| |||||||||||||
Security quotes of the weekSecurity quotes of the weekPosted Jun 5, 2012 0:18 UTC (Tue) by vonbrand (subscriber, #4458)In reply to: Security quotes of the week by hummassa Parent article: Security quotes of the week
>> And the fact that Windows 7 is vulnerable is relevant for Linux/Unix security because... > ... it is/was/can be a POSIX system? Nobody sane uses the POSIX system on Windows. And again, whether the POSIX system of Windows 7 is easy to subvert has next to no bearing on Linux' security > ... it is widely used in desktops and in servers? Again, if Windows 7 is widely used (or not) has no relation whatsoever to Linux' security. > ... in this discussion, people keep bringing "you cannot trust Linux with your data" when, in reality, you cannot trust any OS with your data because there is no such thing as a secure multiuser system? Sure, if we accept that there are no secure multiuser systems then Linux isn't secure. But that begs the question. > ... my example "privilege escalation Windows 7" could have been "privilege escalation OSX" or "privilege escalation Linux" or even "privilege escalation OpenBSD" and the results would have been analogous? Sorry, it isn't enough to ask people to go looking on Google for random problems to prove your point. If you do have a recent example of a way to leverage non-privileged user shell access to root on a reasonably installed (for example, default configuration for a development station on an up to date(ish) mainline distribution, no "disable SELinux" nor "install random junk"), I'd listen. But only given enough details to repeat the feat. And the OpenBSD folks will sure be very interested if you pull it off on their system. Extraordinary claims require extraordinary proof. > Enough? Sorry, not by a long shot.
(Log in to post comments)
Security quotes of the week Posted Jun 5, 2012 1:53 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]
>Sorry, it isn't enough to ask people to go looking on Google for random problems to prove your point. If you do have a recent example of a way to leverage non-privileged user shell access to root on a reasonably installed (for example, default configuration for a development station on an up to date(ish) mainline distribution, no "disable SELinux" nor "install random junk")
You must be very naive. There is at least one local Linux rootxploit every year, sometimes more often. Right now, no _public_ exploits exist that I'm aware of. But I'm absolutely certain that there are non-public exploits.
Here is the most recent one: http://blog.zx2c4.com/749 (I'd tried it on my box when it came out - it worked).
Security quotes of the week Posted Jun 5, 2012 2:04 UTC (Tue) by dlang (✭ supporter ✭, #313) [Link]
harping on how insecure linux is implies that if you only avoid using linux, you will be safer.
the reality is that every OS has problems at some point. I don't think that anyone disputes that.
however there are systems that are less secure than others. OpenBSD is one of the better ones (assuming you can actually live with the small feature set supplied)
even in linux distros, there is a wide variety of default security (depending on what is installed), and just about any desktop distro is going to have more vulnerabilities than the server distros. This is in part due to the fact that desktop developers tend to worry less about security, but mostly due to the fact that there is just less stuff installed on the system.
Security quotes of the week Posted Jun 5, 2012 2:16 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]
No, harping on how "general shell Linux access equals root" means that if you try to avoid giving malicious code shell access then you'd be safer.
I.e. "sandboxes are vital, not just a good idea".
>however there are systems that are less secure than others.
I'd even argue that Windows with a recent antivirus is more secure than Linux.
>OpenBSD is one of the better ones (assuming you can actually live with the small feature set supplied)
Security quotes of the week Posted Jun 5, 2012 2:27 UTC (Tue) by dlang (✭ supporter ✭, #313) [Link]
sorry, you can't have it both ways.
you can't both disagree with the statement that some systems are more secure than others, and then say that Windows with current AV is more secure than Linux.
Security quotes of the week Posted Jun 5, 2012 17:18 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]
Well, I can.
No widely-used operating system is secure (well, maybe OS on XBox360 is an exception). All of them are guaranteed to have unpatched exploitable holes.
However, if we treat security as a continuum then Windows with an antivirus is more secure simply because more layers of security.
