Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: SELinux on Ubuntu 8.04 and preinstalled w/ 8.10?

  1. #1
    Join Date
    Sep 2007
    Location
    Pasadena, California
    Beans
    663
    Distro
    Ubuntu Development Release

    SELinux on Ubuntu 8.04 and preinstalled w/ 8.10?

    On another forum Im in people are concerned about government back doors like how the NSA is tapped into MS Vista systems. Security is a big reason why many people head over to linux.

    I can now see Hardy Heron has SELinux in the synaptic manager (not installed), but word is that in the next release, 8.10 (Intrepid Ibex), Ubuntu has SELinux built into the OS and makes it impossible to uninstall.

    Can anyone please comment on this? This would be a real disappointment if Ubuntu caved into the wishes of any government.

    https://wiki.ubuntu.com/SELinux

    https://wiki.ubuntu.com/HardySELinux

  2. #2
    Join Date
    Oct 2007
    Location
    Chennai, India
    Beans
    3,803
    Distro
    Ubuntu Development Release

    Re: SELinux on Ubuntu 8.04 and preinstalled w/ 8.10?

    Quote Originally Posted by shirteesdotnet View Post

    I can now see Hardy Heron has SELinux in the synaptic manager (not installed), but word is that in the next release, 8.10 (Intrepid Ibex), Ubuntu has SELinux built into the OS and makes it impossible to uninstall.

    Can anyone please comment on this? This would be a real disappointment if Ubuntu caved into the wishes of any government.
    From what I understand, SELinux is a replacement for AppArmour, and can easily be disabled and replaced with AppArmour by uninstalling.

    It's for a more fine-grained control over devices and permissions; how do backdoor concerns come in here?
    Cheers,PRShah
    Make your own: Ubuntu, Kubuntu, Xubuntu, Mythbuntu All-in-One Live DVD
    "I never make mistakes; I thought I did, once.. but I was wrong."

  3. #3
    Join Date
    Dec 2007
    Location
    Columbia, South Carolina!
    Beans
    Hidden!
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: SELinux on Ubuntu 8.04 and preinstalled w/ 8.10?

    While I love a great conspiracy as much as the next guy, and yes the NSA did help build SELinux, It is open source. If the US government built a hidden back door into SELinux, it would eventually be discovered. There are too many extremely paranoid computer programmers (usually called hackers but they should be called crackers) (if you don't know, look it up) out there who scan source code, and check it's security. The NSA built it for it's own use, then released it back to the community.

    In the end, if you do not trust it, don't use it. Stay with the long term release till you find a replacement for Ubuntu. BSD has some top notch security, it's harder to break into than Linux from what I have heard.

    Leo
    The angels have the phone box!

  4. #4
    Join Date
    Sep 2007
    Location
    Pasadena, California
    Beans
    663
    Distro
    Ubuntu Development Release

    Re: SELinux on Ubuntu 8.04 and preinstalled w/ 8.10?

    Well what do I know! Im not a hacker, cracker, etc Im trying to learn all this security stuff!

  5. #5
    Join Date
    Feb 2006
    Beans
    457

    Re: SELinux on Ubuntu 8.04 and preinstalled w/ 8.10?

    Following on from Leo's thoughts;
    DHS spend time and money hunting down suspect code in open source projects.
    Open source code, much like its commercial counterpart, tends to contain one security exposure for every 1,000 lines of code, according to a program launched by the Department of Homeland Security to review and tighten up open source code's security.

    Popular open source projects, such as Samba, the PHP, Perl, and Tcl dynamic languages used to bind together elements of Web sites, and Amanda, the popular open source backup and recovery software running on half a million servers, were all found to have dozens or hundreds of security exposures and quality defects.
    Coverity Helping I hope so, installing back doors? I think not.

  6. #6
    Join Date
    Nov 2005
    Location
    Nashville, TN
    Beans
    437
    Distro
    Ubuntu 14.04 Trusty Tahr

    Re: SELinux on Ubuntu 8.04 and preinstalled w/ 8.10?

    Ah paranoia... Security is a process. Total security is a fantasy. They don't need to put in backdoors to get into your system. I'm pretty sure any organization that has the best and brightest people that you'll never know about can find security holes in just about anything.

    What you do when you harden your system is reduce the number of people capable of cracking it. There will always be someone out there who is capable of enumerating your system, finding what's there and then discovering an exploit and writing code to take advantage of it.

    The exploit can be anything from a malformed packet, a heap spray, or a classic buffer overflow where they establish a connection and send a string of characters to fill up the buffer and then send something along the lines of \xeb\x03\x59\xeb\x05\xe8\xf8\xff\xff\xff\x4f\x49\x 49\x49\x49\x49 which is known as shellcode and translates directly into processor opcodes (ie assembly language) these lines get pushed into the stack and an instruction sent to move the execution point into the area of memory before the shellcode normally into what's called a 'nop sled' which doesn't do anything (it stands for 'no operation') but after it gets past the nops then the shellcode will begin executing. What it does is up to the person who programmed it.

    There are people who get into banks and they spend a lot of money on security.

    All gloom and doom? Not exactly... To your benefit is that the people capable of getting into your system normally work for the government, or are security researchers. They have bigger fish to fry or are on the clock to make money. Those on the dark side capable of it honestly don't care about your piddly system. They want big companies and big money.

    The lesson to take out of this is to reasonably harden your system with a firewall and be smart with what you download and execute.

    If you want to be very secure (for a home user) then what you need to do is install something like VMware and create a virtual machine with a shapshot to surf the web and do things online in. After your done revert to the snapshot and everything is clean. Use your physical host for things you need to keep. It's easy enough to download in a VM and then drag it over to your actual machine. AntiVirus is a scam as most of the new stuff isn't picked up so just make sure you download from trusted sites or examine the source code.
    -Chayak

  7. #7
    Join Date
    Sep 2007
    Location
    Pasadena, California
    Beans
    663
    Distro
    Ubuntu Development Release

    Re: SELinux on Ubuntu 8.04 and preinstalled w/ 8.10?

    Well, one thing I was concerned about regarding security (and Id consider myself an average computer user, but doing some photoshop and html too) was how simple it is to crack XP's logon password. I saw some video on the web how people burned a livecd to bypass the XP logon. Nifty stuff, yet I read a few weeks ago in the forums here (dont remember where) how people can just do a few lines in the terminal to bypass a linux password.

    I have people I work with I dont trust and for all I know they have keyloggers on all the other computers in the business. I wouldnt put it passed them. No that I have linux I feel secure again, but once they get into linux themselves and start messing around, or just doing some random searches on google... they are going to (sooner or later) find how how to type a few things in the terminal and once again they can get back into my system.

    What can I do?

  8. #8
    Join Date
    Feb 2006
    Beans
    457

    Re: SELinux on Ubuntu 8.04 and preinstalled w/ 8.10?

    You could try a boot password placed the Bios in conjunction with turning off you machine when you leave your desk. These ideas may well help to protect you kit from physical access by those who may well wish to cause you grief. It may help to stop people trying to access your system via an Ubuntu LiveCD or indeed any other LiveCD.

  9. #9
    Join Date
    Apr 2007
    Location
    Belgium
    Beans
    1,528

    Re: SELinux on Ubuntu 8.04 and preinstalled w/ 8.10?

    When someone has physical access to your computer, linux isn't secure either. By default, you can boot into recovery mode which leaves you with root access without needing a password. Recovering a password isn't hard either with a live cd.
    Disclaimer: I am currently suffering from severe CSD (Compulsive Sarcasm Disorder).
    My Site | Linux User #452328 | Running Arch Linux on Sony Vaio VGN-SZ61XN/C since October 2008

  10. #10
    Join Date
    Sep 2006
    Location
    Oklahoma
    Beans
    Hidden!

    Re: SELinux on Ubuntu 8.04 and preinstalled w/ 8.10?

    Quote Originally Posted by Nepherte View Post
    Recovering a password isn't hard either with a live cd.
    1D41C853AF58D3A7AE54990CE29417D8

    There's the hash.

Page 1 of 2 12 LastLast

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •