Announcement

Collapse
No announcement yet.

This is quite interesting

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    #16
    Re: This is quite interesting

    I run FIreFox 3.6.6.

    The only problem I have with it is that on occasions, when I click a link, it refuses to activate. I can click the link repeatedly with no effect. If I right-mouse and chose "Open in a New Tab" the link immediately opens.

    As far as the vulnerabilities of FireFox is concerned, UNLIKE WIndows, an attacking program MUST save the proper code (ELF binary or bash script) to a file before it can be executed because ONLY FILES are executed in Linux, which is one reason why email malware attachments are ineffective in Linux. Secondly, the save file MUST be marked as executable. Only then can it be executed. Generally, the worst the exploit can do is erase your home account, or steal files from it. You do keep valuable personal information in encrypted files, don't you, and you do regular backups as well?

    In 12 years of running Linux I have never met anyone who was running Linux and got infected or hacked. For the last two years I have been watching over more than a dozen elderly friends of mine and NONE of them have ever gotten a bug or hacker intrusion.
    "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
    – John F. Kennedy, February 26, 1962.

    Comment


      #17
      Re: This is quite interesting

      Originally posted by GreyGeek
      In 12 years of running Linux I have never met anyone who was running Linux and got infected or hacked. For the last two years I have been watching over more than a dozen elderly friends of mine and NONE of them have ever gotten a bug or hacker intrusion.
      Thanks GG, that's what I wanted to hear - real world experience. I have noticed the same, and am still waiting to hear (or read) about others getting hacked.

      Comment


        #18
        Re: This is quite interesting

        Edit by Telengard

        I want everyone to understand that GreyGeek edited this post without my permission. The words he inserted into this post are not mine and do not reflect my views. He clearly has the power to do this as a forum moderator, but I don't believe it is right and good for his word to be credited to me.

        GreyGeek has since explained his actions and apologized for his mistake, and I have accepted. I have decided to allow the edited version to remain in place because it contains GreyGeek's response to my post. You can read the reconstruction of what was originally here in reply #24.

        Originally posted by GreyGeek
        .....
        As far as the vulnerabilities of FireFox is concerned, UNLIKE WIndows, an attacking program MUST save the proper code (ELF binary or bash script) to a file before it can be executed because ONLY FILES are executed in Linux, which is one reason why email malware attachments are ineffective in Linux.
        True enough, but then Wine is installed on many Linux systems and it allows automatic execution of files with PE headers AFAIK.
        Except that wine creates a virtual engine which operates within a nested hidden directory that uses Windows-like directory aliases so that commands like CD C:\something can be understood. A "Del *.*" command would have no effect outside that wine environment. For sport I used to download Windows malware and run it inside a WINE installation just to see what they would do. To restore the WINE environment I'd delete it and reinstall it.

        Secondly, the save file MUST be marked as executable. Only then can it be executed.
        Not true. Interpreters on Linux systems such as Bash may be invoked on files which do not have the executable flag set. Such scripts don't even necessarily require the #!/bin/bash header to be executable. You can demonstrate this on your own Kubuntu machine by invoking Bash with a here string:

        Code:
        $ bash <<< 'touch $HOME/virus'
        $ ls virus
        virus
        What the code above demonstrates is that Bash will happily execute scripts which do not have the executable flag set and which do not contain the traditional shebang header. In case you don't quite understand, Bash sees the here string as a script just as if it were reading it from a physical file on the disk.
        That is an example of classic "sourcing" of a script file, executing valid bash commands listed in the file, not the execution of an ELF binary or an executable bash script. That source file has to be saved in order to be sourced.


        Generally, the worst the exploit can do is erase your home account, or steal files from it. You do keep valuable personal information in encrypted files, don't you, and you do regular backups as well?
        Indeed, but I would still cry buckets if my data were ever compromised. Also neither of those things protects me against possible keyloggers or network sniffers.

