Announcement

**woodsmoke** · Sep 08, 2012, 11:48 AM

Hi
It does look interesting, but, although I have a lot of fifteen gig hds laying around, it is probably beyond my meager skills.

However, there were two other interesting things in the piece.

The use of "her". I go to a lot of trouble in my lectures to use "her" approximately half the time instead of only "him".
That it uses KDE which is a good thing!

woodsmoke

**pauly** · Sep 08, 2012, 01:40 PM

Originally posted by woodsmoke View Post

Hi
It does look interesting, but, although I have a lot of fifteen gig hds laying around, it is probably beyond my meager skills.

However, there were two other interesting things in the piece.

The use of "her". I go to a lot of trouble in my lectures to use "her" approximately half the time instead of only "him".
That it uses KDE which is a good thing!

woodsmoke

Hmm I didn't notice it runs on KDE. Where did you see that? As far as the use of her. Joanna is female so it is expected. Here is another interesting article by her about Linux security vulnerabilities through xserver.

http://theinvisiblethings.blogspot.c...isolation.html

**woodsmoke** · Sep 08, 2012, 01:46 PM

Hi Pauly

On the download page toward the bottom, "known issues"

If you don't enable Composition (System Setting -> Desktop -> Enable desktop effects), which you really should do, then the KDE task bar might get somehow ugly (e.g. half of it might be black). This is some KDE bug that we don't plan to fix.

Some keyboard layout set by KDE System Settings can cause keyboard not working at all. If you hit this issue, you can switch to console (by console login option) and manually edit /etc/X11/xorg.conf.d/00-system-setup-keyboard.conf (and /etc/sysconfig/keyboard) and place correct keyboard layout settings (details in linked thread). You can check if specific keyboard layout settings are proper using setxkbmap tool.

woodsmoke

**pauly** · Sep 08, 2012, 02:52 PM

Originally posted by woodsmoke View Post

Hi Pauly

On the download page toward the bottom, "known issues"

woodsmoke

Oh thats cool. Thanks

**pauly** · Sep 08, 2012, 02:56 PM

After looking at the article on GUI isolation and the Linux security Circus. It made me think of Wayland and if it would take this security weakness into consideration. I found this interesting exchange on the Wayland-devel mailing list. Pay attention to the names.

http://comments.gmane.org/gmane.comp...and.devel/1867

I feel better knowing the Wayland devs are aware of this sort of issue. I really cant wait to use Wayland.

**woodsmoke** · Sep 08, 2012, 04:46 PM

nice discussion.

As to keystrokes etc.

It is way off in the weeds that there was a proof of concept a few years ago about "hiding" a link in an image and it being used as a conduit for a malware or an attack or whatever.

The clickable link for say, Photobucke" is possibly a spin on the original concept.

don't know.

woodsmoke

**claydoh** · Sep 08, 2012, 05:05 PM

It looks like KDE 4.4-ish, so that taskbar issue is pretty much a KDE bug from back then, if you don't use desktop effects. The wallpaper goes way back, maybe to 4.0 iirc, but the taskbar/plasma theme looks like 4.4 (10.04's version).

**GreyGeek** · Sep 08, 2012, 07:26 PM

VERY Interesting!

**NickStone** · Sep 11, 2012, 11:08 AM

I found it interesting as well. I wouldn't mind downloading it and trying it out but as it states it doesn't run in a VM environment there is no point. I would have liked to try it in a VM.

**gnomek** · Sep 29, 2012, 04:32 AM

Yes, I can understand what is happening in your mind and heart right now... Don't worry, others have also passed through it.

My reaction was a panic attack.:shock:

Is this a real danger
http://theinvisiblethings.blogspot.c...isolation.html
Indeed xinput shows all keys typed. From what I understand Qubes has this advantage over other systems that even if one AppVM is compromised other are safe. And any attack or malware from the Internet can affect only the one AppVM that had contact with malware.
But can malware or some evil code on a website be dangerous by itself on Linux, or it only serves as a gate for an attacker, a person to break in? I suppose that if anyone good at cracking can attack me simply root password is not enough to stop him. But on the other hand I doubt if anyone attacks random PC's just for fun, or at least it is not that frequent.
To sum up my question is: can malware or some code on a website be dangerous by itself, can it keylog using xinput, or it needs special action from an attacker in person?

Can anyone refer me to some lectures, books on security dangers that comes from evil code on websites and what is a real danger on Linux from this types of things?

**NickStone** · Sep 29, 2012, 04:59 AM

Try http://www.linuxsecurity.com/ or this http://www.linuxtopia.org/LinuxSecurity/

Also I found a good article about Malware and Linux/BSD.

I often get asked do Macs get viruses like Windows?

Well the short answer is NO they do not. Apple themselves say… “Mac OS X doesn’t get PC viruses. And its built-in defenses help keep you safe from other malware without the hassle of constant alerts and sweeps.”
Notice they say “PC viruses”, or let me put it this way, Macs do not get viruses that infect Windows computers...

Read the rest of the article here http://www.userbytes.com/do-macs-and...s-and-malware/

**pauly** · Sep 29, 2012, 08:28 AM

Originally posted by gnomek View Post

My reaction was a panic attack.:shock:

Is this a real danger
http://theinvisiblethings.blogspot.c...isolation.html
Indeed xinput shows all keys typed. From what I understand Qubes has this advantage over other systems that even if one AppVM is compromised other are safe. And any attack or malware from the Internet can affect only the one AppVM that had contact with malware.
But can malware or some evil code on a website be dangerous by itself on Linux, or it only serves as a gate for an attacker, a person to break in? I suppose that if anyone good at cracking can attack me simply root password is not enough to stop him. But on the other hand I doubt if anyone attacks random PC's just for fun, or at least it is not that frequent.
To sum up my question is: can malware or some code on a website be dangerous by itself, can it keylog using xinput, or it needs special action from an attacker in person? I use apparmor. My firewall closes out going and incoming except for what I allow for specific. I use noscript. I clear flash cookies and all cookies when I close my browser and I use addons I trust. I always strat with a clean session when I do anything I feel needs to be secure. I do all this even though I am using Linux.

Can anyone refer me to some lectures, books on security dangers that comes from evil code on websites and what is a real danger on Linux from this types of things?

I could be wrong and I am no expert but my interpretation is that this is a problem when two applications that are running on a desktop at the same time. Could Firefox be reading keepassx if you were running both at the same time assuming you were infected with a yet to be known piece of malware. I would have to say yes, but if your browser is infected then you have big problems regardless. You could use apparmor to restrict your browser. I guess the jist is don't run untrusted software.

Announcement

Introducing Qubes 1.0! Kernel, Hypervisor, Virtualization

Introducing Qubes 1.0! Kernel, Hypervisor, Virtualization

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment