Announcement

Collapse
No announcement yet.

Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

    I've been wondering something for a while now...

    I've read so much about how risky it is to log on as root, but how different is it from the average windows user, who almost all log on with administrative privileges (though they are not necessarily logged in as administrator)? I'm wondering because they don't seem extremely different, yet no big deal is made about people using windows with administrative privileges. I'm sure there must be a reason and I'm hoping someone more familiar with the specifics can fill me in.

    #2
    Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

    yet no big deal is made about people using windows with administrative privileges.
    You haven't heard of the 500,000+ viruses? Botnets? How much more bigger deal do you want to hear about?

    The concept is simple if the software you use has a vulnerability and you go online do you prefer the hacker or virus to have access to every OS resources (installing/removing programs, rootkits, change firewall settings, stop antivirus from working, stop task manager, hide process, write in all the folders, etc)?

    Comment


      #3
      Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

      I think you misunderstand. I was wanting a root linux vs windows COMPARISON. I already know what the risks are. I just wanted know the severity of the risk of one relative to the other and why. Since I'm asking this out of curiosity and not for any practical purpose I was also hoping for something a little more technical than that.

      For example, maybe linux is less secure than windows when you log on as root, because a hacker or malicious code would not have any "resistance" on root linux because root users are meant to be able to manipulate the system as they see fit, but on windows is made differently to make it harder to manipulate which incidentally makes it harder to penetrate. Though, maybe a little more technical detail or examples or whatever than in the previous wild guess I just made.

      Comment


        #4
        Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

        Originally posted by Prescience
        For example, maybe linux is less secure than windows when you log on as root, because a hacker or malicious code would not have any "resistance" on root linux because root users are meant to be able to manipulate the system as they see fit, but on windows is made differently to make it harder to manipulate which incidentally makes it harder to penetrate. Though, maybe a little more technical detail or examples or whatever than in the previous wild guess I just made.
        This assumes that both occurences use the default settings. On linux however it is not the default behaviour to run everything under root privileges. On windows for a long period of time it has been, even with the newer windows versions this behaviour is firmly planted in the users usage patterns that most of them disable the security feature called UAC.

        Under linux there are some users that also think that it is necesary to run everything under root privileges, my guess is that these users are windows-converts that desire that absolute right to do everything everywhere on their system. Sadly they are mistaken in this way and do not see the proper way to manage their system.

        Comment


          #5
          Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

          In theory, both systems face similar risks when run as root/admin. In practice, however, there are far more security threats for windows systems, and also a number of technologies that are particularly vulnerable to exploits, like ActiveX.

          Originally posted by Prescience
          yet no big deal is made about people using windows with administrative privileges.
          Any windows administrator will tell you not to run in administrator mode all the time (and you'll never see employees running admin mode on corporate networks). You'll hear it more on linux as it's users tend to be somewhat more competent with computers/security.

          As a side note, running a system with limited privileges offers protection from yourself as well as outside threats, which makes it sensible to not run as root/admin even on machine that is not connected to the internet.

          Comment


            #6
            Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

            I think you misunderstand. I was wanting a root linux vs windows COMPARISON.
            I think you misunderstood my post, you said that "yet no big deal is made about people using windows with administrative privileges." and I explained that's not quite true, all those problems that I listed are facilitated by people using Windows with admin accounts, and Windows experienced admins know that and do make big deal about it.

            While running Linux as root won't automatically make you vulnerable (even running Windows as admin doesn't make you automatically vulnerable, but you have to not use IE, or if you do make sure you disable ActiveX and so on, only if you know what you are doing you are reasonable safe), is not a good idea, and I explained why.

            Besides is not only an external security issue, it's also a matter of protecting your system against poorly coded programs, what if one of the programs is buggy? If you run it as root there's no telling what it can do... at least as normal user the damage is limited and it can't ruin the OS.

            Comment


              #7
              Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

              Frankly, the main, over-riding reason I don't run as root is to protect my computer from disastrous blunders by the idiot who operates it. I have had too many incidents in the past (when running Unix or Linux distros that don't use sudo) when, after adding software or repairing a problem, I FORGOT that I was running as root and generated a typo that crashed my system. Sometimes, these things can take HOURS to repair. There are even fatal commands (or mouse clicks) that can cause irreparable loss of data and settings. Do you know all of them? I certainly don't.

              Comment


                #8
                Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

                In theory only, one would think that the risks are similar. Technically, both are ways of abusing the system to circumvent security measures designed into the system. That's only true in theory though, not in practice.

                In the real world, you must acknowledge the fact that the risks to Windoze systems are far greater. Adrian is correct, but I'd also add the fact that there are worms active on the Internet which can invade a Windoze computer without any user intervention. Running Windoze in admin mode just makes it more likely that these automated attacks will succeed in subverting the system.

                In Linux systems vulnerabilities are patched rather quickly. There are far fewer malicious programs targeting Linux systems, and far fewer people with the knowledge, skill, and motivation to hack Linux systems.

                In both cases you are abusing the system unnecessarily. If you are fully aware of the risks and want to do it as an experiment then no one can stop you. I'd say that unless you are a professional security researcher, you just should not take the risk.
                Welcome newbies!
                Verify the ISO
                Kubuntu's documentation

                Comment


                  #9
                  Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

                  Originally posted by askrieger
                  the main, over-riding reason I don't run as root is to protect my computer from disastrous blunders by the idiot who operates it.


                  +1 here

                  Comment


                    #10
                    Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privile

                    Originally posted by dibl
                    Originally posted by askrieger
                    the main, over-riding reason I don't run as root is to protect my computer from disastrous blunders by the idiot who operates it.


                    +1 here
                    +2 here

                    Troll?
                    Dave Kubuntu 20.04 Registered Linux User #462608

                    Wireless Script: http://ubuntuforums.org/showthread.p...5#post12350385

                    Comment


                      #11
                      Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

                      Adrian, you're right, I did misunderstand you. I somehow missed your quote of what I said in my first post. That made me see what you said a bit out of context.

                      I find all of this fascinating. I studied economics, not programming or computer science in school, but I was exceptionally always good with computers and taught myself most of what I know from trial and error and on-line research. That being said, until now, I've never seen anyone talk so heavily for private individuals not running windows without administrative privileges. Instead, I've always heard, "dump IE and active x, run active spyware and anti-virus protection, always have a firewall, etc." I wonder if the whole security problem with windows users is primarily from the fact that they run their computers with full privileges. I wonder if cyber-security would ever have become an issue if windows treated admin like linux treats root.

                      Btw, from what people are saying about it protecting you from your own errors and buggy software, I guess I'm really fortunate for linux not running on root normally because I like to go off of the "beaten path" and tinker with things and test dev builds and what not. That being said, can I contain my "risky" programs in my personal account or a special one instead of in my root to further protect my system?

                      Comment


                        #12
                        Re: Security Comparison: Kubuntu logged on as root vs Windows with admin privileges

                        That being said, can I contain my "risky" programs in my personal account or a special one instead of in my root to further protect my system?
                        The answer (of course) is "Yes, but it's complicated.", "of course" because you can make a computer do almost* anything (with the right code).

                        Programs, unlike personal files, are normally available to everyone, because the permissions allotted to their executables allow them to be. If you open a file manager, e.g. Konqueror or even Dolphin, in "detail mode", you will see a column labeled (in Konq) "Permissions". The entries say things like "drwxrwxrwx", where one or more of those entries may be replaced a hyphen. They symbols (aside from the d) refer to the what the Owner, Group, and Anyone can do with the file. Thus a file with perms "rwxrwxrwx" can be read, written, or executed by anyone. A file labeled rw-r--r-- can be written to by its owner only, but can be read by anyone, and can't be executed by anyone. Most executable programs are owned by "root" and can be read and executed by anyone, but can only be written by the root user. However, when you use 'sudo" to "become root", you can can change the permissions.

                        So, using the "chmod" command, you could make a particular program executable only by members of new group (you'd have to create) called "daredevils" (for example). That group would have only one member: a new user you create called "Risky", with his or her own password, home directory, etc. When you log in as "Risky" you would be able to use programs which had execute perms limited only to members of the group "daredevils". Then, when you decide that the program is safe, you could make it executable by everyone. Note that this does not stop a badly written program from destroying your system.**

                        * Look up "Turing Machine"
                        ** Take it from someone who has done it more than once.

                        Comment

                        Working...
                        X