Page 2 of 2 FirstFirst 12
Results 11 to 13 of 13

Thread: How secure are pre-installed apps on Ubuntu Desktop?

  1. #11
    Join Date
    Jan 2005
    Beans
    42

    Re: How secure are pre-installed apps on Ubuntu Desktop?

    Quote Originally Posted by darkmatter2020 View Post
    Thank you for your responses. Probably my question was not properly understood. What I really wanted to understand was if Ubuntu has any security review process in place while deciding which pre-installed apps to include with their OS distribution. How can we be sure that there is no malware in these pre-installed apps?
    A Linux distribution does not have a wall of separation between "pre-installed apps" and the OS. There are only packages of software that constitute the distribution. You are thinking in Windows terms there.

  2. #12
    Join Date
    Sep 2014
    Location
    United States
    Beans
    254
    Distro
    Ubuntu 18.04 Bionic Beaver

    Re: How secure are pre-installed apps on Ubuntu Desktop?

    No one should blindly trust the OS.

    There is none of that in the packages in the OS. To do so would harm the OS and users who peruse the code would flag it up quickly as a security bug. Nothing in the default install will "steal your passwords" or "record keystrokes"
    It is wrong to assume that the files you have are correct until you check.

    The OS has many tools that do this automatically, but here is how they work.

    Ubuntu does some automated checks. When you run $ apt update and $ apt upgrade, Ubuntu will check a list from a remote repository. It checks the hashes of the repository and the packages you install against the public repository.


    1. The repository has the correct GPG signature.
    2. The hashed files match the repository index.


    However we need to trust the GPG signature of the remote repository. Ubuntu distributes keys on the ISO that allows us to trust this source without needing to manually validating.

    What then is the root value you should validate to know that your software is secure.

    Check the ISO hash. This will tell you if the hash you received is correct.

    Reasons the hash would be incorrect.

    1. Temporarily, your traffic was intercepted and modified to give you the wrong file.
    2. Someone has hacked this mirror and is distributing the wrong file.
    3. Your memory failed to write the file to hard drive.
    4. You didn't install the correct file.


    You will never know until you check. Check the hashes of the files you download.

    A Linux distribution does not have a wall of separation between "pre-installed apps" and the OS. There are only packages of software that constitute the distribution.
    This is wrong.

    The application on the ISO are pre-installed. There is no question about it. You install it onto the partition that installs the same packages to your new Ubuntu computer.

    You are thinking like a Windows user there.
    This is impolite. Please remove this from your post.
    Last edited by EuclideanCoffee; April 30th, 2020 at 06:55 PM.

  3. #13
    Join Date
    Mar 2011
    Location
    19th Hole
    Beans
    Hidden!
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: How secure are pre-installed apps on Ubuntu Desktop?

    @darkmatter2020

    At the risk of piling on, some of the previous posts have been at cross purposes. I'm contributing my two pennies in the hope that it clarifies rather than further confuses.

    I don't think mrdc76 meant anything condescending with his/her statement:
    You are thinking in Windows terms there.
    Rather, I suspect what was meant was something along the following lines:

    • In the Windows world, users have been conditioned to download everything from third-party sites the majority of which they, frankly, know next to nothing about.
    • The Linux world differs crucially from this highly insecure practice in that apps are housed in repos. Moreover, they are not simply housed there opaquely (as is the case in proprietary app stores), but compiled from source. This crucial element of transparency means that malicious code has a very high barrier to surmount before it can sneak into the repos. Not impossible, but very difficult.
    • It is worth noting that Snaps do not go through the same vetting process. They are almost entirely the reponsibility of their individual devs and the vetting process by Canonical is less thorough. In this regard, they are sort of halfway to being PPAs. Their big saving grace is that the Snap architecture is, by design, a sandbox. Therefore, rogue apps are still more likely to be contained. Such containment is not a magic bullet (see below).

    What I really wanted to understand was if Ubuntu has any security review process in place while deciding which pre-installed apps to include with their OS distribution. How can we be sure that there is no malware in these pre-installed apps?
    Your question might sound simple, but your concern cannot be addressed monolithicly. Malware can make it into your system in any of the following ways:

    1. An actively malicious developer foists it upon an unwary or insufficiently vetted app store. This is what happens all the time in the proprietary app stores. As already explained above, forcing authors to upload source code under FOSS-type licenses to properly guarded repos alleviates most of these concerns.
    2. A careless but well-meaning developer writes an app that has security holes which are subsequently exploited by bad actors. This is also somewhat mitigated by code transparency, though not as much as Linux advocates like to think (search for "Heartbleed").
    3. Good solid apps with transparent code housed in reputable repos are nonetheless sideswiped by a site hijack, or a MitM attack, or a supply chain poisoning. This threat is very real and is highly dependent on good site hygiene, download hygiene and certificate hygiene. These are the measures that EuclideanCoffee has covered off so well.
    4. You do something stupid. This is by far the number one malware vector. It is so far out in front of the others as to leave them eating its dust. It is also the vector of which people are most deluded about themselves: for example, wasting hours of time installing anti-virus apps while choosing auto login.

    So, to directly answer your question:

    1. For apps in the repos, we rely on a huge community of knowledgeable users to go through the source code and sniff out bad stuff. Bad stuff can be anything from intentional malice to sloppy code. This is possible only because, in the FOSS world, the code is open to inspection. This very transparency serves to discourage malicious code in the first place. If this is not good enough for you, then there is no further practical solution and you had best avoid using Ubuntu.
    2. The usual suggestion to "compile your own apps from source" I find to be unconvincing. If one takes the attitude that Canonical itself is suspect, then what advantage is there to compiling from source? If the compiler itself is corrupted, then even clean source code will yield a corrupt binary. At some point, you have to trust someone.
    3. For apps in the Snap store, you are well advised do your research. If they are in turn transparent, open to inspection and reliably compiled, then it is not worth worrying about. However, be aware that there is a greater danger with the Snap store than with the repos.
    4. To be safe, don't trust anything from outside the official repos/Snap store.
    5. Do NOT add PPAs. If you absolutely must, then sandbox them in a VM or a container. If you know the PPA author well and decide that s/he is trustworthy, then the question of trust is rendered irrelevant.
    6. People who do not practice good user hygiene are the authors of their own misery and all of the foregoing is just wasted breath.

    Further to the above point, have a look at this old thread. In it, hakermania outlines a scenario where users can be keylogged without any root compromise. His scenario reinforces the observation that the primary user weak point is not malware, but the guy/gal in the mirror.

    Good Luck and Happy Ubuntu-ing.

Page 2 of 2 FirstFirst 12

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •