What makes Linux safer than Windows?

[PaulBx1]

It always surprises me when people on this Forum claim to know how everyone else uses Puppy. You don't know, I don't know,

Yeah, but we can guess. Most people probably work on one or maybe two computers with Puppy. Why would they NOT use the persistent storage feature of Puppy? Because they enjoy setting up their networking over and over? Boy, the Network Wizard must be a lot of fun, if they like to do that. And without persistent storage, there is no saving of browser bookmarks or emails or anything else like that.

Even if people who boot pfix=ram all the time were as high as 10% (very doubtful - not even you do it all the time), you are still ignoring 90% of the users with your solution.

Q.E.D., Puppy is really like any other linux distro with respect to security; it is not read-only (except with the quibble, if that it is, about root logins).

[drongo]

It's not my solution! My point is merely that, as originally designed, Puppy is fairly safe even with a default root user. With no persistent storage it's about as safe as you can get with a reboot clearing out all nasties.

Mind you earlier Puppies seemed to boot faster (or that may just be my faulty memory) so rebooting was not much of a chore.

You get quite good at using the Network Wizard after the first hundred times.

If people want to install a live CD that is their lookout. I'm still intrigued enough by the possibility of a live-CD OS to be sad enough to want to use it that way. The only thing I ever saw that had this capability before Knoppix was Solaris on a SPARC workstation in about 1995 (boy, were those guys ahead of their time - and very expensive.)

If you do a full install and run as root I'd say you are probably not that secure, except that Puppy has a different file structure to the traditional Linuxes so you are relying on security through obscurity. It seems to be similar to Slackware in some ways, so if there were a Slack-specific virus/logger/rootkit/whatever I suppose that might be a problem.

Recent events on one of the websites indicate that we have now raised our heads above the parapet enough to be a target.

I think I'll erase pupsave now! Now where is my tinfoil hat?

[Pizzasgood]

Playing the devils advocate: Rather than rerun the network wizard (and rather than always type in pfix=ram) a chronic pfix=ram'er could simply make a remaster that has the network preconfigured and pfix=ram set up by default. Include some bookmarks and home page while he's at it.

Those few steps can go a long way toward making pfix=ram mode tolerable.

(Assuming the same machine/network were being used each time. This isn't as useful to a nomad.)

[drongo]

That's a very good suggestion Pizzasgood. Even if you used two or three wireless hotspots it would work fine.

Back when new versions of Puppy were coming out every couple of weeks I guess it would have been too much trouble. Now there is a slightly more sedate pace it would be a good idea.

Never thought of myself as a chronic pfix=ram'er before. Do I need help?

[Pizzasgood]

If you typically use your OS in a mode that does not retain malware, you probably don't need help. Or at least, less help than the average computer user.....

[PaulBx1]

If people want to install a live CD that is their lookout. I'm still intrigued enough by the possibility of a live-CD OS to be sad enough to want to use it that way.

Well I use it that way, too. But with persistent storage (pupsave). I don't deceive myself I'm getting a read-only installation by doing that.

Pizzasgood has a solution to ease the pain of going full read-only. IIRC not everything configured gets copied over in a remaster though.

[Pizzasgood]

No, it doesn't. But the last time I used the remaster script it had a part where it paused and told you where the build tree was (somewhere in /tmp) to give you a chance to make manual changes that would not be discarded.

Nobody has to be limited by the remaster script. My Edit-SFS program has been around for three years now (and it just got a complete rewrite a month or so ago and is much nicer now). I think a couple other people have written similar tools over the years. And even without those, it's not all that hard to just run the commands to extract and rebuild a .sfs file by hand.


As for actually locating the changes to include in the remaster, I believe the network configuration is under /etc/network-wizard. But if you're just doing a personal remaster to be used on the same machine/network, you may as well just grab /etc in it's entirety. There's nothing in there that absolutely should not be included in that sort of remaster, unless you use wireless or dialup and don't want the key/password saved inside the CD as plaintext. This way you also get the keyboard, mouse, video, and timezone configurations too.

[mojo558]

I may be considered to be "paranoid" by making the statement I am about to make here but, I've never been considered to be the brightest penny in the roll either.
I know of a VERY reputable Web-zine which broke the news that MS was installing software (I.E. "updates') on users machines even though their machine's security settings didn't allow it. IT WAS TURNED OFF and still MS installed software.
The next day they had a fire in their building and it shut them down.
MS is a ... what ......$800 billion company ????
They need to protect their assets. e.i. Windows . Which is a work in progress and always will be. MS made their money by selling this product. If they don't keep selling it and Coming up with bigger and better (Win 2,3, 95, 98, 2000, Milineum, XP , 7 , ect......) they would eventually go broke. So, how do you up-sell a product to the public ???
The newer system works "Better" it is more "Secure" and user friendly.
What convinces them ??
Viruses, Malware, S P Y WA R E and here is the kicker.
You ready for this ??
MS has a "Security" department manned with code writers whose sole job is to break Windows.
They get paid to intentionally write bad code.
You cant possibly believe that there are actually enough common people knowledgeable enough to produce the MILLIONS of viruses, etc that irritate you enough that you cant wait till something "better" comes out. And they are really successful at it.
That's part of why Puppy and Other Linux distros are more secure,...they are FREE.

