From 6632e435e5f11d2f94c888152b168a1ed85d3a91 Mon Sep 17 00:00:00 2001 From: Tommy Date: Sun, 17 Jul 2022 18:44:06 -0400 Subject: [PATCH] Minor updates Signed-off-by: Tommy --- content/donate.md | 6 +++++- content/os/Linux Insecurities.md | 22 +++++++++++++++++----- public/donate/index.html | 3 ++- public/os/index.html | 2 +- public/os/linux-insecurities/index.html | 2 +- public/tags/linux/index.html | 2 +- public/tags/operating-system/index.html | 2 +- public/tags/security/index.html | 2 +- 8 files changed, 29 insertions(+), 12 deletions(-) diff --git a/content/donate.md b/content/donate.md index 1a056c7..e3b444e 100644 --- a/content/donate.md +++ b/content/donate.md @@ -7,7 +7,11 @@ The domain costs us $12/year to renew from Google. We got our repository hosted The real cost is the time and energy we put into writing, testing, and fact checking the content. Some of our members may want accept donation, and you can donate to them individually. ### June -**XMR**: `49b1PUPeHJEDwZqaaQm4MQUjycY8ckEko53jvTcPB5yE2QKoS5haNe3Fnbg1Le7nSkgUkm4tcpj4Z2YmtaT3j6KVUVgBGw2` +**Monero**: `49b1PUPeHJEDwZqaaQm4MQUjycY8ckEko53jvTcPB5yE2QKoS5haNe3Fnbg1Le7nSkgUkm4tcpj4Z2YmtaT3j6KVUVgBGw2` + +### Randomhydrosol +**Bitcoin**: `bc1qchel9lzhuv3ayfp58yfdu7sxsjw2svgugtvj4v` +**Monero**: `49yB5DPXK9TJVj5Jq5DkvrXd4wkFnoeC56mPED85bf5wHTUYmSyoYFEbVyyTciKzjFTo1kxMJMiCpLwuR96fT2NWS1hPVFG` --- diff --git a/content/os/Linux Insecurities.md b/content/os/Linux Insecurities.md index 0c1a4eb..54611b0 100644 --- a/content/os/Linux Insecurities.md +++ b/content/os/Linux Insecurities.md @@ -8,16 +8,28 @@ There is a common misconception among privacy communities that Linux is one of t There is already a very indepth technical blog explaning the various security weaknesses of Linux by Madaidan, [Whonix](https://www.whonix.org/)'s Security Researcher. This page will attempt to address some of the questions commonly raised in reaction to his blog post. You can find the original article [here](https://madaidans-insecurities.github.io/linux.html). -### Why is Linux used on servers if it is so insecure? +## Why is Linux used on servers if it is so insecure? On servers, while most of the problems referenced in the article still exists, they are somewhat less problematic. On Desktop Linux, GUI applications run under your user, and thus have access to all of your files in `/home`. This is in contrast to how system daemons typically run on servers, where they have their own group and user. For example, NGINX will run under `nginx:nginx` on Red Hat distributions, or `www-data:www-data` on Debian based ones. Discreationary Access Control does help with filesystem access control for server processes, but is useless for desktop applications. -Another thing to keep in mind is that Mandatory Access Control is also somewhat effective on servers, as commonly run system daemons are confined. +Another thing to keep in mind is that Mandatory Access Control is also somewhat effective on servers, as commonly run system daemons are confined. In contrast, on desktop, there is virtually no AppArmor profile to confine even regularly used apps like Chrome or Firefox, let alone less common ones. On SELinux systems, these apps run in the UNCONFINED SELinux domain. -Work in progress +Linux servers are lighter than Desktop Linux systems by order of magnitude, without hundreds of packages and dozens of system daemons running like X11, audio servers, printing stack, and so on. Thus, the attack surface is much smaller. -### Can't Linux be configured to be most secure operating system? +## Linux Hardening Myths -### Isn't it impossible to backdoor Linux because it is open source? \ No newline at end of file +There is a common claim in response to Madaidan that Linux is only insecure by default, and that an experience user can make it the most secure operating system out there, surpassing the likes of macOS or ChromeOS. Unfortunately, this is wishful thinking. There is no amount of hardening that one can reasonably apply as a user to fix up the inherent issues with Linux. + +### Lack of verified boot + +macOS, ChromeOS, and Android have a clear distinction between the system and user installed application. In over simplified terms, the system volume is signed by the OS vendor, and the firmware and boot loader works to make sure that said volume has the authorized signature. The operating system itself is immutable, and nothing the user does will need or be allowed to tamper with the system volume. + +On Linux, there is no such clear distinction between the system and user installed applications. Linux distributions are a bunch of packages put together to make a system that works, and thus every package is treated as part of said system. The end result is that binaries, regardless of whether they are vital for the system to function or just an extra application, are thrown into the same directories as each other (namely `/usr/bin` and `/usr/local/bin`). This makes it impossible for an end user to setup a verification mechanism to verify the integrity of "the system", as said "system" is not clearly defined in the first place. + +### Lack of application sandboxing + +Operating systems like Android and ChromeOS have full system mandatory access control, every process from the init process is strictly confined. Regardless of which application you install or how you install them, they have to play by the rules of an untrusted SELinux domain. + +On Linux, it is quite the opposite. \ No newline at end of file diff --git a/public/donate/index.html b/public/donate/index.html index c4fed09..bc51460 100644 --- a/public/donate/index.html +++ b/public/donate/index.html @@ -1,5 +1,6 @@ Donate | PrivSec.dev -

Donate

Table of Contents

The domain costs us $12/year to renew from Google. We got our repository hosted for free on GitHub. We got our site hosted for free with Firebase. It costs Tommy ~$20/month to run the mail server, but that server is used for a bunch of his projects, not just PrivSec, and we doubt it will be used that much anyways. The point is, this website does not cost much to run, and as such we will not be accepting donation as a project.

The real cost is the time and energy we put into writing, testing, and fact checking the content. Some of our members may want accept donation, and you can donate to them individually.

June

XMR: 49b1PUPeHJEDwZqaaQm4MQUjycY8ckEko53jvTcPB5yE2QKoS5haNe3Fnbg1Le7nSkgUkm4tcpj4Z2YmtaT3j6KVUVgBGw2


Alternatively, please consider donating to the projects below. These are projects which we rely on for our own digital safety and recommend to our readers. They are vital for the privacy, security, and safety of thousands of people.

GrapheneOS

Donation Link: grapheneos.org/donate