Author Topic: I'm moving to linux.  (Read 28905 times)

Aleksanderus

  • Rogueliker
  • ***
  • Posts: 179
  • Karma: +0/-0
  • Champion of the unknown
    • View Profile
I'm moving to linux.
« on: June 08, 2016, 01:39:58 PM »
I think I'm gonna change from windows 7 to linux (manjaro edition more preciselly).

I'm doing this because of the safety, customisation and also because my friend is making linux propaganda to me!

Krice

  • (Banned)
  • Rogueliker
  • ***
  • Posts: 2316
  • Karma: +0/-2
    • View Profile
    • Email
Re: I'm moving to linux.
« Reply #1 on: June 08, 2016, 02:34:39 PM »
I wonder how safe Linux is after all. Lot of talk about that, but how do we know it's safe.

Aleksanderus

  • Rogueliker
  • ***
  • Posts: 179
  • Karma: +0/-0
  • Champion of the unknown
    • View Profile
Re: I'm moving to linux.
« Reply #2 on: June 08, 2016, 02:37:15 PM »
I wonder how safe Linux is after all. Lot of talk about that, but how do we know it's safe.
Well, it doesn't track you and there's less viruses on it than on windows.

Xecutor

  • 7DRL Reviewer
  • Rogueliker
  • *
  • Posts: 263
  • Karma: +0/-0
    • View Profile
Re: I'm moving to linux.
« Reply #3 on: June 08, 2016, 02:43:40 PM »
I love terminal emulators on linux. Terminator in particular.
But Linux GUI in general (all of them) IMO is inferior to Windows (7).
And linux runs perfectly fine in virtual box. So, you can have the best of two worlds :)

Krice

  • (Banned)
  • Rogueliker
  • ***
  • Posts: 2316
  • Karma: +0/-2
    • View Profile
    • Email
Re: I'm moving to linux.
« Reply #4 on: June 10, 2016, 09:54:04 AM »
Well, it doesn't track you and

I wonder how this can be confirmed for all distributions out there. People assume a lot in this case.

AgingMinotaur

  • Rogueliker
  • ***
  • Posts: 805
  • Karma: +2/-0
  • Original Discriminating Buffalo Man
    • View Profile
    • Land of Strangers
Re: I'm moving to linux.
« Reply #5 on: June 10, 2016, 11:25:18 AM »
Open source means that many people across the world scrutinize the code, so the chance of someone sneaking through spyware is practically zero if you stay away from proprietary software. Different distributions are really just different packagings of the same software, so it's not as if Firefox will be compromised in one particular distro – if the packager makes any changes to the code, those changes will lie open for the community to examine. The short version of the story is that Linux, even if not the better choice for everyone, beats the proprietary OSes hands down when it comes to safety and privacy.

Running Linux from within Windows (or dual booting) is certainly possible, but sounds like a hassle. It's a question of taste and habit which GUI one likes more. Personally, I'm used to Linux, and find Windows awful to work with. My tip to you, Aleksanderus, would be to check out different solutions (Gnome, KDE, xfce …) and find the one you like. Good luck, and have fun.

As always,
Minotauros
This matir, as laborintus, Dedalus hous, hath many halkes and hurnes ... wyndynges and wrynkelynges.

Z

  • Rogueliker
  • ***
  • Posts: 905
  • Karma: +0/-0
    • View Profile
    • Z's Roguelike Stuff
Re: I'm moving to linux.
« Reply #6 on: June 10, 2016, 10:10:31 PM »
Well, there are Linux distributions which do spy: http://thehackernews.com/2015/12/north-korea-red-star-os.html

But you should be safe with one of the widely used, open source distributions.

Quote
But Linux GUI in general (all of them) IMO is inferior to Windows (7).
What in particular do you consider inferior? For a long time I have been using Windows XP, with FAR Manager as my main editor and tool for everything, and finding it more convenient than the tools available on Linux. Then I have decided to switch to Linux, with FAR Manager running via Wine, and didn't look back -- everything worked, and its consoles and workspaces were superior to Windows. (Though as you can see, I agree about having the best of two worlds.) I have no experience with newer versions of Windows, but I find OSX unusable.

Skullcoder

  • Newcomer
  • Posts: 23
  • Karma: +0/-0
    • View Profile
    • Skullcode
    • Email
Re: I'm moving to linux.
« Reply #7 on: June 11, 2016, 02:48:12 AM »
Stock Ubuntu Linux was sending your Unity App / Doc search results to Amazon and embedding purchase recommendation affiliate links in the results for things you're trying to find on your system.  Fortunately, you could actually turn that behavior off, but it was on by default.