        In 12 years of running Linux I have never met anyone who was running Linux and got infected or hacked. For the last two years I have been watching over more than a dozen elderly friends of mine and NONE of them have ever gotten a bug or hacker intrusion.
        I understand and completely believe what you say is true. Even so, my data is mine to protect and my system is mine to administer. As such, I feel my paranoia is not completely unjustified. GG please don't forget that I am a convert from the Windows world. I know how it feels to lose data to viruses, bugs and having my system rooted.
        I've been running computers since 1968 (and old IBM tabulators since 1959), PCs since 1978, and PCs running MSDOS since 1983 and PCs running Windows since 1987. Since Win95 in 1996 I've had plenty of experience with the instabilities and vulnerabilities of Win9x, NT, W2K, XP and VISTA through my programming for both my consulting business and my final employer. That's what makes the contrast between the vulnerability of Windows vs. that of Linux so startling.
        Welcome newbies!
        Verify the ISO
        Kubuntu's documentation

        Comment


          #19
          Re: This is quite interesting

          Originally posted by GreyGeek
          I run FIreFox 3.6.6.

          The only problem I have with it is that on occasions, when I click a link, it refuses to activate. I can click the link repeatedly with no effect. If I right-mouse and chose "Open in a New Tab" the link immediately opens.

          As far as the vulnerabilities of FireFox is concerned, UNLIKE WIndows, an attacking program MUST save the proper code (ELF binary or bash script) to a file before it can be executed because ONLY FILES are executed in Linux, which is one reason why email malware attachments are ineffective in Linux.
          huh, what? All you need is an unchecked buffer to overflow and execute code on Linux just as with Windows. Email malware attachments could be a problem in Linux too.

          Originally posted by GreyGeek
          Secondly, the save file MUST be marked as executable. Only then can it be executed.
          This isn't true, it could be hooked through a script executed with 'bash script' or an executable that is executed by ld-linux.

          For example, I just executed gedit on my PC here at work after removing the execute bit.

          Code:
          cp /usr/bin/gedit ~
          chmod -x ~/gedit
          cd
          /lib64/ld-linux-x86-64.so.2 ./gedit
          How did I know that I could use ld-linux-x86_64.so.2 to execute it? Simple.

          Code:
          ~ $ strings gedit | head -n 1
          /lib64/ld-linux-x86-64.so.2
          Originally posted by GreyGeek
          Generally, the worst the exploit can do is erase your home account, or steal files from it. You do keep valuable personal information in encrypted files, don't you, and you do regular backups as well?
          Data theft is far worse than the destruction of a system, this could easily lead to theft of your identity. It is much easier to repair a computer than it is to fix your identity after it has been stolen.

          Originally posted by GreyGeek
          In 12 years of running Linux I have never met anyone who was running Linux and got infected or hacked. For the last two years I have been watching over more than a dozen elderly friends of mine and NONE of them have ever gotten a bug or hacker intrusion.
          Sure you do, perhaps just not face to face. I had a server that was hacked allowing entry through an exploit in BIND in 1999. After that I spent a lot of time learning about Linux security. How do you know that there isn't anything bad on your computer right now? Unless you have a deep understanding of security in software development and have gone through the source of every application and script line by line you can't know.
          Don&#39;t blame me for being smarter than you, that&#39;s your parent&#39;s fault.

          Comment


            #20
            Re: This is quite interesting


            The content of this post was removed by me, Telengard, because it does not concern the topic of this thread.
            Welcome newbies!
            Verify the ISO
            Kubuntu's documentation

            Comment


              #21
              Re: This is quite interesting

              Originally posted by Telengard
              I object to GreyGeek editing my post #17. He edited my post without asking. As a mod he is empowered to do so. In my opinion the information GreyGeek inserted into my post is fasle and misleading. I especially object to the fact that those false and misleading remarks are attributed to me in post #17.

              This is a sad abuse of power in my opinion.

              Edit

              I can't even report this abuse because the forum says the post is my own. I think I may be stuck with no recourse here.
              I saw that it said edited by GreyGeek when I replied earlier. If you report it, it should show in the moderator log.
              Don&#39;t blame me for being smarter than you, that&#39;s your parent&#39;s fault.

              Comment


                #22
                Re: This is quite interesting

                The content of this post was removed by me, Telengard, because it does not concern the topic of this thread.
                Welcome newbies!
                Verify the ISO
                Kubuntu's documentation

                Comment


                  #23
                  Re: This is quite interesting

                  The content of this post was removed by me, Telengard, because it does not concern the topic of this thread.
                  Welcome newbies!
                  Verify the ISO
                  Kubuntu's documentation

                  Comment


                    #24
                    Re: This is quite interesting

                    Send a PM to "Open Source" linking to your post with an explanation of your issue. His profile shows he is an administrator, so he should be able to help you.

                    http://kubuntuforums.net/forums/inde...on=profile;u=2

                    I wonder who else's posts this guy has edited..
                    Don&#39;t blame me for being smarter than you, that&#39;s your parent&#39;s fault.

                    Comment


                      #25
                      Re: This is quite interesting

                      Edit by Telengard

                      The original text of reply #17 was editied by global moderator GreyGeek. This file is my best effort to reconstruct the contents of reply #17 as I had originally written it. I originally wrote reply #17 in direct response to GreyGeek's reply #16.

                      GreyGeek has since explained his actions and apologized for his mistake, and I have accepted.


                      *** BEGIN RECONSTRUCTED TEXT ***

                      True enough, but then Wine is installed on many Linux systems and it allows automatic execution of files with PE headers AFAIK.

                      Originally posted by GreyGeek
                      Secondly, the save file MUST be marked as executable. Only then can it be executed.
                      Not true. Interpreters on Linux systems such as Bash may be invoked on files which do not have the executable flag set. Such scripts don't even necessarily require the #!/bin/bash header to be executable. You can demonstrate this on your own Kubuntu machine by invoking Bash with a here string:

                      Code:
                      $ bash <<< 'touch $HOME/virus'
                      $ ls virus
                      virus
                      What the code above demonstrates is that Bash will happily execute scripts which do not have the executable flag set and which do not contain the traditional shebang header. In case you don't quite understand, Bash sees the here string as a script just as if it were reading it from a physical file on the disk.

                      Originally posted by GreyGeek
                      Generally, the worst the exploit can do is erase your home account, or steal files from it. You do keep valuable personal information in encrypted files, don't you, and you do regular backups as well?
                      Indeed, but I would still cry buckets if my data were ever compromised. Also neither of those things protects me against possible keyloggers or network sniffers.

                      Originally posted by GreyGeek
                      In 12 years of running Linux I have never met anyone who was running Linux and got infected or hacked. For the last two years I have been watching over more than a dozen elderly friends of mine and NONE of them have ever gotten a bug or hacker intrusion.
                      I understand and completely believe what you say is true. Even so, my data is mine to protect and my system is mine to administer. As such, I feel my paranoia is not completely unjustified. GG please don't forget that I am a convert from the Windows world. I know how it feels to lose data to viruses, bugs and having my system rooted.

                      *** END RECONSTRUCTED TEXT ***

                      Some of the original content of the reply #17 had been deleted. I had definitely written something about Firefox's DOM. I also think there was more said about executable files and Wine, but I just can't remember it because I wrote it before going to bed. I'm afraid it is impossible for me to reconstruct exactly what I had originally written. This was my best effort.
                      Welcome newbies!
                      Verify the ISO
                      Kubuntu's documentation

                      Comment


                        #26
                        Re: This is quite interesting

                        The content of this post was removed by me, Telengard, because it does not concern the topic of this thread.
                        Welcome newbies!
                        Verify the ISO
                        Kubuntu's documentation