[Pizzasgood]

You cant possibly believe that there are actually enough common people knowledgeable enough to produce the MILLIONS of viruses, etc that irritate you enough that you cant wait till something "better" comes out. And they are really successful at it.

I haven't done any malware writing (it's on my to-do list though (for educational purposes!)). But considering what I do know about programming in general, and considering how many people there are on this planet who have computer and internet access, it doesn't seem remarkable to me. Also, I'm willing to bet that there really aren't that many viruses. Probably a lot of them are just rehashes of eachother, so that the total number could be knocked down by an order of magnitude or two.

I don't think the people who work at MS intentionally write insecure code, so much as that they intentionally don't write much secure code. Because writing and testing secure code takes time, and time is money. So they write code that is merely good enough, release it, and then patch it as needed later.

Therefor, I do agree with this statement anyway:

That's part of why Puppy and Other Linux distros are more secure,...they are FREE.

[xman]

Answer isn't browser?

Pwn2Own 2010 there is still no trace of Linux as possible target. Is it too harder to find exploits for Linux or a non commercial operating system has no interest for exploit hunters?

What is the Champion saying?
http://www.oneitsecurity.it/01/03/2010/ ... r-pwn2own/

Pwn2Own 2010 first day: Safari, IE8 and Firefox all fall but Chrome stands still.

[DMcCunney]

I don't think the people who work at MS intentionally write insecure code, so much as that they intentionally don't write much secure code. Because writing and testing secure code takes time, and time is money. So they write code that is merely good enough, release it, and then patch it as needed later.

They're fussier about writing secure code now. But when you have millions of lines of legacy code, there will be plenty of written-in-the-past code to patch for the foreseeable future.

A lot of the security issues are understandable oversights, like buffer overflow exploits. It never occurred to the programmers who who wrote the affected code that anyone might deliberately try to overflow a buffer with bad intent. Back then, such exploits weren't even gleams in bad guy's eyes.

They're fussier these days, because while it takes more time to do it right to begin with, it costs more to fix it later.
______
Dennis

[DMcCunney]

MS has a "Security" department manned with code writers whose sole job is to break Windows.
They get paid to intentionally write bad code.
You cant possibly believe that there are actually enough common people knowledgeable enough to produce the MILLIONS of viruses, etc that irritate you enough that you cant wait till something "better" comes out. And they are really successful at it.
That's part of why Puppy and Other Linux distros are more secure,...they are FREE.

Yes, I can believe there are enough people to write all those viruses and malware. Most of it is knock-off copies of earlier viruses, with minor changes. Some of it is done by "script kiddies" who can't write a line of real code, using hex editors to make changes in the binaries.

The amount of genuinely new code in the wild is a small fraction of the total, and with hundreds of millions of PCs running Windows around the world. hundreds of thousands of virus writers isn't beyond the realm of possibility.

Microsoft makes it's main living selling Windows and Office, but you have to remember who Microsoft thinks the customer is. They are a B2B company, and their idea of the customer is likely the corporate CIO who can sign off on a site license for thousands of copies of Windows. He's going to be fussy about what he buys. (Witness the slower than hoped for uptake of Vista, as most corporations waited for Win7.)

They aren't going to deliberately write insecure code, and upgrading to make things more secure isn't their pitch. Note that they issue regular security patches, free of charge, on "patch Tuesday", and you are encouraged to turn on Automatic Update to get them. Making those patches and distributing them costs money. I assure you MS would be just as happy if it wasn't necessary. they'd rather spend the money on new stuff that might spur sales and increase revenue, instead of fixing old stuff that won't add a dime to their bottom line.

My complaint isn't that Windows is insecure. When you have a system as big and complex as Windows, it's almost inevitable. It's that Microsoft didn't recognize the gravity of the situation, push for more secure code to begin with, and start issuing automatic security updates about 5 years earlier than they did.
______
Dennis

[nooby]

Apologize for not reading all postings in this thread.

Even if M$ are totally innocent I still care about security in linux.

I know too little to protect myself enough.

Puppy at least has a firewall that I can activate in set up while neither Elive nor Antix had such and the one in ubuntu and Mint I totally failed to understand if it was active or not.

