oss-sec mailing list archives
Re: major changes if gnu/linux dominates the desktop and/or mobile market?
From: Eli Schwartz <eschwartz () archlinux org>
Date: Mon, 5 Oct 2020 19:30:22 -0400
On 10/5/20 8:02 AM, Georgi Guninski wrote:
Disclaimer: I am not watching the security theatre closely, so this is likely trivial. Are there major security changes needed if gnu/linux dominates the desktop and/or mobile phone markets? Remarks: 1. there was android malware on google play
There was malware everywhere, no software source AFAIK has ever been fully immune. Some are rarer than others. Linux desktop distributions have one advantage in that they are *curated* by a small handful of trusted individuals, who collect popular programs, vet them, and provide trusted binaries. We know exactly what source code goes into distro packages, we can audit this source code and check PGP signatures from upstream authors, and due to https://reproducible-builds.org/ we can double-check the supply chain and verify the maintainer didn't go rogue and fiddle with the source code before releasing packages, or their compiler wasn't backdoored. Your chances of installing outright malware are pretty low on GNU/Linux desktop systems, or on mobile if those desktop systems spread to the mobile market. Assuming you stick with official, vetted software sources. Once you start downloading random github binaries, or snaps/flatpaks, or `npm install theworld`, you've devolved to the level of smartphone appstores where it is mostly just automated analysis of millions of user submissions, and malware can easily slip by. Even on desktop systems with vetted supply chains, you have more to worry about than merely malware. Any software that random users can interact with e.g. over the network can have vulnerabilities, which is arguably what most of the interesting security issues are about. No vetting can save you from that. On the other hand, avoiding GNU/Linux won't save you from that either -- all software suffers from this, Windows has *many* problems with this too. So I don't believe there are going to be any major changes here. Locking down systems vulnerable to external input that triggers bugs, finding those bugs and fixing them, preventing them from causing too much damage, is and has been a problem on every OS.
2. ad-free and free as in beer android games are hard to find for us
I'm not sure what this has to do with security???
3. we are pissed off by browsers accessing the microphone or camera (seen in the wild)
Nominally speaking, on smartphones this should be stopped by permission models, unless of course people impatiently click to permit everything. Desktop browsers have their own permission dialogs for this. Generic desktop programs designed for accessing your camera still kind of assume the only permission they need is the trust you provide by installing and running the program. Vetted linux distro repositories make it unlikely these programs are intentionally spying on you, especially when you choose when to start them.
4. reading $HOME might reveal more interesting stuff than root reading /etc/ (on debian 10 /home/loser is 755 and the default umask is 0022)
And reading C:\Users might reveal more interesting stuff than HKEY_LOCAL_MACHINE; individual android app settings or your downloads folder might reveal more interesting stuff than defeating Samsung Knox. This has always been the case, and always will be. It's still advantageous to prevent compromising the entire OS, because that prevents malware from hiding its activities, installing more malware that persists across reboots, or spreading its reach to other programs. But, of course you need to protect yourself from malware running as the local user too. Vet the sources of your software, or let a distro team do the vetting for you, and most issues will be completely avoided. Don't visit shady sites in your browser, use tools like https://noscript.net/ to prevent completely untrusted and usually suspicious executable code running in your browser (otherwise known as javascript). These are things you could do on any OS. ... There are explorations in sandboxing and confining expected-trusted programs to prevent vulnerabilities from being usable by attackers, and this may take the form of seccomp, bubblewrap, etc. flatpak tries to provide a GUI appstore for popular applications in sandboxes, with permission models for allowing resources into the sandbox, e.g XDG Desktop Portal to broker access to files from the host system through a trusted agent. Though my understanding is in order to be (conveniently?) usable, programs end up in practice needing to be granted access to the entire host filesystem and therefore aren't really isolated after all. Not entirely dissimilar to the situation on smartphones ;) where every application's manifest tries to grab every permission it can, and declares most of them as so vital the program won't even run without those permissions. Apparently both giving power to the user *and* preventing software from running rogue, is indeed hard. -- Eli Schwartz Arch Linux Bug Wrangler and Trusted User
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- Re: major changes if gnu/linux dominates the desktop and/or mobile market?, (continued)
- Re: major changes if gnu/linux dominates the desktop and/or mobile market? Steve Grubb (Oct 05)
- Re: major changes if gnu/linux dominates the desktop and/or mobile market? Simon McVittie (Oct 06)
- Re: major changes if gnu/linux dominates the desktop and/or mobile market? Steve Grubb (Oct 06)
- Re: major changes if gnu/linux dominates the desktop and/or mobile market? Steve Grubb (Oct 05)
- Re: major changes if gnu/linux dominates the desktop and/or mobile market? Stephen John Smoogen (Oct 06)
- Re: major changes if gnu/linux dominates the desktop and/or mobile market? Grant Taylor (Oct 06)
- Re: major changes if gnu/linux dominates the desktop and/or mobile market? Solar Designer (Oct 19)
- Re: major changes if gnu/linux dominates the desktop and/or mobile market? Ian Zimmerman (Oct 19)
- Re: major changes if gnu/linux dominates the desktop and/or mobile market? Simon McVittie (Oct 19)
- Re: major changes if gnu/linux dominates the desktop and/or mobile market? Daniel Sprouse (Oct 06)
- Re: major changes if gnu/linux dominates the desktop and/or mobile market? Michael Ellerman (Oct 06)
- Re: major changes if gnu/linux dominates the desktop and/or mobile market? Simon McVittie (Oct 06)