know, I was cookin’ and I, I uh, I came in to get this spatula...and I left the door open, ‘cause I was gonna bring the spatula right back!

JERRY: Wait, you left the lock open or the door open?

KRAMER: (guiltily) The door.

JERRY: The door? You left the door open?

KRAMER: Yeah, well, I was gonna bring the spatula right back.

JERRY: Yeah, and?

KRAMER: Well, I got caught up... watching a soap opera. “The Bold And The Beautiful”.

JERRY: So the door was wide open?

KRAMER: Wide open!

(Elaine enters the living room.)

JERRY: (to Elaine) And where were you?

ELAINE: I was at Bloomingdale’s... waiting for the shower to heat up.

KRAMER: Look, Jerry, I’m sorry, I’m uh- you have insurance, right buddy?

JERRY: No.

KRAMER: (shocked) How can you not have insurance?

JERRY: Because I spent my money on the Clapgo D-29. It’s the most impenetrable lock on the market today. It has only one design flaw. The door... (Jerry pushes the door shut.) ...MUST BE CLOSED!!

aysiu
December 6th, 2005, 10:13 PM
Funny. Do you even know what a non-sequitur is or it's importance in a debate of any sort? Why the antagonism? What would indicate to you that angkor did not know the importance of non sequiturs to debates?

Incidentally, for the record, this is what Dictionary.com says
1. An inference or conclusion that does not follow from the premises or evidence.
2. A statement that does not follow logically from what preceded it. I'd say your latest post in response to angkor would qualify as #2.

LordHunter317
December 6th, 2005, 10:29 PM
My point was really that if you get to the level of sophistication you are all at, where you're talking about security at a kernel level and a user level and all that other stuff I don't understand, I think you would know pretty well how to secure your own operating system.See, but that's a bad line of reasoning, because as I've said many times, the errors commited by many errors here are quite gross. The misconceptions given are quite fundamental about how Windows and Linux both operate.


So when we talk about security (at least at a desktop level), it really makes sense to address security as it works for those of us who do not have such a deep understanding of security issues (users like myself), as we are far more likely to have our securities breached by the default setup of the operating system.See, but the thread didn't even START like that, so it's rather silly to ask for that to occur now.. The thread began with an attempted high-level discussion. Why should those of us who wish to participate in such a discussion dumb it down for the masses?

If you want a theead about practical security concerns and resolutions for casual desktop users, then start one. Asking the discussion level to be lowered in this thread here is rather silly and is slighting the posters in it.


Why the antagonism? What would indicate to you that angkor did not know the importance of non sequiturs to debates?Because if that's all he really has to say about the style of discussion, then I'm left to assume he doesn't understand what a non-sequitur is or it's importance to a debate, or that he's trolling.
Generally, I don't assume people are doing the latter unless I know them to be trolling. Would you rather I do that?

nalmeth
December 7th, 2005, 12:12 AM
and the war of words rages on..
thumbs up aysiu!
There is a seinfeld episode relevant to most any situation. I don't think it will lighten up this room, sadly.

Lordhunter, could you clarify why a virus designed for say Red Hat would infect a debian system without a hitch? Or in general why you maintain that the variety of distro's makes no difference with worms and viruses? I find it hard to believe but I'm sure you know better than I. Unix is unix I guess, but does not every distro have unique elements to its architecture which would filter a given virus as it made its way through the net? It seemed like a given, but I am not well informed in terms of security. I've never had a breach that gave cause to do research.

I do not run XP anymore.. I think I might have an install CD, and I'm considering installing it on a small partition or something, but I want to look into VMware before I do. I don't think - for my purposes - it would be worth having a dual boot. The only thing I miss out on is games, and I have an xbox anyway.

Anyway, a story that might be trivial/circumstantial..
About a year ago, I think, I installed Agnula on my family's computer, just for personal fun, and maybe to give them an alternative. Nothing wrong with choices. Of course I set Agnula as the boot default, so if they didn't pick windows on the grub menu, they would be taken into Agnula. I know you shouldn't have to resort to trickery, but I gave them a really sweet setup, and just wanted them to have that door they could walk through if they wanted. They never were all that interested, and it just sort of sat there, waiting.
A couple months ago, they got some kind of worm that found its way through their web of virus protection (norton and other modes of percieved security) and totally disabled their internet. My sister had school-work and my mother had paper-work, etc that needed internet access for emails etc, etc.
To the rescue came Agnula-demudi as they were able to connect to the internet fine, and get all their work to where it needed to be. Of course I set everything up for them before, and tried to make it look as windows like as possible so the learning curve wasn't very steep.

I know some of you will say that the same could happen on linux, or that my family was probably to blame for being dumb-casual users (not far from the truth), but there is anecdotal evidence of this Windows situation from here to Gibralter, and I can't find anyone that has had this happen on a linux system. NO ONE.

Since you guys are far more experienced, can you share some stories of a linux system that was crippled by malicous software?

I'd like to know if I'm only hearing what I want to hear, and knowing only what I've heard.

Thanks guys

LordHunter317
December 7th, 2005, 12:19 AM
Lordhunter, could you clarify why a virus designed for say Red Hat would infect a debian system without a hitch?Because when you come down to it, they all use more or less the same code.

GLIBC is the same on all modern Linux except for patches. The same goes for the kernel. And X. And OpenSSL. And most other things.

Also, if the virus is the kind I demonstrated eariler (a simple shell script, or perhaps PERL or Python) you can assume tons of default libraries that make the differences irrelevant. At the very least, all a shell script virus needs is cp to clone itself. Sure, it would be crude and simple, but most viruses are ;)


Or in general why you maintain that the variety of distro difference with worms and viruses?Because the source code is the same. Ultimately, the difference comes down to what patches a distribution applies compared to another. Sometimes, these differences can stop a virus from propogating: i.e., if Debian patches the exploit before Red Hat does. Generally speaking however, that's the only case that makes a difference.


but does not every distro have unique elements to its architecture which would filter a given virus as it made its way through the net?No, because most viruses exploit a single piece of code, like Apache, or OpenSSL, or GLIBC. They only really care about that piece of software, and nothing else. The fact you're running Apache 2.0.53 on RH instead of Debian is irrelevant. All the virus cares about is you're running Apache 2.0.53. After that, if it does things the whole system (like install a rootkit) it uses things that are safe to assume are everywhere, like cp, ls, modprobe, or makes library/system calls directly to accomplish the same goal, which are more portable than say, where PERL is installed on a system.

That's why: the portability issues are at a different level then where the distributions vary.

nalmeth
December 7th, 2005, 12:20 AM
Lordhunter - please be fair. The post is called "FYI- Linux security versus Windows security". It does not state that this is a discussion meant for high-level users, actually I think the original poster, whom you so graciously corrected on every point, intended for this post to be read by anyone concerned about linux/windows security. If dumbing down the material is such a burden to your high intellect, then perhaps you should start you own thread and name it "Windows vs Linux security - Elite-users". Until then, I and the other peasant-users will continue to post here.

nalmeth
December 7th, 2005, 12:24 AM
Because the source code is the same. Ultimately, the difference comes down to what patches a distribution applies compared to another. Sometimes, these differences can stop a virus from propogating: i.e., if Debian patches the exploit before Red Hat does. Generally speaking however, that's the only case that makes a difference.


Ok thank you for pointing that out. It makes enough sense.

Still, can you share any stories in your own experience, or even any passed on to you about a linux system crippled by viruses? Server, or personal user or whatever

LordHunter317
December 7th, 2005, 12:49 AM
Lordhunter - please be fair. The post is called "FYI- Linux security versus Windows security". It does not state that this is a discussion meant for high-level users, actually I think the original poster, whom you so graciously corrected on every point, intended for this post to be read by anyone concerned about linux/windows security.Well, he may have intended for that to be the case, but talking about hardware memory protection mechanisms isn't a good starting point for achieving that goal. That's a higher-level topic, only of serious interest to exploit writers, security experts, system programmers and operating system authors.

Even if he intended to teach an undergraduate course, he started out of the gate with Master's level material, so-to-speak. As such, I never expected the discussion to be go below the level he started with.


Until then, I and the other peasant-users will continue to post here.You're certainly free to do so and I'll continue to respond with the best of my ability. I'm not suggesting you stay out. What I'm suggesting is that it's unfair to not allow a discussion at a higher-techincal level to occur simply because people without that expertise are posting in this thread. If they want a thread with only material at their level, they should start a new one. If they want to post here, they may do so, but the caveat should be that the level of discussion may possibly go above their heads.

That's perfectly reasonable and all I want, really. Had the thread started out with basic security practices and I had raised it's level I could understand being upset, but it didn't, so I don't feel it's fair to be upset at a high-level discussion.


Still, can you share any stories in your own experience, or even any passed on to you about a linux system crippled by viruses?I don't have any Linux systems personally under my control I remember being compromised. If you search the 'Linux Kung Fu' forum over at Arstechnica, where I also post, you'll find several threads where machines were exploited and the collective group over there helped in recovery. Most of them as I recall were due to exploits in poorly coded PHP software, and were usually running IRC bots, sending spam, or performing other such fun activities.

nalmeth
December 7th, 2005, 01:11 AM
I'm not suggesting you stay out. What I'm suggesting is that it's unfair to not allow a discussion at a higher-techincal level to occur simply because people without that expertise are posting in this thread.

?

If they want to post here, they may do so, but the caveat should be that the level of discussion may possibly go above their heads.

OK, I like this statement. Let's leave it at that. For me, this is what linux is about.

Nobody is upset about a high-level discussion. I like to learn, and throwing yourself into the mix with people heads above you usually gets you some tough lessons. I don't ask you to tone down the technical substance of your posts. All the more detail the better.

If I may say, however, one last point. I think that personal frictions are getting in the way of the meat in this discussion.

That is all

Please keep up the torrid pace of this informative debate

prizrak
December 7th, 2005, 01:34 AM
Asiyu:
I don't think the discussion went down hill I learned a fair bit from this thread.
I think the problem is that several posters are speaking in different terms. LordHunter is trying to get at the fact that both OS's used the same design paradigm and both have the same mechanisms that achieve security. The issue here is mostly the differences with what defaults the OS comes with. Windows makes you run as an Administrator with complete access to your machine and ability to break w/e you want. This is further aggravated by software makers who create programs that either don't run under non Administrator account or don't install for all accounts (though this could be a Windows issue not sure). There is also no nice "sudo" functionality as it is with Ubuntu where you just get prompted for a password and the installer runs with higher priviliges.
Another point that is made is that while there are loads upon loads of Windows viruses and there are few (in comparison) such programs for Linux it doesn't mean that it is a more secure OS. The point LordHunter was trying to make is that there are still security holes in Linux they are just not being exploited at the time for whatever the reason is (difficulty of virus development, small number of desktops running it, uselessness of a virus since users tend to run unprivilged).
The point of this entire thread was to
A) Correct the original poster who has misled the readers with his information on CPU modes and hardware protection
B) Correct the misconception that DESIGN of Linux is completely impenetrable to viruses as opposed to Windows.

angkor
December 7th, 2005, 07:51 AM
Funny. Do you even know what a non-sequitur is or it's importance in a debate of any sort?

O I do know, ;) I also know it's not very strong to use it every other two arguments....

angkor
December 7th, 2005, 07:55 AM
Because if that's all he really has to say about the style of discussion, then I'm left to assume he doesn't understand what a non-sequitur is or it's importance to a debate, or that he's trolling.
Generally, I don't assume people are doing the latter unless I know them to be trolling. Would you rather I do that?

Or maybe I was doing neither and just stating my view on this discussion which has absolutely nothing to do with the subject or the high-levelness of it. No harm intented...

LordHunter317
December 7th, 2005, 08:17 AM
I also know it's not very strong to use it every other two arguments....If you'll note, I'll went into sufficent detail about what was logically inconsistent about anyone's claims I responded to that with.

aysiu
December 7th, 2005, 09:31 AM
I can't imagine that a thread that starts with this paragraph would indicate that only people who truly understand the inner workings of a computer should participate in or read the thread:
No doubt you have heard on these forums and many other places that Linux is far more secure than Windows and that you don't need to worry about spyware, adware, malware, trojans, worms, viruses, etc. Have you ever stopped to think why that is? Or maybe whoever made that claim is just full of it? Here, I describe exactly how Linux behaves versus Windows when it comes to the security front. It sounds to me as if it's actually addressed to beginners.

Regardless, my point about this thread being pointless... or arguing being pointless was mainly that the parties arguing will never concede. I don't see anyone backing down, so the back-and-forth lobbying about "no, no, no, don't you understand that blah blah blah?" and "no, no, no, you don't understand that blah blah blah" is really going to end in one of only several ways:

1. It starts getting personal, at which point a moderator will close the thread or dump it into the Backyard.

2. It just continues until someone gets frustrated and says, "Ah, there's no point in arguing with you. You're so illogical."

3. The thread gets totally off-topic and then dies eventually.

Well, in any case, you'll argue no matter what I say, I guess. Keep on arguing... have fun, actually!