Puppy has promised me that it is active when I set it up.
I am at their mercy.

To be root seems to not the best thing to be. and there do exist a puppy that allow one to create users and passwords.

Maybe next puppy should be set up so one can chose if one want to be root or more protected.

[RetroTechGuy]

Apologize for not reading all postings in this thread.

Even if M$ are totally innocent I still care about security in linux.

I know too little to protect myself enough.

Fortunately, most of the problems come from the OS "helping" the user by automagically installing software. For example:

http://www.messagingnews.com/story/koob ... ons-rising

These sorts of bogus links are amusing from a Linux standpoint (and generally, even a Win98 standpoint) -- the dumb OS asks "what do you want to do with this executable?"... Then you can answer: "I'll tell you what to do with that F$*!@&ing virus infected executable..."

I sometimes save those to disk, so I can scan them to see what kind of virus they're trying to push.

To be root seems to not the best thing to be. and there do exist a puppy that allow one to create users and passwords.

Although the core of the system is read only. So such a virus would have to install itself in your /usr/local/bin/ or some such.

That is effectively how you would infect a user on a multi-user system (except it would place the virus in your home directory, as it would not have write privilege to place it in /usr/local/bin/).

So, while running as root may not be ideal, it's not as bad as it looks, with this particular implementation.

Of course, your concern is a good reason to create multiple pupsave files. One for general browsing, one for more secure uses (email, etc), and/or perhaps a pupsave that is used only for online banking and such.

And for the latter use, if you were really paranoid, you could create a fully functional pupsave, then make a backup copy, and every few days copy that master-backup over the top of the secure banking pupsave (to erase any changes which might have been inserted into the system) -- or perhaps even after every use.

[jamesbond]

To be root seems to not the best thing to be.

Read this: Fear Not Root, and tell us what you think. Many people regurgitate "running as root is bad", but they seldom back it up with the reasons to the point that it almost becomes a myth.

[DMcCunney]

Even if M$ are totally innocent I still care about security in linux.

I know too little to protect myself enough.

Puppy at least has a firewall that I can activate in set up while neither Elive nor Antix had such and the one in ubuntu and Mint I totally failed to understand if it was active or not.

Puppy has promised me that it is active when I set it up.
I am at their mercy.

The first question you need to ask is what are you protecting yourself from.

On Windows. the answer is viruses and malware. On Linux, those aren't a concern as they don't really exist for the platform. They are specific to Windows, as they hook into Windows code to do their work.

To be root seems to not the best thing to be. and there do exist a puppy that allow one to create users and passwords.

And I wish that were standard in Puppy.

One of the changes Windows made as of Vista was to make the default user profile a "Power user" profile as a security measure. Previous versions of Windows through XP assumed the logged in user was administrator with full powers to modify the machine. A lot of viruses and malware require that access to do their dirty work, and bounce off if the user doesn't have it.

Vista's switch to defaulting to Power User caused much wailing and gnashing of teeth, but it's arguably what Windows should have done all along.

Puppy is like MS-DOS and older versions of Windows. It assumes the user running it is the administrator.

Viruses and malware aren't really problems in *nix, but casual root access can be. Historically, Unix systems were mullti-user, with more than one user logged on and working at a time, and I've spent time over the years locking down systems so users couldn't casually get get root access and possibly shoot somebody else in the foot. Normal users get the equivalent of power user profiles, can only install software and make changes in their own home directory and directories below it, and can't affect the rest of the system.

The whole point of a firewall is to prevent unauthorized access and control traffic between your system and others. Like other distros, Puppy uses iptables to implement a firewall. Do a search on iptables to get a better idea of what it does and how it does it.

Your real question is "Can someone from outside get unauthorized access to my Puppy system?" The general answer is "Probably not. First, they'd have to be aware it existed. Then, they'd have to have a way to get in. And last, they'd need a reason to try."

I don't worry about it on my Puppy box. At home, it's behind a hardware firewall as well as the software firewall Puppy makes, and it's one of many thousands of systems in my area. And if someone does manage to get into it, there's nothing of value for them to get at.

People trying to break into systems will be motivated by bragging rights or material gain. In either case, there's nothing of interest on my system. They won't get bragging rights breaking into a dinky single user Linux system, and they won't get access to anything that might get them money, like access to the userids and passwords to my bank and credit card accounts. I don't do that stuff from the Puppy machine.

Maybe next puppy should be set up so one can chose if one want to be root or more protected.

I'd be delighted if proper multi-user support got put back into Puppy. You don't have to be root to do the vast majority of things you normally do on Linux. You only need to be root to install software (and not always then) or make other changes that affect the whole system.

Puppy gets away with "All root, all the time", because it's an explicitly single-user system, and the person who installed and configured it is almost certainly that user. If you shoot yourself in the foot doing the wrong thing as root, hey, it's your foot. No one else suffers collateral damage.

In a different setting, like a corporate desktop where more than one person might use the machine, Puppy is the last Linux distro you would install. You need a distro with honest to God multi-user support, where each user can have their own ID, and the ID can be customized for what that user will do with the machine.

On current flavors on *nix, even the administrator doesn't run as root. They log in as a normal user, and if they need admin powers to do something, they use su or sudo to acquire them, and return to a normal ID when they are done. Solaris systems won't let you log on as root unless you are at the system console. From anywhere else, you must use a normal ID and then su to become root.

Does it take a few extra steps to do administrative stuff? Yes. Is this bad? No. It should be harder to make changes that can affect or even put down the whole system.

I've been an administrator responsible for multiple systems, logged into several at any given time. I took pains to do things like customize my prompts and use different color schemes in telnet session to make obvious just what box I was on in a session and whether I was on as root. It would have been way too easy to shoot everyone in the foot by typing the wrong commands into they wrong system.

I run as root in Puppy because I have to, and I wish I didn't. I'm used to being able to create IDs customized for various purposes and being able to use them to do specific things.

I've never quite understood the rationale behind making Puppy root only and removing the normal multi-user infrastructure, unless it was a matter of "It's easier to install and maintain the system if you don't have to worry about permissions problems". Perhaps, but you should worry about permissions, and there are at least a few applications out there that complain or refuse to run if you are root because of potential security problems.
______
Dennis

[DMcCunney]

To be root seems to not the best thing to be.

Read this: Fear Not Root, and tell us what you think. Many people regurgitate "running as root is bad", but they seldom back it up with the reasons to the point that it almost becomes a myth.

It's not a myth.

There's a critical distinction that gets overlooked. Linux is designed to be a work-alike for Unix. Unix and Linux are both inherently multi-user systems, that implicitly assume more than one person will be logged on and working on the system at any particular time. Puppy gets away with it's approach because it's explicitly a single-user system, and assumes the user running it is the one who installed and maintains it. If they make a mistake, they are the only one affected.

I started out on AT&T Unix System V back in the 80's. I've been the administrator of Unix systems where upwards of 300 users might be on the system at once. Can you imagine the chaos that might result if they were all running as root?

Most of the users I supported were non-technical. They didn't know how the system operated, and didn't want to. They accessed the system to perform work. The vast majority of them never saw a command line, and wouldn't know what to do if they did. I set them up with custom IDs. When they logged in, they were put directly into the program they needed to use. When they exited the program, they were logged off the system. They were quite happy with this. It made their lives easier, and reduced what they needed to know about the system to be able to do their jobs.

I run Ubuntu as well as Puppy. Ubuntu is like any other mainstream distro. By default, you log on as an ordinary user. If you need to perform administrative tasks, you temporarily acquire administrative powers with su or sudo. I could set that up to always run as root, but don't. (I did create a separate password for root to enable me to run as root in another virtual console, but seldom use it.)

I prefer the extra step to become administrator as a safety measure. It forces me to remember that I am performing administrative tasks, and to make sure I understand what I am attempting to do. This is a simple safety measure that cuts down on the likelihood I'll make a mistake I'll then have to recover from.

I have seen a tech manage to wipe an entire machine at a customer site by making the wrong move as root. Fortunately, he was able to recover because the customer had made a complete backup just before he arrived to do his work. But he made the error he did because of bad habits he'd accumulated as an administrator on a small Xenix system, where he always ran as root to avoid pesky permissions problems.

You don't have to fear root, but you do have to respect it, and showing respect by not running as root when you don't have to is a good idea.
______
Dennis

[Lobster]

Read this: Fear Not Root, and tell us what you think.

I thought reading this was preferable to running around like a headless penguin
exclaiming, 'Beware the root'.
Dennis makes many similar points about the difference between Linux on a corporate network and individual Puppy and Linux desktop computers.

A reminder of the simple Puppy Growl security program:
http://murga-linux.com/puppy/viewtopic. ... 216#335216

[jamesbond]

Thank you Dennis.

Your posts are very clear, helpful, refreshing and educational. You give the context, and also the reasons in which running as root is a bad idea - this is in contrast to others who just say "because it's the best practice".
Hopefully wIth your posts and the Fear Not Root link, people running single-user desktop linux can then see whether or not these reasons apply them, and what additional security gains they get by running as non-root (and thus, whether root-vs-non-root is worthy of a heated debate).

cheers!

[jamesbond]

Read this: Fear Not Root, and tell us what you think.

I thought reading this was preferable to running around like a headless penguin exclaiming, 'Beware the root'.

Lob I can't stop laughing reading your post