 |
Puppy Linux Discussion Forum Puppy HOME page : puppylinux.com "THE" alternative forum : puppylinux.info
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in|
The time now is Fri 24 May 2013, 04:01 All times are UTC - 4 |
 Forum index » Off-Topic Area » Security |
|
What makes Linux safer than Windows?
|
 
|
View previous topic :: View next topic |
| Page 3 of 7 [99 Posts] | Goto page: Previous 1, 2, 3, 4, 5, 6, 7 Next |
| Author | Message | ||||||||
|---|---|---|---|---|---|---|---|---|---|
droope
 Joined: 31 Jul 2008 Posts: 814 Location: Uruguay, Mercedes |
I do my calculations this way: No bad news = Good news. 
_________________ What seems hard is actually easy, while what looks like impossible is in fact hard. “Hard things take time to do. Impossible things take a little longer.” –Percy Cerutty Mi blog (Spanish) |
||||||||
|
|||||||||
 |
|||||||||
Bruce B
 Joined: 18 May 2005 Posts: 10818 Location: The Peoples Republic of California |
Comments on Subjects Discussed An unmounted partition can be copied bit for bit. It can be erased, formatted and ?? If I were concerned about viruses (malware), I wouldn't use a virus scanner. The reason being is I don't think the signature databases contain much if any Linux signatures. I would, if I were very concerned, maintain my own md5sum database of files. With the checks looking for changes, new files and deleted files. The report used to alert me to things I might want to look into. With Linux, files can be set so even root can't modify or delete them. Some of the key files used in traditional root kits can be set immutable and this would make it more difficult to install a traditional root kit. _________________ New! Puppy Linux Links Page |
||||||||
|
|||||||||
|
|||||||||
|
Lobster
Official Crustacean  Joined: 04 May 2005 Posts: 15109 Location: Paradox Realm |
Using something like this for penetration testing (sounds a bit erotic to me) http://www.pentoo.ch/ should keep the tin hats happy for a while . . . Let us know of any vulnerabilities one or two of us might even care . . . 
_________________ Puppy WIKI |
||||||||
|
|||||||||
|
|||||||||
|
Bruce B
Joined: 18 May 2005 Posts: 10818 Location: The Peoples Republic of California |
Judging by the scope of things, you might be close. I did read this much at the site.
Probably not, unless you send pics of her first. Take a little - give a little. Send pix of the eX - they wouldn't care. _________________ New! Puppy Linux Links Page |
||||||||
|
|||||||||
|
|||||||||
|
Lobster
Official Crustacean Joined: 04 May 2005 Posts: 15109 Location: Paradox Realm |
Most of us experienced Windows (security nightmare) Other distros, so secure you can not even open your own CD drive - bah - humbug. 
Then carefree Puppy usage 
Carefree I like.
We have special tin hatted penguins to do our worrying. They have been programmed this way (probably by the government) 
Maybe to our so secret everyone knows about it black ops Puppy users 
http://puppylinux.org/wikka/BlackOps _________________ Puppy WIKI |
||||||||
|
|||||||||
|
|||||||||
clarf
 Joined: 13 Jun 2007 Posts: 606 Location: The old Lone Wolf |
A short answer for the initial question. Windows never was designed with security in mind. If you read: http://www.computerworld.com/s/article/9139364/In_six_years_of_Patch_Tuesdays_400_security_bulletins_745_vulnerabilities?taxonomyId=17&pageNumber=1 Then you´ll see that Microsoft had released so many security patchs for each Windows versions that you´ll conclude this software quality standards and design are very poor for a secure OS. It´s true that recently Microsoft redesigned the architecture of Windows and Microsoft have many defense-in-depth improvements in Windows Vista. Even the level of security alerts are fewer than XP: 
There are other technologies like Kernel Patch Protection (protects code and critical structures in the Windows kernel from modification), user account control (Microsoft called UAC one of the "most controversial" features of Vista for the thousands of unnecessary prompts fo each system change) and others in the way for Windows 7: http://windowsteamblog.com/blogs/windowssecurity/archive/2009/04/20/windows-7-security-helping-enable-the-mobile-workforce.aspx But those technologies are immature, problematic and the better ones are aimed for Server versions (the expensive line), future releases (x64 architectures) and are not available for end users using standards Windows versions. That's why Linux which is based on BSD Unix at its heart, are fundamentally safer. Their design were multi-user, networked systems to support Server machines. clarf |
||||||||
|
|||||||||
|
|||||||||
|
PaulBx1
Joined: 16 Jun 2006 Posts: 2308 Location: Wyoming, USA |
Yes, but who uses Puppy this way? Almost everyone full installs it or uses pupsaves or multisessions. Pfix=ram is a diagnostic function, not the way people work normally. OK, maybe for online banking, it might make sense to put up with the inconvenience, but that would be about it. And that wouldn't protect you from malware that came in during that same session. Multisession ability to throw away the last sessions does not help you if the malware is quiet. A keylogger for example. You have to KNOW there is a problem, to throw away sessions. No, I think this claim that Puppy's liveCD nature protects it, is almost completely bogus. The instant unionfs allowed everything to be writable, that evaporated. Even before then, certain directories could harbor malware. But now when you run the "ls" command, who knows what you are really doing? Maybe we need to make that "tripwire" program a standard feature of Puppy. It would also be nice if we could control the directories that are writable. That is, nothing is writable in e.g. /bin unless we give a go-ahead first. And the directory where tripwire is located is not writable at all (comes only from the CD). This may be a bit too tinfoil-hat-like for Barry though.
BTW, if you go look at the release notes for each version of OpenBSD, it's amazing how many vulnerabilities they plug each release, and they have been focusing on security for a very long time. Linus even called them a bunch of masturbating monkeys.  One would think they'd run out of vulnerabilities at some point, but I guess not...
|
||||||||
|
|||||||||
|
|||||||||
drongo
 Joined: 10 Dec 2005 Posts: 328 Location: UK |
Who uses Puppy this way? Well I do, a lot of the time, depending on which machine I am using. I have never done a full or frugal install of Puppy in the five years or so I have been using it. It always surprises me when people on this Forum claim to know how everyone else uses Puppy. You don't know, I don't know, Barry doesn't know, nobody knows. I have no idea if most people use full, frugal, multi-session or whatever. It started life as a live-CD and that is mostly how I use it. Some machines I use may have a pupsave, but most don't. I don't know what the rest of you do, I suspect some of the longer-term users still use pfix=ram. But I really don't know, and neither does anybody else. If I use pfix=ram I don't need the tin-foil hat. I don't do online banking and probably never will. |
||||||||
|
|||||||||
|
|||||||||
sikpuppy
 Joined: 29 Mar 2009 Posts: 433 |
If linux had a unified set of default software and settings, as does Windows, it would be just as insecure (or secure). Because each installation of Linux differs by at least some degree, unless it's on identical computers, any malware doesn't have much of a chance to propagate beyond that same setup. I suppose I get a bit tired of people claiming Linux is so secure that it never gets hacked, because in fact it does get hacked, and for the reason I mentioned before. Large corporations and governments who use Linux often have many identical machines, running identical Linux setups. Since they are all up to the same "patch" level for vulnerabilities then it stands to reason that they are all vulnerable. However, for the average user on a small network this generally isn't an issue, and that is a reason I can see that people feel (for the wrong reasons) that Linux is necessarily more secure than Windows. _________________ ASUS A1000, 800Mhz PIII Coppermine!, 192Mb RAM, 10Gb IBM Travelstar HDD, Build date August 2001. |
||||||||
|
|||||||||
|
|||||||||
|
Sylvander
Joined: 15 Dec 2008 Posts: 2855 Location: West Lothian, Scotland, UK |
1. "I don't do online banking and probably never will." There's no way I'd be without my online banking; it's just so convenient. The stuff I can do with it is just SUPERB! [Just like Puppy] When I went looking for a more secure operating system than Windows, to use for online banking... A friend suggested I give Puppy Linux a try. I'd tried a number of Linux distros, and Puppy was the 1st that made we want to stay with it; with the others it seemed to me like pulling teeth just to get the simplest things done. I'm happy that the techniques I use in conjunction with Puppy provide an adequate level of security. |
||||||||
|
|||||||||
|
|||||||||
|
PaulBx1
Joined: 16 Jun 2006 Posts: 2308 Location: Wyoming, USA |
Yeah, but we can guess. Most people probably work on one or maybe two computers with Puppy. Why would they NOT use the persistent storage feature of Puppy? Because they enjoy setting up their networking over and over? Boy, the Network Wizard must be a lot of fun, if they like to do that. And without persistent storage, there is no saving of browser bookmarks or emails or anything else like that.
Even if people who boot pfix=ram all the time were as high as 10% (very doubtful - not even you do it all the time), you are still ignoring 90% of the users with your solution. Q.E.D., Puppy is really like any other linux distro with respect to security; it is not read-only (except with the quibble, if that it is, about root logins). |
||||||||
|
|||||||||
|
|||||||||
|
drongo
Joined: 10 Dec 2005 Posts: 328 Location: UK |
It's not my solution! My point is merely that, as originally designed, Puppy is fairly safe even with a default root user. With no persistent storage it's about as safe as you can get with a reboot clearing out all nasties. Mind you earlier Puppies seemed to boot faster (or that may just be my faulty memory) so rebooting was not much of a chore. You get quite good at using the Network Wizard after the first hundred times. If people want to install a live CD that is their lookout. I'm still intrigued enough by the possibility of a live-CD OS to be sad enough to want to use it that way. The only thing I ever saw that had this capability before Knoppix was Solaris on a SPARC workstation in about 1995 (boy, were those guys ahead of their time - and very expensive.) If you do a full install and run as root I'd say you are probably not that secure, except that Puppy has a different file structure to the traditional Linuxes so you are relying on security through obscurity. It seems to be similar to Slackware in some ways, so if there were a Slack-specific virus/logger/rootkit/whatever I suppose that might be a problem. Recent events on one of the websites indicate that we have now raised our heads above the parapet enough to be a target. I think I'll erase pupsave now! Now where is my tinfoil hat? |
||||||||
|
|||||||||
|
|||||||||
Pizzasgood
 Joined: 04 May 2005 Posts: 6270 Location: Knoxville, TN, USA |
Playing the devils advocate: Rather than rerun the network wizard (and rather than always type in pfix=ram) a chronic pfix=ram'er could simply make a remaster that has the network preconfigured and pfix=ram set up by default. Include some bookmarks and home page while he's at it. Those few steps can go a long way toward making pfix=ram mode tolerable. (Assuming the same machine/network were being used each time. This isn't as useful to a nomad.) _________________ Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib  |
||||||||
|
|||||||||
|
|||||||||
|
drongo
Joined: 10 Dec 2005 Posts: 328 Location: UK |
That's a very good suggestion Pizzasgood. Even if you used two or three wireless hotspots it would work fine. Back when new versions of Puppy were coming out every couple of weeks I guess it would have been too much trouble. Now there is a slightly more sedate pace it would be a good idea. Never thought of myself as a chronic pfix=ram'er before. Do I need help? |
||||||||
|
|||||||||
|
|||||||||
|
Pizzasgood
Joined: 04 May 2005 Posts: 6270 Location: Knoxville, TN, USA |
If you typically use your OS in a mode that does not retain malware, you probably don't need help. Or at least, less help than the average computer user..... _________________ Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib |
||||||||
|
|||||||||
|
|||||||||
| Page 3 of 7 [99 Posts] | Goto page: Previous 1, 2, 3, 4, 5, 6, 7 Next |
|
|
View previous topic :: View next topic |
|
Forum index » Off-Topic Area » Security |
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum You cannot attach files in this forum You can download files in this forum |
Powered by phpBB © 2001, 2005 phpBB Group