Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sun 21 Dec 2014, 08:45
All times are UTC - 4
 Forum index » Off-Topic Area » Security
What makes Linux safer than Windows?
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 7 [99 Posts]   Goto page: 1, 2, 3, 4, 5, 6, 7 Next
Author Message
Gullible Jones

Joined: 13 Apr 2009
Posts: 6

PostPosted: Mon 03 Aug 2009, 18:53    Post subject:  What makes Linux safer than Windows?
Subject description: Running as root: dangerous, or not?
 

It's well known that Puppy Linux is single-user, running as root by default. There's nothing really novel about this, when you think about it; Windows XP Home runs as admin by default as well. (Yeah, it does have the System user which is more powerful than admin, but so what?)

However, one of the major benefits I've heard toted about Linux is that most distros do not use root as the default user, which means that, if for instance an infected website hacks your browser, it will have a harder time installing a rootkit or trojan since it can't freely modify or install system files.

On the other hand, you've got distros like Puppy and Slax that use root by default and are proud of it. Users of such distros generally claim that Linux is secure enough to use in such a fashion on home desktops - even when not using AppArmor or whatever.

(That would actually be a whole other matter, since under AppArmor or SELinux, processes spawned by root wouldn't necessarily have root privileges. But I digress.)

What I'm asking is, what about Linux makes it more secure than Windows even when running as root (if that is actually the case)?

- We know Linux isn't immune to buffer overflows, they happen all the time.
- The idea that simple lack of use makes it more secure is ridiculous, we all know how well "security through obscurity" worked Apple.
- Unlike Windows, Linux doesn't try to hide stuff from the administrator (by default anyway). That's nice, and it can help you find infections, but it doesn't prevent infections.
- Package management is cool and helps you keep your software up to date.. But it does jack against zero-day vulnerabilities. Plus, similar things (like Secunia PSI) exist for Windows.
- Well-written code is good. But not everything running on Linux is well programmed; for that matter, some applications just don't focus strongly on security. Even "secure" programs like Firefox are often riddled with vulnerabilities.

So what is it that you Puppy users know that I don't? What makes you confident that you're not likely to get hacked, even running as root? I'd really like to know...
Back to top
View user's profile Send private message 
gposil


Joined: 06 Apr 2009
Posts: 1305
Location: Stanthorpe (The Granite Belt), QLD, Australia

PostPosted: Mon 03 Aug 2009, 20:57    Post subject:  

Apart from the obvious:

Quote:
Microsoft’s Chief Operating Officer Kevin Turner said today that finally Windows 7 will be more secure than Linux and OS-X.


A few thoughts:

It's much easier to go in to a Linux system and simply shut down the entire windowing system, RPC daemons, and so on - you can get a Linux or BSD based system down to one or two open ports with a minimum of installed packages and still have a very useful system very easily. This probably has more to do with the UNIX heritage as a developer's OS; everything was built to be modular, not overly interconnected. This leads to a much more configurable system where you can simply remove things that are not relevant. I don't think its as easy to harden Windows servers in this way. (in fact it's not easy)

There is one very important reason why Linux and OpenBSD have the potential to be more secure than windows. That is the ability of the operating system to firewall itself from network attacks.

On Windows, incoming network packets have been exposed to significant parts of the operating system long before a windows firewall can reject the packet. On linux, using IPTables or on OpenBSD using PF you can isolate rogue packets much earlier in the process of the OS receiving a new network packet - reducing the exposure.

Linux, like all Open Source, is transparent. Everybody sees the code. There are far more eyes with good intentions looking at the code than those with bad intentions.

Why would you try to exploit a vulnerability (perceived or real) in Unix/Linux when the fix for the flaw spreads faster than a virus... Smile

Just a few thoughts, there are many more....

Cheers

_________________
Dpup Home
Back to top
View user's profile Send private message Visit poster's website MSN Messenger 
gposil


Joined: 06 Apr 2009
Posts: 1305
Location: Stanthorpe (The Granite Belt), QLD, Australia

PostPosted: Mon 03 Aug 2009, 21:11    Post subject:  

Had another couple of thoughts that get to the heart of the matter...

What makes Linux safer than Windows?

1.) The people who use it....

And I guess really the question is spurious, Windows is a homogeneous OS, Linux is not, it's a kernel and each user has the right to change it to suit his/her particular security needs, and as far as Puppy is concerned, with regard to root access...who cares if there are no ports open to exploit from outside...your choice

_________________
Dpup Home
Back to top
View user's profile Send private message Visit poster's website MSN Messenger 
8-bit


Joined: 03 Apr 2007
Posts: 3398
Location: Oregon

PostPosted: Mon 03 Aug 2009, 23:35    Post subject:  

Try this. Do a Web search for Gibson Research Corporation and from their page select Shields UP.
It will run a test to try to access the ports on your PC as well as file sharing and ping.
It will work with Linux (Puppy) as well as Windows.
I tried it with Puppy and the report said all ports were slealth (good), it could not access file sharing, and also could not find a port to connect remotely. It was able to ping my PC and have it answer, And also get a reverse IP address.
Given that info, I was impressed as compared to running Windows and doing the same test.
Back to top
View user's profile Send private message 
Lobster
Official Crustacean


Joined: 04 May 2005
Posts: 15122
Location: Paradox Realm

PostPosted: Tue 04 Aug 2009, 01:19    Post subject:  

Tin hatted penguins

These are the individuals so paranoid they wear tin hats to stop 'the government' controlling their brains.

They sniff out potential exploits even when they are not there.
Meanwhile Microsoft has documented agreements with the NSA to offer backdoors into Windows. It is part of their policy to have exploits.

The only exploit for Puppy that I am aware of is that of rogue javascript that can redirect to spammers sites.

I also use gmail (with its excellent spam reduction) whose servers are open to potential abuse

Cloud computing is being supported by the intelligence community because it is transparent to them. Which means it is also transparent to criminals and corporate spammers.

My last memories of Windows involve a security nightmare, where the very viral like virus protection schemes were being compromised by crackers. In other words they were using the protection schemes updates to run keyloggers and other nasties.

I run from DVD so runnable programs secure from interference. Then I run the Puppy firewall. Job done. Cool

_________________
Puppy WIKI
Back to top
View user's profile Send private message Visit poster's website 
drongo


Joined: 10 Dec 2005
Posts: 354
Location: UK

PostPosted: Tue 04 Aug 2009, 06:44    Post subject: Live-CDs and Root
Subject description: Maybe not so secure now
 

Originally Puppy was a live-CD only. By definition you can't alter stuff on a live-CD - so running as root was never a problem with early Puppies. The situation is now more complex.
You can have a frugal install or a full install. I would guess both of these are potentially vulnerable when running as root.
You can have a multi-session DVD. I would guess this is potentially vulnerable as well.
You can save a session on closedown. Information stored in there is potentially vulnerable.
If you mount USB sticks or hard-drive partitions information on them could be modified.

So, if you use Puppy as a live-CD, don't mount partitions or USB sticks, don't install it to hard-drive and don't use multi-session you're pretty much invulnerable! Doesn't really matter whether you run as root or not. I guess you might be able to pick up some password stealing trojan during your browsing but it would disappear next time you rebooted (of course your passwords could be all over the web by then.)

Since many scripts in Puppy assume you are root changing Puppy to a system with multiple users may not be that easy. It's not as if people haven't tried!
Back to top
View user's profile Send private message 
jamesbond

Joined: 26 Feb 2007
Posts: 2232
Location: The Blue Marble

PostPosted: Tue 04 Aug 2009, 08:05    Post subject:  

While we are on this topic .... please look at this http://www.stoned-vienna.com/
Now that proof-of-concept virus is only Windows only (though it can infect anything from XP to Windows 7 - a duration which spans 8 years).
Please read the technical process of how it infects Windows - and someone please tell me that Linux is not vulnerable. Shocked

_________________
Fatdog64, Slacko and Puppeee user. Puppy user since 2.13.
Contributed Fatdog64 packages thread
Back to top
View user's profile Send private message 
gposil


Joined: 06 Apr 2009
Posts: 1305
Location: Stanthorpe (The Granite Belt), QLD, Australia

PostPosted: Tue 04 Aug 2009, 08:33    Post subject:  

Well...full stand-alone hd installations of Unix/Linux don't use mbr and a linux volume does not even need to be active to be booted, so in the strictest terms this bootkit has no relevance to us. Obviously a read only kernel implementation like Puppy would be even further removed from the scenario.
_________________
Dpup Home
Back to top
View user's profile Send private message Visit poster's website MSN Messenger 
kirk

Joined: 11 Nov 2005
Posts: 1437
Location: florida

PostPosted: Wed 05 Aug 2009, 00:12    Post subject:  

Quote:
The idea that simple lack of use makes it more secure is ridiculous.


Not at all. If I'm the only one using an operating system, it would for that very reason, be quite immune from viruses.


Quote:
What I'm asking is, what about Linux makes it more secure than Windows even when running as root (if that is actually the case)?


Well, there is not a Linux operating system, there's a thousand, I won't speak about all Linux OSs, but for puppy:

*There's no activeX type apps running in the web browser. Ok that goes for all Linux Oss.

*Puppy is intended to be ran with a virtual file system. The system files are really read-only. Running as a non-privileged user protects these files (again which are read-only) and not the users files.

* There's countless viruses for Windows, I'm still looking for one that will infect Puppy, If you can point me to a web site please do, because It's so ridiculously easy to fix/reinstall puppy and I'd like to see how that would work.

