Linus's Security Rant ... He has a point | The Coffeehouse

Linus Torvald has passed a few comments about security which are upsetting the security crowd, hmmm I think the line when he compares the OpenBSD crowd to a bunch of "masto*(tugging)*ing monkey" got them all in a tizz.

Read the full extract here.

I've always thought that a balance needs to be struck between security and functionality. The Linux crowd are all abit sensitive about ... well everything ... no wonder it's toys out of pram time. I wish the Linux crowd was abit more mature then prehaps they would get a few more listeners to what is a top-flight OS and the message about Open Source that is cool.

There is after no such thing as 100% secure and that after all is the secure game in a nuttshell, it's a percentage game. If you are asking for money and/or pesonal details on a website you tighten it up so much that it past squeeking. If it's a intranet site about your bosses favourite tree your aren't going to bother locking it down further than the hardening wizard.

Minh

Sabot said:

There is after no such thing as 100% secure

Yeah. "100% secure" has no meaning. I sometimes dream about a "A User's Manifesto" where I can enumerate my rights over my computer. I'll start.

I) The OS shall inform me when an app tries to do squirrely stuff like install keyboard capture, network proxy, and other driver-level stuff.

II) Regarding I), UAC doesn't count. LOL!

III) The OS shall provide to me a way to remove an app completely easily and without uncertainty.

IV) The Browser should follow I) but ask me twice, just to be safe.

V) This is 2008, there shouldn't be buffer overflows anymore!

VI) The OS SHOULD protect me (somehow) from the dancing bunnies.

anymore?

Harlequin

That thread is a good read so far. That pageexec guy is just pwning Linus.

Edit:
Geesh, they're going on about how "Microsoft hides" security problems...and at the same time they're going on about not disclosing them themselves. Am I missing something?

Sabot

In reply to Harlequin

#Jul 18th @ 1:42 PM

The practice of security by obscurity has been long understood as not ideal and to be avoided, however nation-states have been doing such things on a grander scales for centuries successfully. Take the Stealth plane, a recognised contributor to the end of the cold war because it signified the widening weapons gap. Can you really discount something when it works but it's not best practice?

KevinB

In reply to Minh

#Jul 18th @ 1:42 PM

Why doesn't UAC count? It prevents you from doing anything that affects the system state. You can destory your user-profile as much as you want, but you are warned if an operation is about to happen that can damage the system. Sure, the UI could be tidied up and a be ALOT more descriptive, but the principle is there.

Kevin

Minh

In reply to KevinB

#Jul 18th @ 2:06 PM

KevinB said:

Why doesn't UAC count?

It's too broad, and becomes meaning less. I rather see:

-----
DancingBunnies.exe is about to start monitoring your keyboard. Do you want to allow?

[Allow keyboard monitoring] [Don't Allow]
-----

than

-----
DancingBunnies.exe needs your permission to continue.

[Continue] [Cancel]
-----

stevo_

In reply to Minh

#Jul 18th @ 2:29 PM

I'd rather see dancingbunnies.exe get built in a manor that means it doesn't rely on administration scope to function.. but windows doesn't have granular access breakdown, uac just elevates the app to admin - who has admin rights over whatever.. its somewhat of an ideal to ask for that, making that happen in windows would take a lot of transition time.. and you have to think - theres probably something a lot better that could be done, and still complete in a similar transition time... (10 years?)

Minh

In reply to stevo_

#Jul 18th @ 2:35 PM

I'm not sure if it's impossible. To hook into the keyboard chain, you have to call an API, right? Just do something...

figuerres

In reply to Minh

#Jul 18th @ 2:29 PM

DancingBunnies would not need admin rights if it was a "normal" app.

the problem is too many apps want admin rights, most of the time they should not need them.

KevinB

In reply to Minh

#Jul 18th @ 2:29 PM

Imagine the sheer number of UAC prompts if that were the case, people complain as it is. Of course, you could have a 'Do this for all remaining admin required actions' which would be equivalent to today's UAC, but if this was checked by default, where is the security gain for the probably pretty substantial amount of work that this would involve.

I understand what you mean, I just don't think it would be a quick solution to develop for pretty minimal payoff.

Kevin

brian.shapiro

In reply to KevinB

#Jul 18th @ 4:01 PM

I once read an interview where Linus said "Windows is a great OS that Linux still has to catch up to"

Erisan

In reply to brian.shapiro

#Jul 18th @ 4:21 PM

People have weird ideas of Linux developers. If they read LKML more they would see that there's plenty of developers with different opinions and thoughts about how things should be done. That's the salt of the open discussion.

Sabot

In reply to brian.shapiro

#Jul 18th @ 4:21 PM

With Virtualization coming more to the fore I think the emphasis should turn to software rather than OS. Because we will bundle as mush or as little OS as need to make that software run with our software which is abstracted away for everything else so in-effect will become less import to have an environment running one platform or another. IT Pro skills will turn more towards using tools rather than getting to know OS inside out. But this all presents interesting security challenges as complexity increases between the abstractions will this present more options to exploit vulnerabilities? This is were developers need to understand the impact of what they are writting more than ever and continue to examine their creations to continue to insure they are safe but not placing security into context by using DREAD evaluations to understand the level of risk.

Sabot

In reply to Erisan

#Jul 18th @ 11:29 PM

Life is too serious for Linux developers, they seem to be in the middle of some kind of war. I'm sure that coding actually pents up latent aggression hence the reason to vent it. It's healthy to have a hobby that gets you away from the computer screen, I think we should hold out a hand to our Linux brothers and sisters and take them out, buy them a few beers and get them laid! :o) Do I get an Ah men ???

Erisan

YouTube: Greg Kroah Hartman on the Linux Kernel