Linux more secure from back doors

CPMBasic1 · October 18, 2016, 1:46am

Is Linux more secure from back doors then windows?

Masterfulliam · October 18, 2016, 2:16am

Yes.

There was a lot of hubabaloo some years back when Linus Torvalds' Father said the NSA had approached Linus about back doors. They have not added any back doors to the kernel.

AFAIK however, Intel CPU's (And I think AMD too) could have back doors. Don't quote me on this, so if someone else wants to chime in, that'd be great. So you have to worry about hardware now, lol.

TheCaveman · October 18, 2016, 2:41am

Never confirmed, we'd need a snowden level leak to find out tbh. Probably one of those things that can be perpetually speculated but never will be confirmed.

Too be fair, if they had, they'd have to say they haven't. Probably because of the open nature that is linux, its less likely than windows which you can basically guarantee has some kind of back door built in. Not really anything a M$ could do to deny an NSA or FBI from forcing that upon them though.

Baz · October 18, 2016, 5:11am

Pretty sure there's some unknown bugs utilized that pops open a backdoor but maybe not implemented straight in the kernel but rather in some popular apps.

BGL · October 18, 2016, 5:40am

The Open Source nature means that people are free to examine the code in the kernel to see what it does. However...

There are now around 20 million lines of code, and few people who actually know their way around it all. Hiding something gets easier - that's why you should use checksum validation when you download stuff.

Also many popular distros include binary blobs inside the kernels they use. These are mostly proprietary device drivers, Microsoft have added some to help Linux run on hyper-v and azure. No FSF approved distro will include them, but few are up to date.

Fi ally most PC hardware is likely compromised. Modern CPU contain management engines that help with remote management. No one outside of the manufactures has seen the code for these any any US company has to work with the Federal government so....

Also remember NICs and HDDs also contain microprocessors and the UEFI on modern systems is also not open.

In short there are few guarantees that any modern machine os 100% secure from the NSA, but can definitely be made secure against the majority of criminals, most police agencies and probably most non US aligned governments... Probably.

MisteryAngel · October 19, 2016, 2:15am

Also in an addition to this.

People might remember the security issue with Linux Mint in the beginning of the year.
Allot of distribution creators post the checksums of their iso´s on the website aswell.
So in case wenn a website gets comprimised like with Linux mint,
not only could they have changed the iso with an compromised one,
but they also could have changed the checksum.
And that in my opinion is a vulnerability..

I think that it would be way more secure, if distro builders just would use net installers,
and do an automatic checksum check on the server side..
So wenn an installer is compromised, that it simply wont install atall.
But i think that something like that would be too hard to realise,
since there are soo manny spinoff distributions out there.

aghost7 · October 19, 2016, 11:00pm

The CPU backdoor thing that people talk about is afaik just the weakened random number generation instruction which is used for some cryptographic functions. Certain programs don't even use these instructions however, so I'm not too worried about it. Stuff like /dev/random uses multiple sources of entropy, including that possibly vulnerable instruction.

Grim_Reaper · October 23, 2016, 8:51pm

Well there is at least open hardware router made by my friends.

https://www.indiegogo.com/projects/turris-omnia-hi-performance-open-source-router-security-network#/

AFellowGamer · November 12, 2016, 8:04am

typically yes but it depends upon what version of linux, distro, setup etc

kungr · November 12, 2016, 8:20am

That rating order would be?

AFellowGamer · November 12, 2016, 2:15pm

If you mean operating systems it would be like this :

Most Secure : Linux
Mac OSX
iOS
Android
Less Secure : Windows

kungr · November 12, 2016, 4:48pm

I was thinking in terms of linux distros.

Most Secure: Minimal Gentoo Build??
Fedora
OpenSuse
Arch
Debian
Less Secure: Ubuntu

anon78696914 · November 12, 2016, 4:56pm

This https://wiki.gentoo.org/wiki/Hardened_Gentoo

Fedora vs Opensuse is pretty much a debate about AppArmor vs SElinux.

Arch is as Secure as you make it but because of the lack of singing in AUR it is a potential risk so if security is your main priority don't use AUR

Ubuntu is actually pretty secure since they have an enterprise facing section of their business so they do have to focus on it. The online search results have been turned off since 16.04. The big issue would be grabbing shady PPA's

But third party and unsigned repos are and issues everywhere. I do like the way Suse does it with Open Build service which works for all the major distros. Their Software search page has all their third party software with GPG keys for their distros.

Eden · November 12, 2016, 4:56pm

It's not that simple.

From download to install and use Fedora probably has the best security defaults. But from that point on its up to the user. It also depends on what your trying to secure it from?

(for sake of argument, the "default" security on those systems you mentioned would propbably go in this order of best to worst)

Fedora
OpenSUSE
Ubtuntu
Debian (maybe a tie with Ubuntu, it depends)
Gentoo
Arch

kungr · November 12, 2016, 5:33pm

Ascending or Desending?

anon78696914 · November 12, 2016, 5:42pm

If Gentoo is hardened it is hard to beat.

Zoltan · November 12, 2016, 6:19pm

You guys are forgetting some things lol:

BSD: BSD is as secure as GNU/Linux, and in basic configurations (read: consumer grade distros) undoubtedly more secure than Linux.
Most important point: MAC's and RBAC's: Most major linux distros have some kind of MAC and/or RBAC system on board. This is true for Android also by the way. The well implemented systems of that kind, wether the kernel is hardened or not, will provide almost full protection against exploits, even in the event that there is a serious exploitable bug in linux software, whether that be the kernel or system software. In Fedora, there is SELinux, which is also the system of choice for Android systems. A lot of users run that in permissive mode, which is not such a great idea, because it doesn't help making the protocols any better because errors don't manifest themselves as when running in restrictive mode. On Android, only Samsung devices run in restricted mode, Samsung Knox is basically SELinux with some extra code that uses some extra kernel NameSpace functions and some other crap, but it basically means that even if Samsung doesn't push through all security patches, the chances of a user with a non-rooted Samsung Android device getting malware on his system to actually cause damage or do something, is minimal, and Samsung knows that, that's why they are so relaxed in pushing out updates.

In the server world, the most popular system right now is OpenSuSE, which has a GUI tool for DIY hardening systems, from kernel to system software, through Yast. This is a revolution for two reasons: 1. you can harden your system completely à la carte, you don't have to compromise on functionality any more to run a hardened system, and 2. you can live patch the kernel, you can patch the kernel on a running system without rebooting, and that includes changing hardening parameters for the kernel, which of course increases the reliability of a server enormously in case of an attack, basically during an attack and full counterneasure reconfig, an OpenSuSE server can stay operational, whereas every other distro would have to be rebooted. Also super popular in the server world is Debian with the GRSEC kernel and hardening suite. This is an older kernel, even older than Debian stable, so very very old in terms of hardware support and functionality, and the hardening is not very flexible, but it is a much smaller form factor than a full OpenSuSE server install with GUI. You seldom hear of Linux servers been compromised in comparison to the number of attacks, even with long existing and known bugs that contain attack verctors, because the whole system is pretty tough to crack, even with serious bugs in it.

In the desktop world, there are of course the security mailing lists, and Arch, Debian, Fedora, OpenSuSE, Gentoo and Slackware are always very fast to issue patches for knowm security related bugs. Fedora is the only major distro that uses SELinux. Arch and Gentoo consider MAC/RBAC systems optional, as they consider everything optional because that's the philosophy of the super-custom, super-lean highly technical distros. Debian offers AppArmor, but not by default, unlike some non-major Debian spinoffs like Ubuntu, which incorporate AppArmor by default. AppArmor is lighter than SELinux, and more flexible. OpenSuSE also uses AppArmor by default. Slackware often runs as root, and is a bit different fron the other distros in that regard. Some slackware guys radically defend their point of view that running as root does not pose extra security risks. That is true insofar the user is very knowledgeable. It is certainly not true if the users are not well seasoned linux admins.

Any distro can be hardenend, there are a number of other MAC's available, like Tomoyo for instance, and ports thereof.

SELinux was developed by the NSA. It is open source, it's not evil software, every bit of code is known and well documented and further developed and maintained by a world wide open source community. The US government funds the development because such a system offers a great security bonus. Also a big contributor is the entire Android ecosystem, especially Google and Samsung.

Tomoyo was developed in similar fashion by the Japanese Secret Service. However, the Japanese government has ceased funding the project years ago, and it has become an independent open source project, and has given rise to several ports.

AppArmor of course benefits from the fact that it is in OpenSuSE and SLES. This means that it is also a fully independent pretty well funded project.

"Consumer" distros usually don't have a MAC/RBAC system. Especially minor distros often leave them away because they would just have to make too much exceptions, so that the shield would not be effective anyway. Typically, people that don't benefit from any MAC/RBAC system, and can just as well not install it to gain performance, are nVidia GPU users. nVidia refuses to cooperate for the benefit of developing decent open source drivers. Through crowd funding, open source drivers were developed through extensive reverse engineering, but these drivers do not offer the same performance as nVidia's own closed source Windows drivers, which are ported by nVidia for use in Linux. Intel and AMD have cooperated with the open source communities to develop open source drivers that allow users to run a kernel that is not tainted with binary blobs, and to have drivers that use Kernel Mode Switching. This has the advantage that displays are from system boot recognized and configured in linux, unlike displays controlled by nVidia GPU's, but it also has the advantage of lower overhead and above all, the possibility to succesfully run a MAC/RBAC on the system. Using proprietary drivers on a linux system are the biggest security risk one can possibly take, because it always invariably requires making exceptions to the MAC/RBAC, and that means that you're pretty much hanging up a safety net with big holes in it.

A further security risk sits in using non-major distros. The major distros are the upstream, the origin of code. Minor distros like Ubuntu or Mint, take the code from the Debian project and adapt it to their packaging systems. That means that it takes a while for patches to trickle through. Ubuntu usually is pretty good at keeping up with Debian, but Mint isn't, and Mint is probably also one of the most dangerous linux distros to use because of their update policy, whereby they pretty much update systems as little as possible by default. This means that sometimes, important patches never reach the majority of the Mint install base. Other derivative distros take a little longer than their upstream major sister distro, but do a pretty good job, even though they don't care about MAC/RBAC systems, for instance Manjaro, which also packs a lot of non-open-source code by default, which potentially contains security risks.
A last factor is the package management system. Traditional package management systems are mainly the system as used by so-called RPM-distros (RedHat Package Management) vs the system used by most others. RPM distros not only have more stringent requirements when it comes to packaging software and documenting the process, they also offer all software packages on servers to users over encrypted sockets. Other distros do not do this. That means that Fedora/RHEL, OpenSuSE/SLES and Mageia/ROSA, the major distros that use RPM, offer protection against MIM attacks on packages. Other distros don't. This is also a major potential attack vector, that is only addressed by RPM distros.

Eden · November 12, 2016, 6:21pm

Best to worst.

@Adobe_Flash_Player I'm talking default. Any distro can be hardened. Gentoo has some good tools to do it. The discussion is kinda irrelevant unless there's an end goal or were talking about a specific aspect of security.

aghost7 · November 13, 2016, 4:11am

Ubuntu is based off Debian testing so wouldn't they actually have packages that are sometimes even more up to date than Debian? Even though its a derivative.

Ivan_Vidal · November 13, 2016, 7:09am

One backdoor to rule them all: the user habits.

Windows 7 is NSA hak backdoored as hell. lol they have that on the machines on the US/mx border as on the pentagon I bet my cat. Also some old school rfid readers for migrant visas. :thinkingemoji: