| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: chill at herber-hill.com (Charles E. Hill) Subject: Friendly and secure desktop operating system -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I read it, and have a couple comments. 1. The UNIX model does more than protect users from other users, it also protects the system from users. In a Windows world, it is possible for any user to trash the entire system -- not just their data. This is mitigated with Win2K and WinXP where you can create non-admin users, but my experience has been most non-admin users end up getting stuck in the local admin group for convenience and that defeats the purpose. 2. Software application packages -- the stuff users run -- should be installable by non-root users by default. Only if something needs to be installed systemwide should it be done by a "sudo". Most single-users only want to install and run software for themselves, not a group. That software can be run as the user -- protecting the system itself. Yes, this still leaves the user's data vulnerable. 3. Honor, like Unix/Linux does, the priviledged port concept and only allow the admin to open ports below 1024. Make it painfully clear whenever any program tries to listen on upper ports on non-localhost. Bells and whistles should go off if anything wants to run as a server service. 4. Make firewalls be included and ON by default. Lock out damn near everything except DNS, DHCP, POP, IMAP, FTP, NNTP and NTP from making it in (and their SSL-variants). If a user knows what SSH or any other service is, then they are probably smart enough to be able to explicitly turn it on. Keep LAN (SMB, NETBIOS, etc.) services off unless turned on by an admin. 5. Make a list of services allowed to make network connections to the outside world. Have all sorts of sirens go off if something attempts to get out and isn't on the list. 6. Educate users about patching and keeping antivirus software up to date. The systems should automatically check daily for new patches/av updates and have a "one click" install. The problem is, other than a list of trusted programs that each have a list of trusted functions, there is no way for the system to know what is "allowed" and what is not. However, there may be a way to apply bayesian logic to program activity. Just like spam filters can learn what is and what isn't spam by what spam "looks like", a bayesian program filter could (theoretically) learn what virus and malware activity "acts like" and quarrantine it. I remember Norton Antivirus trying this a while ago, but it wasn't very successful. However, that was a few years back (5?). - -- Charles E. Hill Technical Director Herber-Hill LLC http://www.herber-hill.com/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE/i1IBeljutq/VnacRAjkVAKCP+R00VQi0Tj9JoC/oVV5ziizJCwCcDGfw 6NCh8f+Kgg61NdmG0DG75zg= =FrRv -----END PGP SIGNATURE-----
Powered by blists - more mailing lists