Right now once a program gets root access on Linux - it's game over. It can do whatever it pleases with the kernel and the system. Antivirus programs on Windows at least try to defend system from such attacks and working around them is definitely not trivial or simple.
Security quotes of the week Posted Jun 5, 2012 17:32 UTC (Tue) by dgm (subscriber, #49227) [Link]
> Windows with an antivirus is more secure simply because more layers of security.
Isn't your theory in glaring contradiction with reality?
Security quotes of the week Posted Jun 5, 2012 17:58 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]
Not really. Linux is simply not targeted yet. And where it's targeted (Android) it behaves like a leaky sieve.
BTW, WinPhone is the only non-jailbroken mobile OS so far.
Security quotes of the week Posted Jun 5, 2012 18:16 UTC (Tue) by hummassa (subscriber, #307) [Link]
> BTW, WinPhone is the only non-jailbroken mobile OS so far.
"Windows Phone 7 unlocker released to side-load applications"
(from Nov 2010)
LOL.
Security quotes of the week Posted Jun 5, 2012 18:23 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]
And? Care to actually read your article?
You can sideload apps using an _officially_ _sanctioned_ _mechanism_ ( http://arstechnica.com/information-technology/2011/11/why... ), but you can't get root access using it.
I.e. no jailbreak. Microsoft thinks about security very seriously, unlike certain Linux developers and vendors.
Security quotes of the week Posted Jun 5, 2012 18:32 UTC (Tue) by hummassa (subscriber, #307) [Link]
The default user already has administrative access to the machine! This is the exact definition of jailbreak... If I can read and write any files and I can read and write all registry keys, what else do you want? You have full, root, control of the machine... There is no jail!
> Microsoft thinks about security very seriously, unlike certain Linux developers and vendors.
Now I will have to think you are just trolling me. Are you? Sorry I have fallen for it.
Security quotes of the week Posted Jun 5, 2012 19:00 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]
>The default user already has administrative access to the machine!
Not on Windows Phones.
You can access only public API accessible from C#, but nothing more. You can't run arbitrary native code or tinker with raw devices. Oh, and Microsoft can remotely uninstall any of your side-loaded programs.
>Now I will have to think you are just trolling me. Are you? Sorry I have fallen for it.
Linux proponents should look around more often.
Security quotes of the week Posted Jun 5, 2012 19:22 UTC (Tue) by hummassa (subscriber, #307) [Link]
> You can access only public API accessible from C#, but nothing more. You can't run arbitrary native code or tinker with raw devices. Oh, and Microsoft can remotely uninstall any of your side-loaded programs.
If you are not kidding, then you really drank too much kool-aid.
http://www.wp7roottools.com/index.php/guides/native-code
(how to make your app access native-code and bypass policy on mango)
Let me try to explain it to you: what you are proposing (total lockdown) is virtually impossible in an environment so "tinkerable" as the one you'll find in a general purpose computing device.
And a smartphone is a general purpose computing device.
On Windows, every successful malware of the last ten years knew how to disable antivirus protection before trying to infect the machine. And they all do that with administrative privileges on.
There is no 100% locked-down Windows, not even in the Xbox or on Windows Phones. They all have been unlocked, and the time to unlock a new version is still on the league of a couple of months of pouding by a loose team of volunteers (in opposition to, for instance, a nicely-paid and focused team of Uncle Sam's employees)
There is no 100% locked-down OpenBSD.
There is no 100% locked-down Linux.
Does this mean we should give up? No. We should try to plug all the holes. But because (1) the system is not programmed in an overflow-safe language (buffers and integers), (2) the system is not programmed in a security-correctness-proofing way like seL4 [*], and (3) we don't have the manpower or the right tools right now to do (1) and (2), we have to make compromises.
Security quotes of the week Posted Jun 5, 2012 19:49 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]
Can you actually read what you post?