LordHunter317
December 7th, 2005, 09:55 AM
I can't imagine that a thread that starts with this paragraph would indicate that only people who truly understand the inner workings of a computer should participate in or read the thread: It sounds to me as if it's actually addressed to beginners.:rolleyes: Read the whole post and my comments. Even if he intended it to be addresed to that level, he didn't do a good job. It's far closer to starting PHYS101 with an in-depth discussion of quantum mechanics.

tomwell
December 7th, 2005, 11:54 AM
Wow!!! I have never seen such a pathetic debate...!!! Regardless of my knowledge of computers or not...!!!

Lordhunter you seem like an utter *&^ you are refuting everyones comments without even being polite about you higher level of intelligence...!!

If i was as blessed as you obviously are in the brain department i would use it to help others and i would achieve that by being nice to people!!!! not by belittling them...!!! Just a thought!!!

Man i hope you enjoy being such a superior being! (all alone might i add)

Oh and i have another question...

Remind me why you use linux vs windows?? (they seem identical the way you describe them)

Peace to all,

Yes even you "my" Lord!!! lmao

Tom

LordHunter317
December 7th, 2005, 06:48 PM
Lordhunter you seem like an utter *&^ you are refuting everyones comments without even being polite about you higher level of intelligence...!!How was I impolite? I didn't tell them they were stupid, or directly insult them in any way, nor did I directly attack anyone for saying incorrect things, nor did I suggest they should stop posting entirely, though I did suggest on a few occassions they should stop repeating the same falsehoods.

You could possibly same I'm not being kind, but I'm being reasonably civil and more than polite, compared to the norm for Internet discussions.

And I'm not being kind simply because I don't see the need to coddle anyone over what are simple facts. You either except the fact you got a fact wrong, move on and not make a big deal of it (like I have to do 3 hours a day, 5 days a week, and pay a large sum for the privilege of being corrected) or you can make a fuss about it. It's only a big deal if you choose to make it a big deal. I'm not. And believe me when I say I'm wrong plenty of the time.


i would achieve that by being nice to people!!!!Being nice doesn't necessarily help anyone learn anything.


not by belittling them...!!! Just a thought!!!I'm hardly belittling anyone. If I said, "You're not an authority on this subject," or, "Don't post about this ever again," or, "You're stupid and never learn," I'd be belittling them. The closest I got to that was a polite request to everyone to stop repeating the same claims I'd already demonstrated false multiple times, in an attempt to prevent the argument from driving itself into a circle.


Man i hope you enjoy being such a superior being! (all alone might i add)I'm hardly alone. I have more friends then you can imagine. And you're accusing me of belitting at the same time you're personally attacking my character. Takes one to know one I guess :rolleyes:


Remind me why you use linux vs windows?? (they seem identical the way you describe them)Because I prefer the UNIX command line, I'm more productive using KDE for most tasks, and I like the flexibility UNIX gives me for development and other things.

The fact they have identical security models and reasonably close implementations isn't relevant here.

tomwell
December 7th, 2005, 07:06 PM
I dont want to get into any discussions in this thread... it seems prone to arguing... lol

But in your response to my post you seem much more relaxed... Your tone has radically changed compared to your other posts...

And you know what thats cool!!!

Peace to you too...

;o)

T

towsonu2003
December 7th, 2005, 07:41 PM
after all the elitism talk, I am waiting for this to happen ( http://en.wikipedia.org/wiki/Godwin's_law )

Ptero-4
December 8th, 2005, 05:39 AM
Danielle. You're right about the registry. It's the startup keys what makes it a security mess. About the statup folder in Linux. There isn't, to start apps upon the system startup you have two options. If you're in the console (DOS like interface) you use the .login or .profile text file in your user home folder (the folder which name is your username). Or if you're in the GUI just leave the app running when you log out or shutdown your machine, the GUI session management will start that app everytime you start up your machine.

LordHunter317
December 8th, 2005, 07:07 AM
Danielle. You're right about the registry. It's the startup keys what makes it a security mess.No, they do not. Unprivileged users may not write to any portion of the registry other than their own account profile.

JimmyJazz
December 8th, 2005, 07:46 AM
it would be pretty glib to claim Linux is absolutly secure as the original post in this thread would suggest.

Danielle
December 8th, 2005, 07:47 AM
thanks, Ptero-4 :) i still have alot to learn :rolleyes:

lol, i don't know what to say now :D here's what i said earlier :smile:


the windows registry is a great idea, far better then ini files and it's not a security hole at all. the reason spyware is associated with it is [sic] :D becasue of the startup keys localed in the registry.

JimmyJazz
December 8th, 2005, 08:20 AM
LordHunter317 I think its cool that you are willing to dish out true technical facts here, I for one am a little annoyed with the glib claims of the OS community that rely on non scientific arguments. I think you may be wrong on some of your findings (it would take me far to long to sort thru everystatement a prove them to the contrary) but I also know that you are right in many of the things you have stated here. SO ummm good job so far.
And to the rest of you stop complaining and go out and research the fact hell take it as a challenge and prove him wrong it'll be fun and you might learn something.

LordHunter317
December 8th, 2005, 08:34 AM
I think you may be wrong on some of your findings (it would take me far to long to sort thru everystatement a prove them to the contrary)Curious, what do you think I'm wrong about? I'm pretty sure most everything I said isn't only correct, but trivial to verify.

Danielle
December 8th, 2005, 08:35 AM
LordHunter317 I think its cool that you are willing to dish out true technical facts here, I for one am a little annoyed with the glib claims of the OS community that rely on non scientific arguments. I think you may be wrong on some of your findings (it would take me far to long to sort thru everystatement a prove them to the contrary) but I also know that you are right in many of the things you have stated here. SO ummm good job so far.
And to the rest of you stop complaining and go out and research the fact hell take it as a challenge and prove him wrong it'll be fun and you might learn something.
which points, i'd like to know. thank you. O:)

JimmyJazz
December 8th, 2005, 08:54 AM
which points, i'd like to know. thank you. O:)

that he had right or that he had wrong?

Fundementaly this post has become irrelevant simply because it deals with the entire spectrum of security issues any computer system may encounter (and it started that way). This is hardly useful simply because of just how many variables of a computer and OS may be in play, you really can't talk about them in such general terms, now perhaps if the title of this thread was more specific then a real debate could happen. I think LordHunter may have somewhat made this clear by showing the true complexity of the issue originally posted about.

linbetwin
December 8th, 2005, 08:59 AM
No, they do not. Unprivileged users may not write to any portion of the registry other than their own account profile.
Alright, milord, I challenge you to install and run any piece of software in Windows logged in as a user without full administrative privileges.