It's only marginally more difficult to put sneaky shit into Open Source software than to get your malicious backdoors into closed source software.  Microsoft is actively snooping though, so by default a Linux or BSD distro is going to have less backdoors in it.

Security from state actors or targeted attacks is practically zero for any OS on this planet (aside from some Alternative / Experimental OSs which are small enough to actually audit but lack all the features you want).  Security from malware thugs is better on Linux and BSD not only because you're a smaller target (less desktop users), but also because Linux is so fucking fast at fixing bugs.  I submitted a critical vulnerability to Microsoft 5 years ago which is still not patched, and they've released two OSs since then and all OSs from Vista on up are vulnerable.  I've submitted a dozen bugs this way to MS and only 3 have been fixed, the other 9 are still valid, but are going ignored because MS only really cares about their latest OS.  I've sent over 20 security patches to the Linux Kernel and all but two have been accepted.  Two were no longer bugs because something else changed the the codebase.

If I published my exploit code then MS would be forced to fix it when bad guys started using them to infect systems with malware.  I won't publish the white paper and proof of concept code publicly in order to keep bad guys from using it.  There's a "Responsible Disclosure" code to let vendors like MS have time to fix a bug after notifying them that white hats try to live by (esp. ones who aren't pressed for time to disclose vulns on their blogs for advert traffic; most security researchers are under pressure, but that's not my day job so I don't have such pressure).   

On Linux and BSD most people don't use "Responsible Disclosure".  All exploits are just bugs.  If MS published their source code I would fix the vulnerabilities myself and they'd just have to review the patch and apply it and be done.  That's how it works on Linux and BSD.  I find a critical vulnerability that enables remote code execution and then I fix it and get another patch into the kernel, Apache server, or some other system.  The FLOSS ecosystem is so much more hostile for viruses to live in because if there ever is malware crawling around, we disassemble it, find the bug it exploits, and get the patch out to everyone the same week or even the next day in some cases.  Frequently I've seen a bug in the news and that morning my Linux OS updater had already patched it.

Microsoft only releases patches on the 2nd Tuesday of every month.  This is GREAT! (for malware authors) because they know not to push their malware out until just before the 2nd Tuesday so that they have the most time to run amok before anyone even has a chance to get an update if it's deemed critical enough for MS to pay attention to.

Now, not everyone notifies the software vendors of the bugs they find.  Some greyhat and blackhat hackers sell the vulnerabilities they find on the black market.  There are several attack toolkits which allow you to add some boilerplate code to your exploit and package the vulnerability for use with whatever payload code a customer wants.  I use them for penetration testing, but bad guys use them to attack systems.  A script kiddie buys or make a malware payload in damn near anything, I've even seen malware as Python scripts (compiled into an executable with Cython).  Then they simply buy one or more 0-day exploits on the market which have wrappers for the exploit toolkit the skiddie is using.  Then they literally drag and drop the malware together, joining the exploit vector with the payload.  You don't even have to know how to write code to be a "malware publisher" today.

As it turns out, there are FAR MORE exploits on the market for Windows than for Linux and even fewer for BSD.  Mac and iOS and Android are steadily climbing though.

As I said, even though Linux / BSD etc. are somewhat more secure, it's still pretty easy to get shady backdoors into Free (Libre) Open Source software.  Let's take the case of Heart Bleed.  A bug in the OpenSSL library that many web enabled servers and applications use for their TLS / HTTPS security.  The code has a "performance optimization" where they keep a memory pool of objects rather than calling free() and malloc() they get memory from the process's pool if it's available and return it to the pool when not in use.  That memory pool is used by all sorts of code in the OpenSSL library, and can contain the private keys for your connections.  When this is combined with a buffer overrun error which causes OpenSSL to fill a packet with "junk" data beyond the small response data you can leak some of thah memory pool and sometimes it can include parts of the server's key.

Now, the patch that introduced the buffer overrun bug which copies more data than should be sent was accepted to the OpenSSL codebase on New Years freakin' Eve while everyone in the world was getting shitfaced and not paying attention.  This is the sort of thing that state actors do to introduce bugs.

Even a code audit isn't necessarily going to find the bugs because we're humans and our brains make us see things we expect to see even if it's not quite the right thing.  This is why proofreading your own writing is near impossible.  Well, with code it's even worse because it's following familiar patterns so we know what to expect even if we've never read the source before.

Code: [Select]
...
if ( command  == UPDATE_ACCESS_TIME && user = root ) { return fstat( ... ); }
...

Some people might read past this in a block of code and think everything is on the up and up.  In fact, if this was in a patch that was changing instances of the costant UPDATE_FILE_ACCESS to UPDATE_ACCESS_TIME then you especially might not notice that the '==' was changed to a '=' in the patch you just accepted.  Now when the UPDATE_ACCESS_TIME function of this code is used it also sets the user's level to root rather than just checking if it's root level.

There are people who make a living selling malware or working for governments that are combing through code just looking for exploitable places like this, and if they find a spot that a small modification might make exploitable them they submit crazy patches, maybe on New Years holiday and have their inside guy accept the patches when everyone is distracted.  Of course the maintainers have plausible deniability.  "It looked good to me, shit happens".  in the case of OpenSSL the maintainers were so fucking inept there were security bug-fixes in their issue tracker for years.  They changed to another issue tracker and didn't put out a press release, and then they even stopped looking at the issue tracker they were supposed to be getting patch requests through.  This for the most used SSL library on the planet?  It reeks of a con job, and that's how "secure" open source software can be.

Just because everyone COULD look at the OpenSSL code and just see how shit it was (and many people had, and have been bitching about it for years) doesn't mean the bugs will get fixed at all, unless some serious shit like Heart Bleed goes down and everyone has to pay IT overtime to generate new SSL keys for their servers and test it all out to make sure no old keys are lingering about...  You see, when that happens you're supposed to just be able to publish a revocation certificate and then browsers are supposed to check a certificate they have to make sure it hasn't been revoked.

Well!  Chrome doesn't do that!  Chrome and the open source Chromium it's based on uses it's own janky system where the browser keeps a list of the certificate revocation lists for the "top sites", but if you're not a "top site" (whatever that means), then Chrome / Chromium do not check to see if the cert is revoked at all and so crackers can use your old exposed invalid certificate and spoof connections even though your site is trying it's hardest to be secure.  Why does Google do that?  To save a few milliseconds on the first time you make a connection to a website in a day.  Oooh, so much "faster" than Firefox... Yeah, because it cuts corners on security.  And they get away with it because NO ONE CARES ABOUT SECURITY.  "Secure" is just a marketing buzz word.

That's not even the half of it!  We have known bad actors with shit security policy as TRUSTED ROOT CERTIFICATE AUTHORITIES who get hacked by skiddies multiple times with no repercussions.  Oh, and if you check your certificate list the fucking Hong Kong Post Office is a trusted root Certificate Authority!  That means the Chinese government (and any other government that's in your root store, Saudis, India, Russia, USA, Turkey, anyone really) can insert themselves between any connection and you'll see a big green "this site is secure" bar and everything.  Unless you manually check the certs you're using on each page load there's no way to know the connection is secure.  And how are you even supposed to find out which CA is SUPPOSED to be granting the certs for the site in the first place?  A web search over your possibly hijacked and intercepted connection?!

I say this to point out that there is really no such thing as "computer security".  There's just relative levels of exploitability.  Every damn OS and large software project is so full of holes that damn near any security researcher can crack it with the most minimal of application of force.  I just lean on a library by throwing in some random values until it crashes (input fuzzing) and sure enough I'll find a way to make an exploit to break it.  Even the damn libpng reference library had a fucking buffer overrun remote code execution vulnerability sitting in it for DECADES and no one noticed, even though EVERY implementation of PNG decoding involved reading the reference implementation code.

Writing and testing code to be very secure is hard.  No one actually gives a fuck about security, and so you get as much security as you paid for: NONE.  This is true for Microsoft, Linux, BSD, Mac, iOS, Android, Tails, Plan9, BEOS, and every other OS that will actually run on your damn insecure hardware!  Yes, even the motherboard, hard disk drive, NIC and etc. firmware contains crap code full of holes.  Everything you depend on for "security" is swiss cheese.  That's the real reason Microsoft takes so damn long to patch exploits that aren't being used in the wild: They know the whole damn hardware / software stack is crap, and there will just be more exploits found tomorrow.

That said, at least Linux isn't OPENLY trying to spy on you, unlike Microsoft.
« Last Edit: June 11, 2016, 03:08:52 AM by Skullcoder »

Lord_Mork

  • Newcomer
  • Posts: 43
  • Karma: +0/-0
    • View Profile
Re: I'm moving to linux.
« Reply #8 on: June 11, 2016, 04:22:09 AM »
I think I'm gonna change from windows 7 to linux (manjaro edition more preciselly).

I'm doing this because of the safety, customisation and also because my friend is making linux propaganda to me!

All my friends began to use Linux. I don't why it's better or preferable to Windows in a technical sense; I'd have to have a greater knowledge than I do to make any sort of judgement.

But for those friends of mine; they all have cheap-o chromebooks that were in need of a real OS, and Linux is apparently free while Windows 10 is $60. So there's a benefit for you.

Krice

  • (Banned)
  • Rogueliker
  • ***
  • Posts: 2316
  • Karma: +0/-2
    • View Profile
    • Email
Re: I'm moving to linux.
« Reply #9 on: June 11, 2016, 06:44:11 AM »
Writing and testing code to be very secure is hard.

But is it really? For example many open source projects still use C which is not known to be super safe, because programmers can easily make mistakes that create bugs like buffer overrun. In C++ with good practices it's easier to avoid these kind of bugs in the first place before they even get the chance. Not to mention higher level languages. Another strange thing is don't these guys check their code with static code analysis tools? They are quite good at catching bugs.

Skullcoder

  • Newcomer
  • Posts: 23
  • Karma: +0/-0
    • View Profile
    • Skullcode
    • Email
Re: I'm moving to linux.
« Reply #10 on: June 11, 2016, 03:30:23 PM »
C++ is a bit better than C, but it introduces its own exploit vectors: You put pointers to code on the heap to implement their "virtual function" VTable for polymorphism.  This means that any data structure overflow (not just a stack overflow) can overwrite a pointer in C++ and result in code execution vulnerabilities.  If you just stick to C and don't try to implement any OOP (putting function pointers in structs) then your attack surface is very small.  C++ doesn't do range checking on arrays by default so it's not really any safer than C (consider that the STL still uses the underlying plain C data structures) so that's why the "safer" C++ string interface has about 10 remote code execution vulnerabilities out right now.

Languages like C#, Python, Perl, PHP, etc. just add more attack surface full of holes to exploit via increased codebase size available to exploit to provide their convenient functionality.  A C or C++ program that links only what it uses has a much smaller attack surface than, say Python which every single program presents the entire huge attack surface.  There are great big bugs in Python, Perl, etc. interpretors which mean that damn near every program that uses them is succeptible to exploit.  Let's say your program doesn't use some feature that's exploitable.  In C / C++ that won't get compiled in, but in most VM / scripting languages that code will be present to the host environment for every program that runs and thus accessible to exploit.  That's why Java Web Applets became such a HUGE security vulnerability even though Java is supposed to be a virtual machine language and thus incredibly sandboxable.

Static analysis, unit testing and input fuzzing toolkits exist but few projects actually use them.  Besides, someone had to write that unit test or static analyzer, and they screwed up somewhere.  If they didn't screw up then eventually they will be screwed up because people just can't leave languages alone and let them be hardened, you've got to keep making new languages and adding more features and causing more bugs that prior code didn't expect.

C++ is used in Chrome, but it calls out to C libraries like OpenJPEG, and Chrome devs NOOP most asserts in release code for speed, but some libraries depend on assert to catch things like the buffer overrun which can now cause remote code execution by reading a PDF with Chrome.

It would be great if we could write libraries in C++, but C++ is just C with a fancy preprocessor, so to implement method overloading it munges the names of functions by adding some gibbering to encode the type of parameters in use.  Each compiler does this differently because the C++ standards committee is full of idiots.  That means you can't call a C++ function on a library unless everyone is using the same compiler and potentially the same compiler version, because your different compiler might tack on some different gibberish.  They SHOULD have just started from scratch and thus had a different intermediate object representation to supply to their own linker, but since all C++ implementations rode the coat tails of C and used a C linking subsystem, they got stuck doing kludges like this.  Because the idiots in the standards body thought that dictating an object representation was beyond the scope of C++ standardization it's been decades before the C++ compiler implementers have finally started to get together and hash out a way to make C++ actually able to produce libraries that work across multiple compilers.  You'd have thought that basic feature would have been priority #1 for any language, but it's not because C++ is not managed by smart people who care about interoperability, and thus don't give a flying fuck about security.

And here's why: The real messed up thing is that sometimes two C++ compliers will appear to generate the same munged name for a method call.  Your C++ program calling into another library made with C++ will appear to work, but both are supplying different parameters to the function call, and thus smashing their own stacks.  This might not become apparent until some buggy behavior is noticed at best, or at worst systems are being compromised by the messed up code you released that is only messed up because of bad decisions the C++ implementers and standards bodies made, not because of any of the code that was written in their languages.