* There's countless trojans for Windows. Sure someone could post a pet package with a trojan, but I haven't read about any. All operating systems are vulnerable to trojans, because they tend to be installed by users. If you're installing software and you need to su or sudo to root, or enter the admin password, that's what you do, because you've already decided that the vendor is trust worthy.

Puppy does of course have multiple users. If you install a web server it usually runs as user nobody. In Puppy non-root users can't su to root even if they know the password. You can run the browser as another user if you want.
Back to top
View user's profile Send private message 
ttuuxxx


Joined: 05 May 2007
Posts: 10847
Location: Ontario Canada,Sydney Australia

PostPosted: Wed 05 Aug 2009, 02:01    Post subject:  

Simple go here on your windows machine and then go here with puppy Smile
https://www.securitymetrics.com/portscan.adp
and do a port scan.
ttuuxxx

_________________
http://audio.online-convert.com/ <-- excellent site
http://samples.mplayerhq.hu/A-codecs/ <-- Codec Test Files
http://html5games.com/ <-- excellent HTML5 games Smile
Back to top
View user's profile Send private message Visit poster's website 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11181
Location: Arizona USA

PostPosted: Wed 05 Aug 2009, 11:12    Post subject: Re: Live-CDs and Root
Subject description: Maybe not so secure now
 

drongo wrote:
Originally Puppy was a live-CD only. By definition you can't alter stuff on a live-CD - so running as root was never a problem with early Puppies.

Multisession Puppy is basically a live CD or DVD, with the settings and changes to the base OS saved in sessions on the CD or DVD. Barry has provided a boot option for multisession Puppy to ignore the last n sessions, for instance where malware may have been saved, at boot. After booting, Puppy can mount the DVD and the blacklisted sessions can be safely inspected for malware. Since nothing can be erased from a multisession DVD, malware has no way to erase its tracks or even do any damage. AFAIK, no other way of running Puppy offers this forensic capability.
Back to top
View user's profile Send private message 
drongo


Joined: 10 Dec 2005
Posts: 354
Location: UK

PostPosted: Wed 05 Aug 2009, 13:14    Post subject: Honeypot puppy?
Subject description: New use for multisession
 

Flash,

I think I knew that but the implications for forensic analysis had never sunk in before. Would a honeypot puppy be of use to anybody?

I had always thought that the best use for multisession would be an audit trail. If you were writing a book or doing some complex coding you could always roll back to a previous version.

So are you still the only person using multi-session?

Very Happy
Back to top
View user's profile Send private message 
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11181
Location: Arizona USA

PostPosted: Wed 05 Aug 2009, 16:34    Post subject:  

I have no idea how many other people use multisession. I can't believe I'm the only one.

I've heard of malware that encrypts everything on your hard disk, leaves a note about where you can buy the encryption key, then deletes itself. Since everything in multisession Puppy happens in RAM, the executable itself might not necessarily have been saved on the DVD to be played with. In any case, it could not encrypt anything that had already been saved to the multisession DVD, so you'd only lose what was in RAM.

I've also heard of a program that supposedly puts kiddie porn on your hard disk drive, somewhere you can't find it, then threatens to call the cops on you if you don't pay a ransom. I don't know if it can really do that. The ransom note could be only a bluff to gouge the gullible. Still, since multisession runs entirely in RAM, all you'd have to do to erase anything like that would be to turn off the computer without saving anything.

AFAIK, these programs only infect Windows at the moment, but there is nothing to keep the a**hole* who write them from trying to port them to Linux. If they do, multisession Puppy would be a tough nut for them to crack.
Back to top
View user's profile Send private message 
linuxcbon

Joined: 09 Aug 2007
Posts: 799

PostPosted: Wed 05 Aug 2009, 17:40    Post subject:  

Quote:
an infected website hacks your browser, it will have a harder time installing a rootkit or trojan :

very unlikely
with firefox because secure
and with linux because few trojans or rootkits exist for it.
Back to top
View user's profile Send private message 
droope


Joined: 31 Jul 2008
Posts: 814
Location: Uruguay, Mercedes

PostPosted: Wed 05 Aug 2009, 20:01    Post subject:  

Hi.

Avast provides free antivirus protection for Linux.

http://www.avast.com/eng/avast-for-linux-workstation.html

Never tried it. Avast on windows does a pretty good job.

Cheers!
Droope

_________________
What seems hard is actually easy, while what looks like impossible is in fact hard.

“Hard things take time to do. Impossible things take a little longer.” –Percy Cerutty

Mi blog (Spanish)
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 7 [99 Posts]   Goto page: 1, 2, 3, 4, 5, 6, 7 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1055s ][ Queries: 12 (0.0060s) ][ GZIP on ]