Linked by Igor Ljubuncic on Mon 21st Jun 2010 09:35 UTC
Privacy, Security, Encryption I've bored the readers of my personal website to death with two rather prosaic articles debating the Linux security model, in direct relation to Windows and associated claims of wondrous infections and lacks thereof. However, I haven't yet discussed even a single program that you can use on your Linux machine to gauge your security. For my inaugural article for OSNews, I'll leave the conceptual stuff behind, and focus on specific vectors of security, within the world of reason and moderation that I've created and show you how you can bolster a healthy strategy with some tactical polish, namely software.
Permalink for comment 430920
To read all comments associated with this story, please click here.
RE: Don't need anti-virus?
by ssokolow on Mon 21st Jun 2010 15:44 UTC in reply to "Don't need anti-virus?"
ssokolow
Member since:
2010-01-21

You guys forget that security features don't exist in a vacuum and I'm not sure you realize how much Linux does to mitigate the user being the weak link.

4. By default files aren't executable

In combination with things like a lack of embedded program icons, not hiding file extensions and, for Nautilus users, extension-header mismatch warnings, this works to prevent "Cool picture!.jpg.exe"-style exploits.

I vaguely remember the devs recognizing a hole in this protection relating to .desktop files about a year ago and rushing to close it.

5. Diversity

Ubuntu may be approaching "single-target" popularity, but I suspect the presence of Kubuntu, Xubuntu, and Lubuntu will prevent it from ever having that problem as badly as Windows or MacOS could.

6. People will see vulnerabilities in open-source code.

While this is somewhat optimistic, open-source does have a deterrent effect on bundled malware and, more importantly, it means that features like stack-smashing protection, NX-bit buffer overflow security (A.K.A. Hardware DEP), and the like can be easily phased in by adding the userspace changes to the compiler.

For example, on Windows, last I checked, Hardware DEP was still an opt-in thing in the default configuration to ensure backwards-compatibility with older software. On 64-bit Linux (and 32-bit distros which don't need to ensure no on-boot freezes on Pentium Pro), GCC has been appropriately setting the DEP opt-out flag in ELF headers for years. (nested functions, JIT compilers, and so on require the ability to dynamically build code and then execute it)

Here are some of the other things I didn't see mentioned:

1. Linux vendors have a better track record than Microsoft for patching vulnerabilities quickly. (Is Microsoft still equating their confirmed exploits to Linux potential vulnerabilities and ignoring the Security/Crash/Bug/Annoyance flags to pad the numbers? I know they used to do that)

2. Without root access, malicious programs can't remove themselves from the list of running, killable processes, interfere with syslog, etc. Last I checked, Windows was still struggling to virtualize all the admin-level access that older programs expected to have.

3. On Linux, because privilege separation was around from the start, the number of escalation dialogs users see is significantly smaller than on Windows (partly because of the batching of package installs) so users are less likely to get in the habit of just clicking OK without reading them.

Also, the presence of user accounts from the beginning means families which give different people different accounts are less likely to run into rough edges or to end up depending on apps which implement their own user profile systems. (Which means that you can have users who don't know any better (eg. kids) but don't have the admin password or access to mommy and daddy's files)

4. Linux media players aren't vulnerable to the "Use Windows Media Player and get tricked into visiting a malicious DRM auth site" vulnerabilities I see every now and then. Any automatically-offered codecs come from the same signed repository farm as the OS.

5. Linux provides many APIs for implementing drivers in userspace (libusb, CUPS, FUSE, CUSE, etc.) minimizing the amount of potentially vulnerable code that runs in kernel space. (Especially important since, video aside, the main remaining things which don't use a standard OS-bundled driver seem to be USB doodads and printers)

5. Linux provides no hooks for programs to steal file associations, which removes the need for 90% of those buggy, tray-resident "agents". (Especially when combined with the general preference for minimizing wheel-reinvention (outside the world of Linux audio))

Reply Parent Score: 3