Announcement

Collapse
No announcement yet.

Gentoo Developer: Is The Linux Desktop Less Secure Than Windows 10?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #51
    Originally posted by rtfazeberdee View Post

    Griffin is phoronix resident gnome troll when he's not at playschool
    Oh, i'm aware. I like poking a stick at the troll, from time to time

    Comment


    • #52
      Originally posted by ⲣⲂaggins View Post

      Firejail does exactly these things.
      This is very nice, I'm gonna lok at it to learn more. Thank you very much

      Originally posted by ⲣⲂaggins View Post
      Then don't give it the root pw. You should be able to install a proprietary program into a user's home dir, all done inside a sandbox to limit access to just the installation directory. If it doesn't give you that option, you can always try fooling it with overlayfs, or just work in a container.
      Maybe I din't explained well, I'm talking about the pop-up window that appears in Ubuntu when you launch a program and asks for your password.
      Maybe it's called superuser instead of root, I just said that because I don't know exactly what is called, but I know that it wants higher permission.
      I mean I understand what it asks for higher permission for Gparted for example, because that program can absolutely destroy everything, but I don't understand why others need this kind of power. Seriously?
      I see too many programs on linux saying "Give me the power to be God and destroy everything if I want".
      Of course I can say no, but then the program won't open. What's the point on that?

      Originally posted by ⲣⲂaggins View Post
      Because defaults are there to work for most things but to be changed when needed.
      Of course, but how can I forbid a program to access the internet the internet or a device like Webcam?
      I have never seen any distro having any control panel where I can set some boundaries for programs, what can they access (read or write) and what they can not.
      It's either access to everything or don't use/install it

      Comment


      • #53
        Originally posted by Danny3 View Post
        Maybe I din't explained well, I'm talking about the pop-up window that appears in Ubuntu when you launch a program and asks for your password.
        Maybe it's called superuser instead of root, I just said that because I don't know exactly what is called, but I know that it wants higher permission.
        I mean I understand what it asks for higher permission for Gparted for example, because that program can absolutely destroy everything, but I don't understand why others need this kind of power. Seriously?
        I see too many programs on linux saying "Give me the power to be God and destroy everything if I want".
        Of course I can say no, but then the program won't open. What's the point on that?
        That is because this functionality is implemented using a single bit (i.e in short, does this app need root Y/N?) and have been a part of Unix since 1971 and was more or less unchanged until Android needed something different. That said there shouldn't really by "too many" programs that require this, on my machine I have only Gparted, Wireshark and the package manager that requires to be run as root from the desktop.

        Originally posted by Pentarctagon View Post
        I'm not sure how this is all that debatable - Windows is taking certain security measures that most Linux distributions are not. ASLR in particular seems like something that should have been enabled everywhere a long time ago.
        Not really, what it happening here is that some Linux distributions offer more features than a default install of Windows 10 and that this feature comes with a potential security hole. Also file matching on Windows tends to be on file extension only, something that in this context is safer but also far more error prone for the functionality in question.
        Last edited by F.Ultra; 07 February 2017, 07:03 AM.

        Comment


        • #54
          Less secure? Maybe it's possible... On the one condition that you must count 'Microsoft having unrestricted access to all your files and settings' as "secure" that is, that you would trust Microsoft with all your data. A company that exists solely for profit and doesn't give two shits about what you think, yeah I think that sounds trustworthy as all hell.

          Comment


          • #55
            Originally posted by rabcor View Post
            On the one condition that you must count 'Microsoft having unrestricted access to all your files and settings' as "secure" that is, that you would trust Microsoft with all your data.
            About that...

            Originally posted by Mark Shuttleworth
            Don’t trust us? Erm, we have root. You do trust us with your data already.
            https://www.markshuttleworth.com/archives/1182

            Comment


            • #56
              Originally posted by chithanh View Post
              I'd rather trust canonical than microsoft, but thing is... I never claimed to trust canonical did I? But yes, point stands, I trust microsoft less than I trust the entire open source community, even the black hats. I trust the black hats to try to do black hat things, so I try to prevent them from being able to do so easily. I don't trust Microsoft not to. I.e. community threats are ones I can plan for, and if I wish, audit. Microsoft is a threat that cannot be planned for and cannot be audited, you have to trust them completely blindly, that's a whole another thing.

