Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

You haven't heard of the 500,000+ viruses? Botnets? How much more bigger deal do you want to hear about?

The concept is simple if the software you use has a vulnerability and you go online do you prefer the hacker or virus to have access to every OS resources (installing/removing programs, rootkits, change firewall settings, stop antivirus from working, stop task manager, hide process, write in all the folders, etc)?

Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

I think you misunderstand. I was wanting a root linux vs windows COMPARISON. I already know what the risks are. I just wanted know the severity of the risk of one relative to the other and why. Since I'm asking this out of curiosity and not for any practical purpose I was also hoping for something a little more technical than that.

For example, maybe linux is less secure than windows when you log on as root, because a hacker or malicious code would not have any "resistance" on root linux because root users are meant to be able to manipulate the system as they see fit, but on windows is made differently to make it harder to manipulate which incidentally makes it harder to penetrate. Though, maybe a little more technical detail or examples or whatever than in the previous wild guess I just made.

Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

This assumes that both occurences use the default settings. On linux however it is not the default behaviour to run everything under root privileges. On windows for a long period of time it has been, even with the newer windows versions this behaviour is firmly planted in the users usage patterns that most of them disable the security feature called UAC.

Under linux there are some users that also think that it is necesary to run everything under root privileges, my guess is that these users are windows-converts that desire that absolute right to do everything everywhere on their system. Sadly they are mistaken in this way and do not see the proper way to manage their system.

Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

In theory, both systems face similar risks when run as root/admin. In practice, however, there are far more security threats for windows systems, and also a number of technologies that are particularly vulnerable to exploits, like ActiveX.

Any windows administrator will tell you not to run in administrator mode all the time (and you'll never see employees running admin mode on corporate networks). You'll hear it more on linux as it's users tend to be somewhat more competent with computers/security.

As a side note, running a system with limited privileges offers protection from yourself as well as outside threats, which makes it sensible to not run as root/admin even on machine that is not connected to the internet.

Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

I think you misunderstood my post, you said that "yet no big deal is made about people using windows with administrative privileges." and I explained that's not quite true, all those problems that I listed are facilitated by people using Windows with admin accounts, and Windows experienced admins know that and do make big deal about it.

While running Linux as root won't automatically make you vulnerable (even running Windows as admin doesn't make you automatically vulnerable, but you have to not use IE, or if you do make sure you disable ActiveX and so on, only if you know what you are doing you are reasonable safe), is not a good idea, and I explained why.

Besides is not only an external security issue, it's also a matter of protecting your system against poorly coded programs, what if one of the programs is buggy? If you run it as root there's no telling what it can do... at least as normal user the damage is limited and it can't ruin the OS.

Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

Frankly, the main, over-riding reason I don't run as root is to protect my computer from disastrous blunders by the idiot who operates it. I have had too many incidents in the past (when running Unix or Linux distros that don't use sudo) when, after adding software or repairing a problem, I FORGOT that I was running as root and generated a typo that crashed my system. Sometimes, these things can take HOURS to repair. There are even fatal commands (or mouse clicks) that can cause irreparable loss of data and settings. Do you know all of them? I certainly don't.

Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

In theory only, one would think that the risks are similar. Technically, both are ways of abusing the system to circumvent security measures designed into the system. That's only true in theory though, not in practice.

In the real world, you must acknowledge the fact that the risks to Windoze systems are far greater. Adrian is correct, but I'd also add the fact that there are worms active on the Internet which can invade a Windoze computer without any user intervention. Running Windoze in admin mode just makes it more likely that these automated attacks will succeed in subverting the system.

In Linux systems vulnerabilities are patched rather quickly. There are far fewer malicious programs targeting Linux systems, and far fewer people with the knowledge, skill, and motivation to hack Linux systems.

In both cases you are abusing the system unnecessarily. If you are fully aware of the risks and want to do it as an experiment then no one can stop you. I'd say that unless you are a professional security researcher, you just should not take the risk.

Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges



+1 here

Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privile

+2 here

Troll?

Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

Adrian, you're right, I did misunderstand you. I somehow missed your quote of what I said in my first post. That made me see what you said a bit out of context.

I find all of this fascinating. I studied economics, not programming or computer science in school, but I was exceptionally always good with computers and taught myself most of what I know from trial and error and on-line research. That being said, until now, I've never seen anyone talk so heavily for private individuals not running windows without administrative privileges. Instead, I've always heard, "dump IE and active x, run active spyware and anti-virus protection, always have a firewall, etc." I wonder if the whole security problem with windows users is primarily from the fact that they run their computers with full privileges. I wonder if cyber-security would ever have become an issue if windows treated admin like linux treats root.

Btw, from what people are saying about it protecting you from your own errors and buggy software, I guess I'm really fortunate for linux not running on root normally because I like to go off of the "beaten path" and tinker with things and test dev builds and what not. That being said, can I contain my "risky" programs in my personal account or a special one instead of in my root to further protect my system?

Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

The answer (of course) is "Yes, but it's complicated.", "of course" because you can make a computer do almost* anything (with the right code).

Programs, unlike personal files, are normally available to everyone, because the permissions allotted to their executables allow them to be. If you open a file manager, e.g. Konqueror or even Dolphin, in "detail mode", you will see a column labeled (in Konq) "Permissions". The entries say things like "drwxrwxrwx", where one or more of those entries may be replaced a hyphen. They symbols (aside from the d) refer to the what the Owner, Group, and Anyone can do with the file. Thus a file with perms "rwxrwxrwx" can be read, written, or executed by anyone. A file labeled rw-r--r-- can be written to by its owner only, but can be read by anyone, and can't be executed by anyone. Most executable programs are owned by "root" and can be read and executed by anyone, but can only be written by the root user. However, when you use 'sudo" to "become root", you can can change the permissions.

So, using the "chmod" command, you could make a particular program executable only by members of new group (you'd have to create) called "daredevils" (for example). That group would have only one member: a new user you create called "Risky", with his or her own password, home directory, etc. When you log in as "Risky" you would be able to use programs which had execute perms limited only to members of the group "daredevils". Then, when you decide that the program is safe, you could make it executable by everyone. Note that this does not stop a badly written program from destroying your system.**

* Look up "Turing Machine"
** Take it from someone who has done it more than once.