Monday, 20 October 2014

Can any one hack Ubuntu Linux?

Technically yes, but it's difficult to do. Also remember that most Linux computers that are hacked are servers. Assuming you have a desktop, you should be very secure. Because your computer isn't going to be controlled remotely, it by default denies incoming connections like SSH. This means that no one, even if they know your password, can remotely control your computer. So you are relatively safe from online attacks. Note that it is possible for a script on a website to break out of your browser's sandbox, use a privilege escalation exploit, gain root access, and plant a rootkit, (basically pwn you completely), but this is VERY difficult and the average exploit for Linux is patched in two hours (or that's what I heard at least), so it'd take a really, really excellent hacker to do that, and a hacker at that level wouldn't be interested in your computer.

The other way a hacker could get into your computer is through malicious code that they trick you into downloading (aka malware). Linux is very safe from malware and hackers for many reasons:

1) All programs are by default not run as root, which means they can't change system files. You'd have to be a fool to run all your programs as root. ONLY run a program as root if you trust that it won't stab you in the back...

2) Ubuntu's AppArmor can protect a process from changing files it shouldn't (for example, Firefox should never be changing your kernel, or modifying the configuration files of another program, so AppArmor would block that, while allowing Firefox to save files to the downloads directory and edit its own configuration files, etc).

3) The kernel is small and not attached to "userland" applications (applications run by you, like Gedit), so if someone manages to compromise Gedit the worst they could do would be mess up your text files! On Windows, on the other hand, if someone compromises IE they've essentially compromised the whole system.

4) Windows was designed originally to be single-user, so all programs are given the same permissions by default. Linux is multi-user, so most programs are run under a user that doesn't have the privileges to do much damage. This also means you have to enter that user's password to run a program as a different user (like root), instead of simply clicking "yes" or "no" like on Windows.

5) By default Linux has no open ports, except the ones it absolutely needs. Any extra ports are a sign that something extra is communicating with the outside world, which may be bad.

6) Because Linux is open source, it has thousands of eyes watching it. Some might say it's insecure because anyone can easily find a vulnerability, and that's true, except for the fact that it's GOOD for someone to find a vulnerability because the average Linux user is more likely to report that vuln and get it patched then they are to use it black-hat style and hack maybe a few computers before someone else notices it, and fixes it. Windows is entirely closed source, so you just have to hope that those Microsoft employees work faster then the black hat hackers our there. Without many people monitoring it, Windows bugs become stale, and sometimes Microsoft openly states that they'll never fix a certain patch. Always remember, bugs come through open Windows.

7) Linux only runs necessary services, whereas Windows will even run the remote desktop service by default if I'm not mistaken. Because Linux doesn't run any services it doesn't need, it's both easier to spot rouge services, plus less running services means less methods to break into your computer (and less CPU usage goes to useless services).

8) Linux employs "chroots", which essentially lock a process to a certain directory, and preventing the process from changing files OUTSIDE that directory. While it is possible to break out of a chroot, it is very hard, and there are methods to harden chroots.

9) Windows has crappy programs installed by default (IE, Notepad, Paint, etc) which means Windows users will have to wade through all the fake/malicious programs on the web till they find a good alternative (e.g. Paint.NET instead of Paint). Ubuntu on the other hand comes with what it believes to be the best programs at the time (Firefox instead of IE, Gedit/Kate instead of Notepad, Gimp instead of Paint, etc). Any other programs are all primed to install with "sudo apt-get install packagename" (this lets me install Chromium instantly if I don't like Firefox without having to look for it online).

10) Linux doesn't make things so easy that users lower their guard. It forces you to think, and get smart with computers. That will help prevent foolish mistakes like logging in as root and running any program you might come across. Windows on the other hand does everything for you and you become lazy, making it easier for hackers to control a computer without you noticing. Of course, Linux doesn't make it too hard either. If you want hard, install Gentoo.

11) Most Linux programs are installed through the repository, which is basically a long list of URLs for Linux programs and their source code. It's very hard to get malware approved and put into the repository. It's hard to trick someone into downloading, compiling, and running malicious script when most users are use to simply running "sudo apt-get install packagename".

12) Linux was written with the UNIX philosophy in mind, where everything is kept to the minimum to be useful, but not too simplistic. This reduces the number of potential exploits a hacker can use to get in, while simultaneously maximizing system stability and speed. And even though it's minimalist(ish, each distro is different), it's possible to install nearly anything you want quickly, so no functionality is lost. Plus, Linux's simplicity makes it easy to spot mistakes and fix them before a hacker gets hold of it.

13) Because there are some many versions of Linux (this is because Linux isn't technically an operating system, it's just a kernel. Whereas Windows is the Windows NT kernel with Microsoft utilities, Linux distros are the Linux distros with GNU utilities), it's hard to make already compiled, ready to execute binary code that works on every system. However making the source code available DOES allow it to work on (almost) every Linux system. This forces programmers to release the source code if they want it to work on more than one distro. Because of this, any malicious programmer would also have to make their malware open source, and it's VERY hard for malware to hide in plain site (even if you can't understand the source code, SOMEONE will and will quickly alert people to the problem).

14) Updates and security updates are released rapidly, so make sure you keep all your programs up to date. For every security update that rolls out, that's (generally) one less exploit a hacker can use against you. In fact, the average time for an exploit to be patched under Linux is about two hours (compared to months/years/never for Windows).

15) Ubuntu (and many other distros) has the option to encrypt your passwords, which means you have to enter a master encryption key to get at it. So any malware that is able to install itself will have a hard time getting at your PayPal passwords, etc. Windows on the other hand stores passwords in plaintext, which is dangerous. Just for an experiment, I infected my own computer with the trojan Darkness (aka Destination Darkness Outcast System, aka Optima bot), and was shocked to see that it was instantly able to grab all my internet passwords, even without Administrator privileges. And that's with a bot dedicated to denial of service attacks, not stealing passwords! Imagine how easy it would be to steal someone's passwords with a dedicated password-theft bot like Zeus or SpyEye! One of the reasons those kinds of trojans aren't made for Linux is that your passwords are encrypted, and inaccessible to a malicious program even if it were to infect you.

16) There are a huge number of security tools available for Linux, from the ultra secure tin-foil hat kinds like the grsecurity kernel patch, to simpler ones like rkhunter and SELinux, and of course Ubuntu's built-in AppArmor. Windows on the other hand is plagued with fake, useless, scam, or just really bad security software (*cough* Norton *cough*). And Windows users always expect a program to make their computers invincible and do all the work for them, and so think it's safe to download "hot_pr0n.wmv.exe". ;)

17) Linux hashes your passwords with SHA512, which is a very, very secure hash algorithm. Even better the hash is salted (that protects it from rainbow tables, which are massive databases of pre-computed hashes that speed up cracking billions of times... or something) While it does little to protect you if you have a very short password, it is uncrackable if you use a longer password.

18) Linux won't let a user make foolish security decisions easily. For example, it warns you harshly if you try to set automatic login, or use a short root password. Windows on the other hand can be made completely insecure without it saying anything to you.

19) The kernel is simply secure. It was built with simplicity, speed, stability, and security in mind, and it blocks as many exploits as it can, because access to the kernel means instant game over. Plus, the kernel can be made even more secure with patches, like the immensely secure grsecurity patch to specific vulnerability-targeting patches like TRESOR (TRESOR Runs Encryption Securely Outside RAM, a wonderful patch that stores AES states in the CPU registers instead of the RAM, completely mitigation cold-boot attacks against encrypted drives while even increasing performance, although it only works on CPUs that support the AES-NI instruction set).

20) Ubuntu does not use Internet Explorer.

If you have any thought in your mind feel free to comment.

Tags: ubuntu, linux, details about hacking, prevent hacking, stop hacking, ubuntu hacking, linux hacking, linux kernel hacking,

No comments:

Post a Comment

Don't spam

You might also like