                        Comment


                          #27
                          Re: This is quite interesting

                          Originally posted by Telengard
                          Not true. Interpreters on Linux systems such as Bash may be invoked on files which do not have the executable flag set. Such scripts don't even necessarily require the #!/bin/bash header to be executable. You can demonstrate this on your own Kubuntu machine by invoking Bash with a here string:

                          Code:
                          $ bash <<< 'touch $HOME/virus'
                          $ ls virus
                          virus
                          What the code above demonstrates is that Bash will happily execute scripts which do not have the executable flag set and which do not contain the traditional shebang header. In case you don't quite understand, Bash sees the here string as a script just as if it were reading it from a physical file on the disk.
                          You can substitute Bash with Perl, Python, Ruby, etc. The list goes on and on. This makes Linux distributions very powerful, but is also very dangerous in a desktop setting.

                          Originally posted by Telengard
                          Indeed, but I would still cry buckets if my data were ever compromised. Also neither of those things protects me against possible keyloggers or network sniffers.
                          I only store data in an unmounted encrypted volume. I mount it, use the data, then unmount it. It is paranoid for sure, but this significantly reduces the risk of data theft.

                          Originally posted by Telengard
                          I understand and completely believe what you say is true. Even so, my data is mine to protect and my system is mine to administer. As such, I feel my paranoia is not completely unjustified. GG please don't forget that I am a convert from the Windows world. I know how it feels to lose data to viruses, bugs and having my system rooted.
                          The paranoia is completely justified. There were several proof of concept exploits released for "Linux" this month including a suid root polymorphic shell exploit. Linux users preaching "I am safe, you are safe" are just idiots with no understanding of risk or security.
                          Don&#39;t blame me for being smarter than you, that&#39;s your parent&#39;s fault.

                          Comment


                            #28
                            Re: This is quite interesting

                            Originally posted by zlow
                            You can substitute Bash with Perl, Python, Ruby, etc. The list goes on and on. This makes Linux distributions very powerful, but is also very dangerous in a desktop setting.
                            I suspected as much, but Bash is the interpreter I know best on my own Kubuntu system.

                            The paranoia is completely justified. There were several proof of concept exploits released for "Linux" this month including a suid root polymorphic shell exploit. Linux users preaching "I am safe, you are safe" are just idiots with no understanding of risk or security.
                            I think it is too harsh to call people "idiots" just because they hold to false beliefs. Free and open source software is all about making as much information and power available to users as possible. If some people chose to ignore the facts they have access to then that makes them willfully ignorant at worst, or uninformed at best.

                            It was never my intention for this thread to dissolve into a debate about security on GNU/Linux systems. If you read the thread linked in the OP you will see that there are many other opportunities for discussion opened by that fascinating exchange.
                            Welcome newbies!
                            Verify the ISO
                            Kubuntu's documentation

                            Comment


                              #29
                              Re: This is quite interesting

                              Originally posted by Telengard
                              think it is too harsh to call people "idiots" just because they hold to false beliefs. Free and open source software is all about making as much information and power available to users as possible. If some people chose to ignore the facts they have access to then that makes them willfully ignorant at worst, or uninformed at best.

                              It was never my intention for this thread to dissolve into a debate about security on GNU/Linux systems. If you read the thread linked in the OP you will see that there are many other opportunities for discussion opened by that fascinating exchange.
                              I would agree except that in some cases it is an utter refusal to accept reality. That is why I used the word idiot. Sorry your thread got jacked.
                              Don&#39;t blame me for being smarter than you, that&#39;s your parent&#39;s fault.

                              Comment


                                #30
                                Re: This is quite interesting

                                A related thread in another forum shows that I'm not the only user who thinks Firefox updates should be provided more promptly for non-EOL releases.

                                http://www.linuxquestions.org/questi...9-10-a-818243/
                                Welcome newbies!
                                Verify the ISO
                                Kubuntu's documentation

                                Comment

                                Working...
                                X