              And the difference between Microsoft and regular black hats is that Microsoft has 100% unrestricted access to all windows 10 systems, and if they decide to throw in a patch (which btw they have for win 7 through 8.1) they have it for older versions of windows as well. 24/7 no need for going through back doors, they go through the front and you can't lock the door on them. At least the black hats are usually just people or groups of people, they did not create your operating system, and they do not have unrestricted access to it from the very moment you install it and hook it up to the internet. They have to fight for your system, Microsoft and well I guess Canonical don't have to fight for it, but in Canonical's case, if they try to do something people don't like, they get called out for it because everyone can see their open source code and anyone can keep track of their patches and updates to their software which a lot of people do. Microsoft doesn't have to go through that sort of scrutiny they throw us their software and say "trust us, with everything, we'll do shit behind your back but don't worry, it's ok, you can trust us." except for their handful of open source ventures, which I admit is a bit surprising to me.

              Originally posted by duby229 View Post

              I suppose my experience predisposes me to broken machines and I had always just chalked it off to that, but I always thought OSX felt slow too! Like it's working hard just to work. It reminded me of XP on a Willamette P4.
              Trust me, I feel the same, and I also feel (i.e. in my experience) that it is no more secure than windows, it's at the very least less secure than windows overall, and the nearly absolute lack of antivirus software availability for OS X is what puts the final nail in the coffin, WHEN your mac gets a virus, that's it, you're fucked, chances are none of the tiny handful of antivirus solutions that exists for this OS can clear it out (I remember trying to clear out a virus from a macbook, I tried 3 antiviruses which were basically all I could find through google, they all caught something but none of them caught the virus that made the computer completely unusable). Same deal with iOS vs Andorid, and Apples software is just so friggin slow that I honestly don't know what makes people think their shit is worth the price. But hey I'm all for freedom of choice so people can burn their money on that crap if it makes them sleep better at night.
              Last edited by rabcor; 07 February 2017, 10:26 AM.

              Comment


              • #57
                Originally posted by Serafean View Post

                Actually,all OSX versions since version 10.5 (except for 10.7) are certified UNIX03. As for insecure : not much more than any other OS... I'd say better than windows at least.
                Yes, it's certified but it's nothing more, but propaganda.

                Comment


                • #58
                  Originally posted by duby229 View Post
                  I suppose my experience predisposes me to broken machines and I had always just chalked it off to that, but I always thought OSX felt slow too! Like it's working hard just to work. It reminded me of XP on a Willamette P4.
                  OSX on what hardware, and in what conditions? Because I was under the strong impression that any Mac running on Core Duo or later processors and with a desktop-grade HDD (7200rpm) or any kind of SSD easily beats windows on similar hardware as far as user experience is concerned.

                  Performance is actually lower, but user experience (system responsiveness) was pretty good.

                  Comment


                  • #59
                    Originally posted by rabcor View Post
                    Microsoft has 100% unrestricted access to all windows 10 systems, and if they decide to throw in a patch (which btw they have for win 7 through 8.1) they have it for older versions of windows as well. 24/7 no need for going through back doors, they go through the front and you can't lock the door on them.
                    This is true for any distro, anyway. If a package maintainer goes rogue or someone cracks the servers (happened to Linux Mint, was detected and shut down a few days later, but people had already downloaded infected stuff meanwhile) you don't have much defenses.

                    Comment


                    • #60
                      Originally posted by Pawlerson View Post
                      Thanks for the information. Hopefully they'll listen to grsecurity and make it better. Ps. FreeBSD has the same problem.
                      I pulled up the two threads where the grsecurity guy talks about it.


                      Comment

                      Working...
                      X