You claim Windows NT is a multiuser OS, but the truth is you won't be able to do much in Windows NT unless your account is part of the administrator group. Microsoft acknowledges that in article 307091 (http://support.microsoft.com/default.aspx?scid=kb;en-us;307091) of their KB.

If Windows NT were truly a functional multiuser OS, why doesn't Microsoft urge Windows users to create and use accounts with limited privileges? And why do they plan to make LUA (Limited User Account) work in Vista if it already worked in XP/2000?

You say uptime is irrelevant in the case of server cluster. Well, Microsoft claims Windows is at least as good, if not better, at clustering.

You say Windows and Linux are on equal grounds when it comes to security. Well, I've heard many complaints on this forums about Linux (including but not limited to: hardware detection/compatibility/support, software availability/quality, ease of use, lack of games, default theme colour, release names etc.), but not once have I heard someone complain about virus infection or ask about how to get rid of malware. Try to imagine what would posts look like on a forum for people who use Windows without antivirus software and firewall.

LordHunter317
December 8th, 2005, 09:23 AM
Alright, milord, I challenge you to install and run any piece of software in Windows logged in as a user without full administrative privileges.It can't be done, as I won't be able to install it (generally). I certainly can run plently of things though.


You claim Windows NT is a multiuser OS, but the truth is you won't be able to do much in Windows NT unless your account is part of the administrator group.Really? I just created a brand-new limited user on my laptop. He seems ot be able to run Eclipse, connect to file shares, run IE, run Firefox, run Tbird, run GAIM, run Winamp, run a few other things all without trouble or incident.

So no, I don't see where you're going with this. Like I said, most users on corporate domains are limited accounts and yet manage to get on with their business all day long.


Microsoft acknowledges that in article 307091 (http://support.microsoft.com/default.aspx?scid=kb;en-us;307091) of their KB.Yes, some applications are broken and require more privileges than they should. I never denied that. That's the fault of the application writer, not Microsoft (unless the two are the same). The same is more than possible on Linux, though most applications are better about this. Some are notriously infamous though (e.g., sendmail).

But it's not the operating system's fault if applications aren't properly written to run privileged code seperate from unprivileged code. FWIW, it's hard to do that correctly, which is why many application writers don't bother.


If Windows NT were truly a functional multiuser OS, why doesn't Microsoft urge Windows users to create and use accounts with limited privileges?They umm, do, at least in corporate environments. Windows XP's default of creating the first account as an Administrator isn't something I necessarily agree with, nor did I ever said I did.

But you can't conclude from that or even open discourgment from MS' that NT isn't truly multiuser. Try telling that to all the people who have Active Directory deployed in this country and internationally, like most Fortune 500s.


And why do they plan to make LUA (Limited User Account) work in Vista if it already worked in XP/2000?Because LUA as planned for Vista doesn't exist in XP/2000. There's no sudo-like functionality provided by MS beyond the security hooks necessary to implement it, which very few things currently use. sudo.exe exists, but is 3rd-party IIRC. runas is much closer to su than sudo.

LUA as implemented for Vista is much closer to sudo functionality that other applications will actually use. The idea of an interactive account being able to elevate/change privileges on Windows is a mostly new concept, and I've never claimed otherwise.

They're implementing something closer to what Ubuntu has now: your account can gain administrative privileges, but doesn't normally operate with them. Windows doesn't currently have this, and that's what LUA in Vista is about.

That being said, most Linux distributions don't implement what Ubuntu does either OOB. They create a privilege account and an unprivileged account. Windows creates only a privileged account.

You can't conclude from those three facts that Windows isn't multiuser. The only reasonable conclusion is that Window's default is poor w.r.t. security, and even that would need some (obvious) support.


You say uptime is irrelevant in the case of server cluster. Well, Microsoft claims Windows is at least as good, if not better, at clustering.This is a complete non-sequitur. How does what Microsoft claims matter one bit? This isn't even a response; I have no idea what you meant to achieve by stating this other than a "HAHA, this is what MS said" ilk-troll. Which I don't think you're trying to do but this is rather nonsensical.


You say Windows and Linux are on equal grounds when it comes to security.I do, and people far smarter and far better at modeling and evaluating security say that as well. That's what common criteria is about, after all.


but not once have I heard someone complain about virus infection or ask about how to get rid of malware.Yes, but people have had their systems compromised and rootkits installed. Perhaps not here on Ubuntu (which has an excellent OOB security profile) but it's not like Linux is immune.

Just because the exploits take a different form doesn't mean they don't exist.


Try to imagine what would posts look like on a forum for people who use Windows without antivirus software and firewall.While I won't speak to the antivirus, I can imagine (because I've seen) posts on forums where Linux users didn't have proper firewalling when necessary.

JimmyJazz
December 8th, 2005, 09:32 AM
aw I was really hoping you would flame me next, c'mon give me your best shot!

JimmyJazz
December 8th, 2005, 09:40 AM
okay okay I realize I havn't said enough to get proper flame yet...
So i'll add doesn't the fact that linux is open source give corporations easier access to the code therefore make it easier for them the pinpoint problems and create their own patchs to combat said risk (in therory at least)? Is this not a point scored for Linux?

poptones
December 8th, 2005, 09:42 AM
Alright, milord, I challenge you to install and run any piece of software in Windows logged in as a user without full administrative privileges.

FYI, the machines at the call center where I once worked were locked down awful tight but it never stopped me from installing firefox or even those anti-spyware kits like spybot.

It also didn't seem much good at preventing the people on the call floor from generally screwing them up with all sorts of other crap - mostly downloaded via those stupid game sites like popcap.

You could also install kazaa with such an account - which, of course, instantly made the machine vulnerable to being rooted.

That said, Ubuntu could do a lot more for security and it would be nice to see this. Not 100 firewall front ends and antispyware and other band-aids, but tools that allow the system to better police the code running under it.

linbetwin
December 8th, 2005, 09:46 AM
DomineVenatorCCCXVII, scribitur non sequitur, sed non non-sequitur.

GeneralZod
December 8th, 2005, 10:58 AM
LordHunter317 I think its cool that you are willing to dish out true technical facts here, I for one am a little annoyed with the glib claims of the OS community that rely on non scientific arguments.

This is eerie - I was about to post a near-identical comment, right down to the usage of the word "glib"!