All unlock methods require developer access, which is granted on per-device basis and is available only on unlocked devices. Basically, on devices where Microsoft allowed it to work.
There's no 'jailbreak' in the sense of iPhone jailbreaks where a bug somewhere in iOS is exploited to gain root access.
>Q: I've a Lumia 800 or 710 can I Interop-Unlock it?
>There is no 100% locked-down Windows, not even in the Xbox or on Windows Phones.
Security quotes of the week Posted Jun 5, 2012 19:53 UTC (Tue) by hummassa (subscriber, #307) [Link]
> XBox 360 is also unhackable. It's unlikely to be hacked before its useful market life ends.
Just told you, it has already been hacked. The thing is there, on top of the table, running sideloaded games AND connected to Microsoft Live or whatever.
Security quotes of the week Posted Jun 5, 2012 20:03 UTC (Tue) by jimparis (subscriber, #38647) [Link]
> XBox 360 is also unhackable. It's unlikely to be hacked before its useful market life ends.
Do you mean "hacked again"? Because it was already hacked once. If you never really change a platform but just keep plugging the security holes as they become publicized, then sure, eventually you'll have plugged most of them.
http://www.securityfocus.com/archive/1/461489
Security quotes of the week Posted Jun 5, 2012 22:22 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]
It was hacked only using JTAG (hardware debug interface), not via software hacks.
Ok, I stand corrected - it might be possible to hack XBox with hardware access enabled.
However, recent WP phones are still not hacked. MS's protection seems to be working.
Security quotes of the week Posted Jun 5, 2012 22:47 UTC (Tue) by jimparis (subscriber, #38647) [Link]
> It was hacked only using JTAG (hardware debug interface), not via software hacks.
That's just not true. Please, read the links.
The "King Kong exploit" utilized the ability to read/write arbitrary system memory using shaders on the GPU. This is done by modifying the unsigned shaders on a King Kong game demo. It does require that you modify the firmware on your 360's DVD-drive to be able to run a burned disc, but it's just a SATA drive and modifying firmware involves plugging into a PC and running an updater.
From there, it's purely software to exploit a software hole in the hypervisor's system call interface and gain full access.
Security quotes of the week Posted Jun 5, 2012 18:29 UTC (Tue) by hummassa (subscriber, #307) [Link]
"How to sideload apps onto WindowsPhone/Lumia devices"
https://www.youtube.com/watch?v=1Txv6ldiNqo
"OpenBSD privilege escalation"
And yes, my PS3 has "the best of both worlds" in it, thanks to carefully-planed updates.
And XboXers apparently can sideload apps too...
Oh man.
Security quotes of the week Posted Jun 5, 2012 19:05 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]
Guys, I've actually taken time to research the facts that I claim.
>"How to sideload apps onto WindowsPhone/Lumia devices"
>"OpenBSD privilege escalation"
>And yes, my PS3 has "the best of both worlds" in it, thanks to carefully-planed updates.
>And XboXers apparently can sideload apps too...
Typical.
Security quotes of the week Posted Jun 5, 2012 19:42 UTC (Tue) by hummassa (subscriber, #307) [Link]
>>And XboXers apparently can sideload apps too...
> Are you simply showing me results of "WP7 jailbreak" from Google search without even bothering to actually read it?
> Typical.
Why would WP7 and Xbox be related?
Anyway, none of your arguments for the safety of one or other held. People sideload their WP7/Mango phones with Native/ARM apps and they unlock and sideload programs on their Xboxes every single day (I just confirmed with an Xboxer coworker, and he explained to me that he has a ton of sideloaded games and his Microsoft Live account -- or whatever it's called these days works perfectly).
I'll try the http://www.wp7roottools.com/ SDK later today in my wife's Lumia, but I have few doubts that it'll just work also.
