Re: This is quite interesting

@Telengard

My apologies for editing your thread. It wasn't intentional and I wasn't aware of that I had clicked "Modify" instead of "Quote" (which I have accidentally done a couple times in the past), and then saved and went on to other topics.

How could I have done that? Because I have a defect in the muscles of my left eye that causes a form of Strabismus, for which I have had two surgeries. The first was about 40 years ago and the second was ten years ago, after the affects of the first surgery wore off. I have noticed in the last couple years that my problem with image shifts has returned, especially when my eyes are tired.

My eye problems have given me all kinds of grief and this is just another example.
GG

Re: This is quite interesting

Smells like backpedaling to me. You edited his post and didn't notice because you were cross eyed? So you don't look at your post after you submit it?

I'm not buying it.

Re: This is quite interesting

It is easy enough to do anything you wish on a Linux box IF you have physical access to it, as opposed to trying to do something remotely or by putative security holes.

No, I haven't, and Yes, you can, at least down to the hardware level. But, there is nothing anyone can do about microcode running in the firmware in the CPU, except not use a computer. Most computers are made in China now, aren't they? How safe does that make you feel, especially if China starts shooting at you and suddenly all your computers mysteriously die. How secure does that make you feel, despite all you know about security? Sometimes, even being "fully aware" of security is no help at all.

At the software level the Thompson demonstrated how how he "injected a virus into a compiler." Not only did his compiler know it was compiling the login function and inject a backdoor, but it also knew when it was compiling itself and injected the backdoor generator into the compiler it was creating. The source code for the compiler thereafter contains no evidence of either virus. This kind of KenThompsonHack was discovered about a year ago in the Delphi compilers, versions 4 through 7.

Ken wrote, "In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect. A well installed microcode bug will be almost impossible to detect."

As the c2.com wiki continues, "Ken does not mean bug in the sense of error, but in the sense of listening device. And it is "almost" impossible to detect because "TheKenThompsonHack" easily propagates into the binaries of all the inspectors, debuggers, disassemblers, and dumpers a programmer would use to try to detect it. And defeats them. Unless you're coding in binary, or you're using tools compiled before the KTH was installed, you simply have no access to an uncompromised tool. In fact, given the amenability of microcode to the KTH, not even then."


But, we are discussing the level of insecurity created at the application level by mere mortals. I know of more folks running Linux than just the those whose installations I support. I am "face-to-face" with hundreds of Linux users in various forums, blogs, lists, etc... daily. Like most Linux enthusiasts I keep current on Linux news, especially news of Linux holes. It's not hard to do. Compromises of Linux machines are so UNCOMMON that even a one-off event, like the occasional tar ball replacement on some poorly administered back-water project server, makes headlines precisely because such events are so uncommon. The possibility of hacked code making it past the gate keepers into Kubuntu's repository or the PPA's, for example, are even more unlikely. The hacker would have to crack and modify the signature encryption, which is itself protected, to do so.

IF Linux boxes were as susceptible as Windows fanbois would have us believe I would have to ask "Where is the beef?". Where are the masses of Linux boxes that have been infected in droves from drive-by web shootings, ssh attacks, or infected email attachments, or infected *.desktop files? Even one such massive event would make the headlines in Microsoft's "Highly Reliable Times", to say nothing of ZDNet, eWeek or PCMag. IF the only reason why Linux isn't as infected as Windows is merely one of market share then, since the Linux desktop market share is over 10% (according to Steve Ballmer), one would expect that there should be AT LEAST 200,000 active Linux viruses and Trojans floating around the Internet during the last year alone! In fact, the number of effective Linux exploits found in the wild over the last 15 years is around a dozen or so. By "effective" I mean a malware which is "not easily removed", more potent than "weak" and found on more than "two or fewer sites". The most massive Linux infection was caused around 2002 by a form of the Slapper virus which infected around 25,000 computers over a two week period in Eastern Europe which were running bootleg copies of a commercial Linux which mimicked Windows so thoroughly that users were installed and running as root. It was during a time when CodeRed infected over 1M Windows boxes in 24 hours. Yes, I know that Symantec has several hundred Linux infective agents listed, but if you drill down on most of those you will find that they are "cross platform" Windows jpeg viruses which have long existed but recently had "linux" added to their names. That switch took place around 2005.

The largest Linux botnet ever found was discovered last fall. It had a total of 770 Linux zombies in it and it took the hackers about 180 days of manually breaking into and capturing Linux boxes to create it. The first one found, during the same period, was only 100 bots, and it was created using "The Slow Brutes" weak password dictionary attack over a period of several months, from April to October. IF breaking into Linux boxes is so easy, or as easy as breaking into Windows boxes, why does it take so long to create so few zombies? Because it is NOT easy. And, because MOST Linux users don't have to pay for (and thus neglect to keep current) their "AV" protection. Updates and security patches are free and automatic downloads and installations, so the vast majority of Linux holes are fixed within hours, or a couple days at most. Security holes have been found in about every component of Linux, from the kernel to the C compiler to the least significant app. My Windows installations had security updates automatically delivered. It isn't about the holes, it is about how quickly they are discovered, patched and installations updated.

The average Windows bot farm contains 20,000 Windows boxes. The largest Windows bot farm contained over 1,200,000 zombies. Even Windows boxes with up to date AV subscriptions are susceptible because of the time lag between the release of a virus or Trojan, its discovery by a security team, the announcement by Microsoft of the hole, the creation of a vaccine, and the dissemination of that DAT file to the AV subscribers. The LARGEST time gap in that sequence of events is between the time the bug is reported to Microsoft and the time Microsoft announces the bug and patch. Some holes are never announced and never patched.

I am running a standard Kubuntu 10.4 installation with no special security enhancements. Here is my IP address: 24.223.246.44. You have my permission to have a go at it. If, as you claim, a Linux desktop is as weak and easy as Windows is, it should be easy for you.

Re: This is quite interesting

I'm not selling it.

Previewing usually doesn't show all the post in one window and doesn't highlight the quotes in different colored background, nor does it the buttons and most other header information.

Eight months ago:
http://kubuntuforums.net/forums/inde...5706#msg205706

I made a simple mistake. What advantage would it be to me to modify someone elses post?
Why all the hostility?

Re: This is quite interesting

I accept your apology and sincerely hope that this unfortunate incident has not damaged the good will between users I've come to expect here at KFN.

I too suffer from the symptoms of age and injury in that my hands tremble to such a degree that I sometimes click accidentally where I should not. Please accept condolences for your health problems. My unprofessional advice to you is to avoid stimulants, take daily exercise and get plenty of rest. Walk away from the terminal and rest your eyes. You need to take better care of yourself at your age.

@everyone
I have done my best to clean up the thread so that it does not go off topic, but I can not edit other users' posts. I would appreciate it very much if all discussion of the post editing incident be dropped from the thread. It seems very clear to me that GreyGeek made an honest mistake by clicking the wrong button. I have accepted his apology and explanation, so please let's have no further ill will over this unfortunate accident.

I offer my humble apology to all readers of this thread because it became so messy. My sincere wish is that discussion will continue productively without diverging further from the original topic.

Telengard

Re: This is quite interesting

There is no hostility, I just know that you will do anything to fluff yourself up. Bend the truth, edit someone elses post, whatever. You got caught and to cover your rear you played the old card. Forgive me for being skeptical, but I have seen your work here in the forum and don't for a second think that you did it by "accident".

Re: This is quite interesting

In some cases, yes you (or your code) needs "physical" access. This can be gained many ways including remotely if you can find a way to remotely overflow memory and pass a binary to execute. This wasn't your argument though, your argument was that your code needed to be executable which I have proven false.

I just gave you an example, why did you choose to ignore it? I didn't say anything about firmware, are you deflecting or do you not understand what I said? You make a great point about China and cyber terrorism, however it is unrelated to the topic you are replying to. Being aware of security does make you aware of things such as this. In fact, I am aware of some un-named entities that do not use equipment from China for this very reason.

Thank you for making my point for me.

What is your source for Linux "holes" then? I have a few you obviously aren't following.

Let me share a couple of examples:
Note that those are all published exploits so I won't link you to them, you understand I'm sure.

Are you seriously going to bring up Microsoft yet again?

So you imply that just because it isn't happening in the public eye we should pretend that it can't or isn't possible. Lets set the root password to blank and open root to SSH while we are at it. The last active backdoor found in published code existed for over 1/2 a year before it was stumbled upon. I am pretty sure that it is not the only one that exists today.

I have already debunked this fabrication.

Why would there be 200,000? I don't think there are enough Windows users that care about Linux enough to learn how to exploit it honestly. Your commentary though gives several examples of the drooling I hate Microsoft mentality that leads to development of viruses for that platform. I love how you quote the number of Linux exploits as around 12 over the last 15 years. I count almost that many just this month.

The keyword here is "discovered". Are you implying that we shouldn't take steps to help reduce the risk? Do you even understand risk?

I never said it was easy, I only said it was possible. Here you are bending my words to try to prove your point again.

This is a pretty good point, when discovered they are fixed quickly. How many remain underground? You don't see the big picture. You refuse to let go of your stigma that Linux can't be attacked even though it isn't true. You are doing a great disservice as a moderator posting this nonsense.

Who cares about how many viruses Windows has, this isn't a thread about OMG M$ HAS VIRII!!!1!. You have the same problem with Linux, some holes are never announced (because they are unknown to the maintainers) and never patched (saved for exploitation by people that would use it for personal gain).

I have no interest in connecting to your computer. I never said anything was as weak or easy as Windows, your imagination did.

Re: This is quite interesting

Well, you got two out of three. In my case I am quite sure that I am safe. Yes, I am an idiot. But it is likely that you are not safe.

I don't know what people keep on their computers that could be stolen, that 's pretty strange to me. I suppose there is stuff like credit card information, but in my opinion that isn't something you should be putting in a place like that anyway.

Again, I think there is a cultural component here. I fully respect that people like to do things their own way. In fact I wish more people would do so. This whole thread would likely not even be possible if that was the case. So, I disagree with frequent updates. I have experienced a lot of degradation of programs and operating systems which has occurred because of updates. I could make a real rant out of that. It is only my belief in FOSS that lets me tolerate it. In fact my FF is really irritatingly unstable since the last "upgrade".

This house always has at least 5 machines online 24/7 and vulnerabilities have never effected us. I'm sure that a lot of security concious people wish that I would have a problem, but I apologise - I don't. Particularly interesting in this regard is that one of the online machines is running MS-DOS. The three files that meake up the OS have not been updated since 1994 and that is the machine on which I would put credit card information should I want to keep that on a computer.

Re: This is quite interesting

MMM... I wouldn't because their vulnerabilities would be well known for a hacker or cracker due to the fact that they could start hacking computers that just had MSDOS installed on them.

Re: This is quite interesting

Hehe, well that's the point.There are no known "vulnerabilities". There are only three small files and the rest is user space. However, in this case it's not really a matter of obscurity but networking style. Like I hinted at earlier, I think a lot of security problems are really cultural.

Re: This is quite interesting

MSDOS 6.22, released in 1983, IIRC, is a nice DOS.

But, it has two problems that plagued me.
One is the random nature of the xcopy bug, when it fails to identify a file as a file or a directory as a directory. Many have been the times that I have started a batch backup process before I go home for the day, only to come in the next morning and find that 5 minutes after it started it threw up a screen asking for user input to tell it if the name it is displaying is either a file or a directory. I have to cancel the backup because I couldn't ask dozens of people to close down their applications and wait for 45 minutes while the backup completes.
The second is the job scheduler. It randomly failed to start the backup job when it was supposed to. Eventually I replaced both with 3rd party tools which worked.

Other than that it was great. Not as great as DRDOS, but great.

Re: This is quite interesting

Yes, many people say DRDOS is better. Regarding things like xcopy, I'd have to go looking for that on some old disks. I have long since discarded any of the utilities. I don't think anyone ever "installed" DOS as an MS OS - I certainly haven't. It's all mv, cp, xgrep, mvdir, and TSRs around here. (Half of simtel lives here. lol) Over the years I've just collected what I think is better (smaller, faster) until MS only occupies the two kernel files and shell. The rest of the stuff was just a sales pitch anyway. Though I must say that I still like the MS mem command best for what it does. What's important is that it is user driven and "it don't run if you don't type it". Though I must say that not having to look at the screen is a big plus too and that, of course, is why there is still a lot of blind people using it. Anyway, another big reason is just pure ego - it's a hot-rod, and I'm in control. (blush)

PS: Here is a profile of my main machine which is called ANA.

Re: This is quite interesting

@GreyGeek - Do you remember that MOTD exploit I mentioned yesterday? I know you didn't reply, it's easier to ignore that you are wrong that way.

"Ubuntu closes root hole

A flaw in the module pam_motd (message of the day), which displays the daily motto and other information after login (to the shell), can be exploited under Ubuntu to expand access rights. Attackers can exploit this vulnerability to gain root access. Ubuntu has already provided a patch for the flaw. Operators of multi-users systems should install it as soon as possible because directions are already in circulation via Twitter on how to exploit the flaw to get access rights to the password file /etc/shadow. The file can then not only be read, but changed."

Source: The H

Just thought you should know, because you were wrong. Once again.

Re: This is quite interesting

I'm just curious. Who got hit by this?

Re: This is quite interesting

I have no idea, hopefully no-one. It would require some other exploit to gain access, either a remote exploit (I don't know of any) or local like what we found in the gnome screensaver package on gnome-look last year.

The danger here though is that it could easily be encoded into an existing script, posted to a forum to be downloaded and executed as a user without root permission and it can elevate itself to root or any other account on the system.