Anyway, I'm really enjoying this thread. If you wander through a Windows vs Linux debate on, say, slashdot, you often find such kind of "hit and run" assertions from both parties with absolutely no kind of follow up (e.g. "Linux would be just a spyware-riddled mass if it were as popular as Windows", which assumes, incorrectly as far as I'm concerned, that a) all possible implementations and designs of software are equally flawed and so "attention from malware writers" will magically make any OS dissolve into a mass of swiss cheese, and that b) popularity is the sole arbiter of whether an OS is targetted; and its counterpoint, the "No, because Apache vs IIS!", where the speaker obviously hasn't seen IIS 6's rather impressive security record on secunia.com) with my absolute favourite being "IE is integrated into the OS!" (or sometimes, "into the kernel!"). Honestly, I get the feeling that many such people simply parrot these phrases when they feel that their pet OS is threatened - as if it is some magical rote incantation for warding off all evil - and that they never examine for an instant whether the point is even remotely valid.

I really don't like to see people doing this for two reasons: a), saying things like "Windows is unsecurable!" and then not preparing to back it up or using points that don't survive even the slightest scrutiny is, in my opinion, exactly the kind of FUD-spreading that Microsoft is often berated for; and b) burying your head in the sand rather than going and helping with the issues that you pretend do not exist is bad for everyone, so I'm glad that LordHunter has donned his flame-proof suit and done the service of giving these issues the informed, criticial appraisal (and in many cases, merciless dismantling!) that they so badly needed. I'm rather disappointed that this thread is so badly rated - sure, the guy could have used more tact, but sometimes (unfortunately :() tact must be suspended in order to get an unpopular point across.

Anyway, I'd urge anyone with an interest in Windows vs Linux security to read this thread. Even if, in the worst case, LordHunter is being rather over-zealous and simply laying waste to every assertion that casts Linux is a better light than Windows (and I'm not saying that he is!), it's still very educational to see an "opponent's" (ahem) point of view :)

linbetwin
December 8th, 2005, 11:17 AM
You are absolutely right, General. People who cry FUD are very often FUDy-duddies themselves. I've been using Windows for many years and my computer has never been infected with any virus or other malware (except some adware in the days when I didn't even know what that was.) But I think I'm not wrong if I attribute the merits to Panda AV and firewall, Spybot S&D and AdAware. These are the first programs I install after reinstalling Windows, before connecting to the Internet and updating Windows. And I'm still waiting for the fix for that IE vulnerability discovered in April!

GeneralZod
December 8th, 2005, 11:27 AM
And I'm still waiting for the fix for that IE vulnerability discovered in April!

This at least one area where Linux/ OSS genuinely (as far as I can tell) does appear to have the upper hand - if the Firefox devs were ever too lazy to fix a security hole, I'm betting the Ubuntu devs would, and you'd see it in your list of system-wide updates in just a few days :)

linbetwin
December 8th, 2005, 11:43 AM
BTW, Panda newsletter informed me today of a DoS vulnerability in Opera 8.50:


"Retention is the hallmark of capacity."
Baltasar Gracián (1601-1658 ); Spanish writer.


- Security flaw in Opera -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, December 8 2005 - SecuriTeam has reported a denial of service
vulnerability in the popular Opera Web browser.

This security flaw is caused by a failure in a JNI routine,
implementing the com.opera.JSObject class. As a result, an attacker could crash
the browser remotely through a Java applet.

This flaw has affected version 8.50 of Opera. Also, an Internet page
has been published, where this weakness can be tested.

Users whose computers could be affected by this vulnerability are
advised to install the latest Opera version -8.51-, available at:
http://www.opera.com/download/

NOTE: The address above may not show up on your screen as a single
line. This would prevent you from using the link to access the web page.
If this happens, just use the 'cut' and 'paste' options to join the
pieces of the URL.

------------------------------------------------------------
To unsubscribe from Oxygen3 24h-365d, please visit:
http://www.pandasoftware.com/unsubscribe.asp

To contact with Panda Software, please visit:
http://www.pandasoftware.com/about/contact/
I don't know wheter this affects Linux versions of Opera.

Knomefan
December 8th, 2005, 11:51 AM
Critical appraisal, you must be kidding.
If anything this is a flamewar that you can witness on the web about 600 times a day.

Now don't get me wrong, I think LordHunter was absolutely right in pointing out the, ehm, problems in the innitial post and I do absolutely agree that many people, especially people new to linux, do have absolutely false impressions about security on linux.

But looking at some other stuff he wrote it's pretty clear that he only rehashes stupid arguments heard in flamewars like this again and again.
Some examples:
Simply dismissing the articles blastus linked to in post 29 as appeal to authority and ignoring them is typical for this kind of flamewar. Of course it gets even funnier as LordHunter himself is appealing to authority without arguing the point:

NIST (You know, the US federal government) says you're wrong.
And while we are at it, simply dismissing an article aysiu posted as
terribly, horribly, and totally wrong, unless you're solely interested in the desktop. Even then, it's still inaccurate, as opposed to useless. without ever stating why and how it was wrong and why the desktop should be considered irrelevant in this instance also is a typical tactic of these kind of flamewars.

Another one that really made my day was his response to someone pointing out that the rpc service running on windows by default might be a problem.

Then your Linux system is vulnerable to the same hole: as it's running D-BUS. Whoops. UNIX has had RPC way longer than windows: NFS uses RPC as part of it's operation. KDE has used RPC since 2.x.
Now, of course comparing d-bus, which isn't an rpc and which doesn't listen on the network to the window's rpc is simply ********, as is comparing dcop to it, which he does in his reference to KDE. And pointing out that you can install an rpc that of course is a security issue on linux too doesn't address the point that on windows rpc is running by default, is used for things that shouldn't need an rpc and above all, listens on the network by default. This latest "feature" made the blaster worm such a roaring success btw..

It also doesn't take into account that MS themeselves see this as a problem they tried to solve with SP2 by enabling the XP firewall by default. MS even claimed that using SP2 and thus having the ports closed to all the services leads to windows being 15 times less likely to fall prey to a worm than windows without SP2. How one can think that such an implementation isn't broken by design is beyond me.

So all in all, nothing to see here, move along. :D

LordHunter317
December 8th, 2005, 04:51 PM
if the Firefox devs were ever too lazy to fix a security hole, I'm betting the Ubuntu devs would, and you'd see it in your list of system-wide updates in just a few days :)The firefox devs left not only a security issue unpatched for 3 years, they hid it from public knowledge in bugzilla. There was quite a stir in the community about that.