The only "typical" thing here is that you are putting your hands in your ears and singing "lalala" while people are trying to converse with you. You seem to want to believe so much that rootkits for windows+antivirus or for wp7 or for xbox do not exist that even when I show them to you, you cannot see. You even made the preposterous affirmative that "microsoft cares deeply for security" when the company's record with security issues is the worse possible -- they even make vulnerabilities linger for YEARS until they plug them.
Security quotes of the week Posted Jun 6, 2012 21:38 UTC (Wed) by hummassa (subscriber, #307) [Link]
> I'll try the http://www.wp7roottools.com/ SDK later today in my wife's Lumia, but I have few doubts that it'll just work also.
This surprisingly did not work, but on a Samsung Omnia 7 I did a "full unlock" and ran successfully wp7 root tools, which allowed me to read and write any file or registry key. Apparently, the so called "full unlock" is yet to come to Lumias, but progress has been made.
Security quotes of the week Posted Jun 5, 2012 19:55 UTC (Tue) by vonbrand (subscriber, #4458) [Link] Please explain how "any user can get root by officially sanctioned means" is any different from a security perspective than "a user can get root because of a stupid (or otherwise) programming/default setup/configuration mistake." If any, the former is much, much worse (because it probably won't be fixed, ever) than the later. Considering there is roughly a privilege escalation bug a year for Linux (as you claim), many of which were historically exploitable only when using a non-default setup, some weird hardware, or would have been masked by reasonably run-of-the-mill configuration, bugs that are normally fixed in a matter of days; makes your claims look like trying to start a full-blown hurricane in a teapot.
Security quotes of the week Posted Jun 5, 2012 20:04 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]
Because you need to get a developer key from Microsoft. And this key is linked to your device - you can't just give it to anybody else.
>Considering there is roughly a privilege escalation bug a year for Linux (as you claim)
>many of which were historically exploitable only when using a non-default setup, some weird hardware, or would have been masked by reasonably run-of-the-mill configuration, bugs that are normally fixed in a matter of days; makes your claims look like trying to start a full-blown hurricane in a teapot.
Security quotes of the week Posted Jun 5, 2012 18:13 UTC (Tue) by hummassa (subscriber, #307) [Link]
> Antivirus programs on Windows at least try to defend system from such attacks and working around them is definitely not trivial or simple.
LOL.
Security quotes of the week Posted Jun 5, 2012 19:05 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]
Care to expound?
Security quotes of the week Posted Jun 5, 2012 19:25 UTC (Tue) by hummassa (subscriber, #307) [Link]
Repeating the other thing there: every successful exploit on windows disables antivirus first thing after acquiring administrative privileges, right before installing the payload.
Security quotes of the week Posted Jun 5, 2012 19:55 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]
"Disable antivirus"? Which one and how?
It's not a simple task. And exploiting the kernel is only the first part of it. Next you need to somehow isolate antivirus-installed hooks without tripping them and leave the system working.
Most malware actually doesn't try to do this. Instead it tries to stay quiet and do not trip any antivirus detection heuristics.
Security quotes of the week Posted Jun 5, 2012 20:30 UTC (Tue) by hummassa (subscriber, #307) [Link]
All of them. How many executable names for antivirus programs do you think there are? Interate ten to twenty of those, kill any running processes with those names, and you have disabled protection in 99% of the cases. At that point in the infection (just exploited root hole, nothing was written to disk yet) it's quite trivial.
Security quotes of the week Posted Jun 5, 2012 22:32 UTC (Tue) by Cyberax (✭ supporter ✭, #52523) [Link]
Try it. Really, go on and try it with Kaspersky antivirus. Nothing will happen - you won't be able to kill antivirus' process. It's protected on the kernel mode level.
It also sets a lot of hooks and tries to monitor self-integrity, so even if you try to kill it by patching kernel process table or in any other obvious way - you'll simply trigger these hooks and either initiate a self-healing attempt or create a BSOD. It's possible to work around them, of course, but decidedly non-trivial. Even Flame malware doesn't try to do it - it simply stays under the radar.
|
|||||||||||||