There's not really any "computer security" because no one gives a fuck about "security".  They just expect to fix their broken shit whenever people complain loud enough about a specific case of "security" being compromised.

Sorry for all the ranting, but it's just sick how the whole software industry pretends that "security" is actually a thing they care about.  It's not, that's just a marketing term.
« Last Edit: June 11, 2016, 03:32:50 PM by Skullcoder »

Krice

  • (Banned)
  • Rogueliker
  • ***
  • Posts: 2316
  • Karma: +0/-2
    • View Profile
    • Email
Re: I'm moving to linux.
« Reply #11 on: June 11, 2016, 05:29:06 PM »
C++ is a bit better than C, but it introduces its own exploit vectors: You put pointers to code on the heap to implement their "virtual function" VTable for polymorphism.  This means that any data structure overflow (not just a stack overflow) can overwrite a pointer in C++ and result in code execution vulnerabilities.

This is too technical to me. Why C pointers can't be overwritten the same way? Besides you would think if vtable is trashed the program will simply crash.

TheCreator

  • Rogueliker
  • ***
  • Posts: 370
  • Karma: +0/-0
    • View Profile
    • Fame
    • Email
Re: I'm moving to linux.
« Reply #12 on: June 13, 2016, 05:57:11 AM »
After all this aggressive Windows 10 marketing I started to consider Windows as malware and yes, one day I will probably move to Linux. In the 1990s everyone wanted to have Windows, because it was the best OS available on the market. Today Microsoft needs to force us to update. That's not a good sign. I hate updates. Somehow they always mean replacing something that works with something that doesn't.
Fame (Untitled) - my game. Everything is a roguelike.

Cfyz

  • Rogueliker
  • ***
  • Posts: 194
  • Karma: +0/-0
    • View Profile
    • Email
Re: I'm moving to linux.
« Reply #13 on: June 15, 2016, 09:49:19 PM »
Quote from: Krice
Why C pointers can't be overwritten the same way?
My guess is
1. The pointer to a vtable is placed fairly predictably and near every other object.
2. vtable itself consists of pointers to functions so you are guaranteed to actually run the code if you manage to overwrite it.
Then again, objects contain only the pointer to a table, not the table itself. It should be hard to modify the table with this additional indirection.

Quote from: TheCreator
Today Microsoft needs to force us to update. That's not a good sign.
Methods aside, I think it is fairly understandable where Microsoft is coming from. People are conservative and lazy and would stay on outdated OSes for who knows how long, which would force commercial software vendors and in turn Microsoft to continue support those platforms. Which is frankly a waste of resources. Web developers had it with their IE zoo not so long ago, so no thanks =).

Quote from: TheCreator
I hate updates. Somehow they always mean replacing something that works with something that doesn't.
I've used Linux for a long time (mostly for work) and from my experience the sheer amount of things that simply change and stop or begin to work each noticeable release just doesn't compare to the mild annoyance of Windows >_<. Choosing and 'freezing' some stable Linux release only works for servers. On desktop everything go out of date pretty quickly and sooner or later you are forced to update because new versions of some essential application is not built for your release anymore. Then you can try to continue to maintain some things by hand but this is a huge step down in user experience.

AgingMinotaur

  • Rogueliker
  • ***
  • Posts: 805
  • Karma: +2/-0
  • Original Discriminating Buffalo Man
    • View Profile
    • Land of Strangers
Re: I'm moving to linux.
« Reply #14 on: June 15, 2016, 10:50:41 PM »
Quote from: TheCreator
I hate updates. Somehow they always mean replacing something that works with something that doesn't.
I've used Linux for a long time (mostly for work) and from my experience the sheer amount of things that simply change and stop or begin to work each noticeable release just doesn't compare to the mild annoyance of Windows >_<. Choosing and 'freezing' some stable Linux release only works for servers. On desktop everything go out of date pretty quickly and sooner or later you are forced to update because new versions of some essential application is not built for your release anymore. Then you can try to continue to maintain some things by hand but this is a huge step down in user experience.
Sounds like you're making it unnecessarily difficult for yourself... I've had the opposite experience, using nothing but Debian for a decade. Running the stable branch, in particular, I hardly ever ran into a problem. I certainly never had that "some essential application is not built for your release anymore". It really doesn't happen if you install software from the distro's official repository. The trouble often starts when users install binaries they downloaded from the web, instead of how it's supposed to be done in their OS.

As always,
Minotauros
This matir, as laborintus, Dedalus hous, hath many halkes and hurnes ... wyndynges and wrynkelynges.