In my mind at this point, calling Firefox's security better than IE's is a touch foolhardy. They've certainly done plenty to prove they're undeserving of such a title, and nothing serious to vindicate themselves. OTOH, I too am waiting for that IE patch, even though I don't use it except for Windows Update and corporate sites that require it. So you're screwed either way, I guess. Maybe Opera is better... :(


Simply dismissing the articles blastus linked to in post 29 as appeal to authority and ignoring them is typical for this kind of flamewarBut I didn't. I dismissed them as an INVALID appeal to authority. One word makes all the difference. And it's true, unless you want to disprove it: neither Gartner or Mozilla have sufficent authority in the area for their statements about IE to carry much weight.

You'll note the relevant article of sufficent authority he quoted I noted he was inaccurately taking it's statements out of context. So it's not like I'm randomly dismissing things as "appeals to authority" or anything of the sort; mearly, I'm only doing it when that's going on.

You'll note I even pointed that out about the Gartner article too: all he was using it was an appeal to authority because it was restating what he said. It didn't further his argument in any way; as it provided no more relevant facts or details. As such, it's an invalid appeal.


And while we are at it, simply dismissing an article aysiu posted as

terribly, horribly, and totally wrong, unless you're solely interested in the desktop. Even then, it's still inaccurate, as opposed to useless.
without ever stating why and how it was wrong and why the desktop should be considered irrelevant in this instance also is a typical tactic of these kind of flamewars.:rolleyes: Except that when he asked for further subtantiation, I provided it. So I have to ask, can you not read or are you trolling me? Because I did indeed substaniate that point.


Now, of course comparing d-bus, which isn't an rpc and which doesn't listen on the network to the window's rpc is simply ********, as is comparing dcop to it, which he does in his reference to KDE.Both are capable of such operation, although they do not normally do so. They are both RPC mechanisms. The Offical DCOP specification notes it's capable of TCP/IP operation. The fact that it doesn't run that way by default is irrelevant.


And pointing out that you can install an rpc that of course is a security issue on linux too doesn't address the point that on windows rpc is running by default,So are the services I mentioned, and I already mentioned that. (Insert comment about trolling or reading comp. here)


is used for things that shouldn't need an rpcSuch as?


and above all, listens on the network by default.Yes, it does. So does portmap by default on virtually every Linux distribution but Debian and Ubuntu.

By default, no one can do anything to the RPC mechanism but connect, unless they can authenticate on the machine. Now, that's obviously dangerous enough because it was still possible to exploit RPC with just a connection, but in theory anyway, just being able to connect and do nothing isn't a problem. Certainly, you have to be able to essentially handle that situation anyway to cover all possible input cases.


It also doesn't take into account that MS themeselves see this as a problem they tried to solve with SP2 by enabling the XP firewall by default.They've done far more extensive and necessary work to RPC beforehand: it was rewritten almost completely in Windows 2000 and the security model was adjusted again in XP.


MS even claimed that using SP2 and thus having the ports closed to all the services leads to windows being 15 times less likely to fall prey to a worm than windows without SP2. How one can think that such an implementation isn't broken by design is beyond me.Then most Linux distributions are broken by design because they also run firewalls OOB.



So all in all, nothing to see here, move along. Yep, just another person who selectively reads and quotes (context and diction are everything) and has no understanding of security.

Knomefan
December 8th, 2005, 05:57 PM
Ignoring all the personal attacks:


I dismissed them as an INVALID appeal to authority.
So there are valid logical fallacies? Amazing.


Except that when he asked for further subtantiation, I provided it.
No, you didn't, unless you count simply asserting that the virus count was totally wrong and mixing up viruses, exploits and worms as substantiation.

About d-bus and dcop:

Both are capable of such operation, although they do not normally do so.
And that's the point. While they might be used for RPC, they are mainly used for IPC and above all don't listen on the network by default.


The fact that it doesn't run that way by default is irrelevant. Why? I find it pretty relevant.


Such as?
For example local printing iirc.


Yes, it does. So does portmap by default on virtually every Linux distribution but Debian and Ubuntu.
But then again, portmap isn't installed by default on most linux distributions and certainly not on Ubuntu. And if it were and were configured to listen on the network I'd consider it as broken by design as I consider the similar design in Windows broken, so what's your problem here?


They've done far more extensive and necessary work to RPC beforehand: it was rewritten almost completely in Windows 2000 and the security model was adjusted again in XP.
But still, blaster happened, didn't it? So what's your point?


Then most Linux distributions are broken by design because they also run firewalls OOB.
Calm down. I didn't consider the fact that something is running a firewall by default as indicating that something is broken by design, but the fact that adding a simple firewall and thereby plastering over the wholes in the system can lead to an OS being 15 less vulnerable to worms than before.

LordHunter317
December 8th, 2005, 06:53 PM
So there are valid logical fallacies? Amazing.:rolleyes:



No, you didn't, unless you count simply asserting that the virus count was totally wrong and mixing up viruses, exploits and worms as substantiation.Yes, I did and I do. Certainly, if you consider it invalid, you haven't shown why, so this amounts to little more than a personal attack.


And that's the point. While they might be used for RPC, they are mainly used for IPC and above all don't listen on the network by default.Yes, but that wasn't relevant to the claims being discussed in the least. The claims were that: "home users have no use for RPC," which is false, "and that Linux doesn't run RPC by default," is also false.

If we're considering "not listening to the network," as the standard for RPC, then Window's RPC mechanism is IPC by default in XP SP2 due to the firewall.

So you still can't have your cake and eat it: either all of them are RPC mechanisms, or none of them are. The fact some listen to the network and some do not by default doesn't largely matter in a security discussion.

If they're properly written, there's no increased risk by allowing them to listen to the network. Obviously, MS RPC wasn't well written and allowing it to listen was a security issue.


Why? I find it pretty relevant.It wasn't relevant to the discussion at hand. How is it relevant now?

Yes, it means XP has a larger attack surface.


For example local printing iirc.Why shouldn't printing use RPC? That requires two processes talking and it makes perfect sense to do.


But then again, portmap isn't installed by default on most linux distributions and certainly not on Ubuntu.Yes, it is.


And if it were and were configured to listen on the network I'd consider it as broken by design as I consider the similar design in Windows broken, so what's your problem here?Well then, you consider most Linux broken by design. I know for a fact RHEL does. Debian does if you enable NFS support during install, or install fam.


But still, blaster happened, didn't it? So what's your point?My point is MS has been paying attention to RPC security for a long time, albiet in a poor fashion. It's not like blaster was the first RPC worm or a sudden wake-up call.

To be fair, MS' handling of their RPC mechanism and it's security has been overall pretty poor. I'm not denying that. What I am denying is the concept that Linux is any better in this regard, necessarily.


Calm down. I didn't consider the fact that something is running a firewall by default as indicating that something is broken by design,Utter rubbish.


but the fact that adding a simple firewall and thereby plastering over the wholes in the system can lead to an OS being 15 less vulnerable to worms than before.That's really the entire point of a default firewall policy, so no, this is in effect, what you said.

Knomefan
December 8th, 2005, 07:20 PM
I'm sorry, you are right, using a remote procedure calls service for local printing is a fine idea.

Further, an inter process communications daemon that can theoreticaly be used over a network though it isn't configured this way by default also is entirely equal to a remote procedure calls service that is listening on the network by default and that is specifically meant to listen on the network.

Finally, thanks for pointing out that an OS that has dozens of services running by default that are listening on the network and whos security can be dramatically increased with enabling a simple firewall isn't badly designed.

LordHunter317
December 8th, 2005, 07:45 PM
Look, if you have a problem with what I said, support it with technical facts, and reasonable logic.

There's no need to troll.

And BTW, most printing on most operating systems uses some form of IPC/RPC at somepoint in to processes. KDE applications certainly do.

I brought up DCOP and D-BUS as RPC mechanisms because the original claim was that home users don't have any use for RPC. They do, hence the existance of those two protocols. For the purpose of that point, the fact they don't listening remotely doesn't matter at all.

Now, if we're comparing default attack surfaces of Windows versus some Linux distribution, then it does matter. But we weren't talking about that, and if you meant to talk about that, you didn't do a good job of switching subjects. If you want to talk about that, then yes you're correct (ignoring the firewall) and yes, MS has done a worse job if you ignore portmap. But I never argued that or said otherwise.

As for the firewall, for a host-level firewall, there's really only two points to having from the beginning: prevent programs from phoning home and to control services that listen too permissively.

Knomefan
December 8th, 2005, 08:22 PM
Look, if you have a problem with what I said, support it with technical facts, and reasonable logic.
Look, that's what I did and you accusing me of not doing it doesn't change it, sorry.



And BTW, most printing on most operating systems uses some form of IPC/RPC at somepoint in to processes. KDE applications certainly do.

And still IPC != RPC



I brought up DCOP and D-BUS as RPC mechanisms because the original claim was that home users don't have any use for RPC. They do, hence the existance of those two protocols. For the purpose of that point, the fact they don't listening remotely doesn't matter at all.

It does, because IPC != RPC



Now, if we're comparing default attack surfaces of Windows versus some Linux distribution, then it does matter. But we weren't talking about that, and if you meant to talk about that, you didn't do a good job of switching subjects. If you want to talk about that, then yes you're correct (ignoring the firewall) and yes, MS has done a worse job if you ignore portmap. But I never argued that or said otherwise.

Sorry, but you might want to look at what you wrote again and at how people reacted to it. I didn't change the subject and as I already said, I agree with what you wrote about the first posting.



As for the firewall, for a host-level firewall, there's really only two points to having from the beginning: prevent programs from phoning home and to control services that listen too permissively.
But that's the point, services shouldn't listen too permissively by default. In fact having no daemon that listened on the net by default is one of the things that really make Ubuntu shine imho.

LordHunter317
December 8th, 2005, 10:15 PM
Look, that's what I did and you accusing me of not doing it doesn't change it, sorry.No, you haven't. You never gave a single reason as to why the rejection of the articles was invalid (mearly that it was), nor have shown why the narrow distinction between IPC and RPC is worth considering in my explanation of why RPC is valuable for a desktop system.

You haven't proven anything. You've just spat worthless tautologies.


And still IPC != RPCSo, what are the technical differences between them? (Aside: not many for most systems, besides the fact RPC usually refers to network transactions. However, I've operated on systems where that wasn't the case at all). And that still ignores the fact that DCOP is an RPC protocol, by definition.

So even if you can provide a reasonable defined difference, you're still wrong via proof by definition. D-COP is an RPC service, because it defines itself like that. The only way you can prove that not to be true is to show if it didn't met the standard definition of RPC, which doesn't include anything about what you listen to by default.

So you can't prove that it's not an RPC service. It is, like it or not. The fact it doesn't listen to the network by default has nothing to do with it.

You wouldn't argue that X is not a network protocol even though most Linux distributions have the TCP listener turned off, would you?

Same reasoning applies: just because something isn't actively doing something does not mean it is unable to do something. You're confusing ability and configuration.


But that's the point, services shouldn't listen too permissively by default.Then why the hell didn't you say that?. The ideal of service shouldn't listen by default (which isn't even universally true) doesn't prove that having a default firewall means your security is broken by design. It would only prove that if you also showed that those services always must listen to the network, and there's no other way for them to function.

Yet, the very presence of a firewall shows that's not true. So you can't possibly prove that, it's a logical impossiblity. Proof by logical contradiction: the presence of a firewall shows that your security isn't broken by design, as your program can function without a network. It doesn't say much for the implemenation, but there's a whole world of difference between the two, something many people here don't seem to grasp.

Knomefan
December 8th, 2005, 10:34 PM
Jesus, as I said, simply yaosf (yet an other stupid flamewar).

But just for the record as this one is really getting on my nerves:

The ideal of service shouldn't listen by default (which isn't even universally true) doesn't prove that having a default firewall means your security is broken by design.
I have stated several times already that I never ever claimed having a default firewall means something is broken by design.
What I said again and again was that having an OS that gets 15 times less vulnerable to worm attacks with the simple addition of a firewall shows that the underlying design was broken in the first place.

Seriously, how about actually answering what I wrote and not hammering this poor innocent strawman to death.

LordHunter317
December 8th, 2005, 10:41 PM
I have stated several times already that I never ever claimed having a default firewall means something is broken by design.
What I said again and again was that having an OS that gets 15 times less vulnerable to worm attacks with the simple addition of a firewall shows that the underlying design was broken in the first place.(emphasis mine) And those statements are contridactory. By definition, "something" ([b]YOUR WORD) includes "underlying design" (ALSO YOUR WORDS).

Don't lie. Either you believe the former or the latter, but you cannot believe both. If you believe the former, then any further discussion about firewalls is silly. If you believe the latter (which I think you do), then your conclusion doens't follow your premise, and I've shown logically why that is the case.

I even showed how they're equivalent. You cannot equivocate the need for a firewall in any situation with the fact the underlying security is broken, generally. It's not possible. You must have more information.

I already showed how it's logically false: the very fact the software operates with the firewall shows that it doesn't require the network for operation. Therefore, it's not broken by design. At most, you can conclude the implementation is poor.


Seriously, how about actually answering what I wroteI am. You said design. You have no proof. At most, you can prove implementation. And I never argued that the implementation of MS' RPC service doesn't have several problems; in fact, I even lamented them for it.

canadianwriterman
December 8th, 2005, 10:45 PM
For crying out loud. Don't you guys have jobs? I don't know how you can spend so much time on this subject.

Knomefan
December 8th, 2005, 10:52 PM
Dear Lord, it sure isn't easy talking to you.

First off, no there is no logical contradiction between saying
a) Having a firewall by default isn't in and off itself bad design
and
b) Having an OS that gets 15 times less vulnerable to worm attacks with the simple addition of a firewall shows that the underlying design was broken in the first place.

Second, having an OS that gets 15 times less vulnerable to worm attacks with the simple addition of a firewall shows that the underlying design was broken in the first place and it doesn't matter one bit wether you call it design (which is the right word here btw.), or implementation.

linbetwin
December 8th, 2005, 10:53 PM
Benford's Law of Controversy:
Passion is inversely proportional with the amount of real information available.

Knomefan
December 8th, 2005, 10:54 PM
For crying out loud. Don't you guys have jobs? I don't know how you can spend so much time on this subject.
Calm down, it's all fun and games and don't worry about my job situation. (Btw., it's allmost 11 in the evening here so I do have time and tv is boring right now)

canadianwriterman
December 8th, 2005, 10:57 PM
Calm down, it's all fun and games and don't worry about my job situation. (Btw., it's allmost 11 in the evening here so I do have time and tv is boring right now)

I guess it's better than boring TV. I just don't know how some of the authors (I won't name them) of this thread have the endurance to keep it going!;)

linbetwin
December 8th, 2005, 10:57 PM
Dear Lord, it sure isn't easy talking to you.

First off, no there is no logical contradiction between saying
a) Having a firewall by default isn't in and off itself bad design
and
b) Having an OS that gets 15 times less vulnerable to worm attacks with the simple addition of a firewall shows that the underlying design was broken in the first place.

Second, having an OS that gets 15 times less vulnerable to worm attacks with the simple addition of a firewall shows that the underlying design was broken in the first place and it doesn't matter one bit wether you call it design (which is the right word here btw.), or implementation.

The only way this isn't logically correct is if one doesn't want it to be.

LordHunter317
December 8th, 2005, 11:00 PM
First off, no there is no logical contradiction between saying
a) Having a firewall by default isn't in and off itself bad design
and
b) Having an OS that gets 15 times less vulnerable to worm attacks with the simple addition of a firewall shows that the underlying design was broken in the first place.So you weren't trolling, you really can't read. You can't even quote yourself correctly, as that first statement isn't equivalent to your repeated attempts to explain yourself prior.

Like I said before, context and diction are everything. Your posts are severely lacking in the latter category.


Second, having an OS that gets 15 times less vulnerable to worm attacks with the simple addition of a firewall shows that the underlying design was broken in the first placeProvide proof. You haven't. This isn't a tautology.


and it doesn't matter one bit wether you call it design (which is the right word here btw.), or implementation.So what's the difference between them? Is this going to be like IPC and RPC again?

LordHunter317
December 8th, 2005, 11:32 PM
Here' let's take a different tack and get past the "He said, she said", since that's going to drive itself in circles.

You originally claimed this:
It also doesn't take into account that MS themeselves see this as a problem they tried to solve with SP2 by enabling the XP firewall by default. MS even claimed that using SP2 and thus having the ports closed to all the services leads to windows being 15 times less likely to fall prey to a worm than windows without SP2. How one can think that such an implementation isn't broken by design is beyond me.(emphasis mine) Ok fine.

Let's make the assumption the only thing you're interested in is preventing worms from exploiting your machine (this is a poor assumption, but let's go with it). Ok, the only way the design of the software could be possibly broken is if the only way to prevent worm spreading is via the firewall.

Which hasn't been true to date. It is a way, but not the only way. If we were talking about NT4, this would be a different story, but it's not the case for anything over NT4.

So you're still incorrect, even if we hold ourselves to that assumption.

Knomefan
December 8th, 2005, 11:48 PM
I actually wanted to let this whole thing rest, but anyway, here we go:



Let's make the assumption the only thing you're interested in is preventing worms from exploiting your machine (this is a poor assumption, but let's go with it).
Why should we make this assumption? Protecting my machine from worms certainly is one concern, but not the only one.



Ok, the only way the design of the software could be possibly broken is if the only way to prevent worm spreading is via the firewall.

Why?

Look, it's really simple:
1. You have an OS that is very vulnerable to worms because it has a lot of services listening on the network by default. If one of those services has a flaw, this flaw will be exploitable from the outside.
2. You stick a firewall in front of it and proutly claim that the OS is now 15 times less likely to be infected by a worm.
3. The OS is very clearly poorly designed/implemented/whateveryouwanttocallit.

To make this even clearer, compare it to ubuntu:
1. You have an OS with no services listening on the network by default.
2. You stick a firewall in front of it.
3. Nothing changes, it's as secure/insecure as it was before when it comes to worms exploiting flaws in services.

LordHunter317
December 8th, 2005, 11:55 PM
Why should we make this assumption? Protecting my machine from worms certainly is one concern, but not the only one.Because I'm trying a different tact to show why you're wrong, since you dont' seem to accept my other logic: the fact the applications retains functionality without limited access shows it cannot be possibly broken by design.


Look, it's really simple:
1. You have an OS that is very vulnerable to worms because it has a lot of services listening on the network by default. If one of those services has a flaw, this flaw will be exploitable from the outside.
2. You stick a firewall in front of it and proutly claim that the OS is now 15 times less likely to be infected by a worm.This is insufficent evidence to make your claim the underlying applications are broken by DESIGN.. You either don't understand the meaning of that word, or are just trolling. I'm really beginning to believe the latter.

You have to show the ONLY to secure it is with a firewall. Just because MS chose to use a firewall doesn't mean it's the only way. They could have taken the effort to make their services localhost listen only. They choose to use a firewall instead. Just like Red Hat does. It's a prefectly reasonable solution to the "services listening by default" issue.

It only means your system is broken by design if it's your only recourse. Which it isn't, as the very existance of patches for these flaws shows. Proof by counter-example.

Knomefan
December 9th, 2005, 12:03 AM
This is insufficent evidence to make your claim the underlying applications are broken by DESIGN..

Ok, now I'm really tired of that topic, but just as an fyi:
I never, ever claimed the underlying applications were broken, I claimed that an OS that has dozens of services running and listening on the network is poorly designed, to put it mildly.

So again, please stop attacking that poor strawman, because it sure isn't his fault.