Like all operating systems, Linux is not perfectly secure, nothing is.As a security guru, Bruce Schneier said, “Safety is a process, not a product.”It’s just that, in general, Linux is more secure than its competitors.You can’t say this in recent headlines that report on Linux insecurity.But if you look closer, you’ll find that the maximum – not all, but the maximum – of those stories are false.
For example, Boothole is frankly terrifying. You can get root access on any system! Oh, no! Look again. The organization that discovered it is leaving immediately and says an attacker wants administrator access for their exploit to do their dirty work.
Friends, if someone has root access to your system, you already have real trouble. Remember what I said about Linux not being perfect? Here’s an example. The initial problem was real, albeit only really dangerous to an already hacked system. But several Linux distributors botched the initial fix so their systems wouldn’t boot. That’s bad.
Sometimes solving anything in a hurry can make things worse and that’s what happened here.
In another recent case, the FBI and NSA issued a security alert related to The Russian Drovorub malware. This program uses unsigned Linux kernel modules to attack systems. Certainly, as McAfee Technical Director Steve Grobman said, “The United States is a target-rich environment for potential cyberattacks,” but is Linux production controlled through someone with an endangered track?
I don’t think so.
First, this malware can only work on Linux distributions running Linux 3.6.x or a previous kernel. Guess what? The Linux 3.6 kernel released 8 years ago.
I guess if it’s still the Red Hat Enterprise Linux (RHEL) 6 replaced, you might want to worry.Of course, the solution for signing Linux kernel modules has been available for RHEL 6 since 2012.In addition, many other people use Linux distributions that are a little newer than that.
In fact, let’s make a small list of Linux production distributions:
All those distributions from years ago began their lives from this attack.All recent versions of Linux are invulnerable to this malware.
But wait! There’s more. And that’s the boring part. Suppose you are still running Ubuntu 12.04, which is no longer supported, which in theory is vulnerable. So what. As the Red Hat security team comments, “attackers [must] download root privileges by using some other vulnerability before a successful installation.”
Again, for Linux to get compromised, for your formula to get a dose of Drovorub, your formula already had to be compromised.If an attacker already has root access, it is completely blocked.
Yes, there’s a safety factor here, but it’s not a technical factor.In the technical sector, we like to call this kind of challenge: there is a challenge between the keyboard and the chair (PEBKAC).So yes, if you have a fool as a formula manager, you have genuine challenges, but you can’t blame Linux for that.
Let’s take a look at another example: Doki, a new backdoor Trojan. This time, described through many as a Linux problem, this is not the case. You can only effectively attack Linux systems when the one who configured Docker boxes exposed the Application Programming Interface (API) of the Internet Control Interface.
It’s stupid, but it’s even stupider than succeeding in you, your server firewall wants to be configured to open port 2375.Here’s a lesson on network security 101: Block all the ports you want to open. That’s it, configure your firewall to reject any incoming connections that don’t respond to outgoing requests. If your administrator hasn’t already done so, you’re incompetent.
Finally, consider the recent sudo command challenge. This Sudo security vulnerability was real, it has since been fixed, however it calls for a PEBKAC case to work. In this case, you must have misconfigured the sudo setting so that any user can execute sudo in theory. Again, if you already have an unsafe system, it can get worse.
Here’s a non-unusual topic. Disorders are not with Linux. Disorders are with absolutely incompetent administrators. And when I say “absolutely incompetent,” that’s exactly what I mean. We’re not talking about small, sophisticated mistakes that anyone can make. We’re talking about basic awkwardness.
Whether you run Windows Server, Linux, NetBSD, on your critical formulas, if it absolutely fails in security, regardless of the “security” of your operational formula. It’s like leaving your car keys in a keyless car, your formula will be hacked, your car will be stolen.
So just blame Linux. Let’s blame the real problem: the incompetence of the formula manager.
Related Stories:
Commit 1 million: the Linux kernel
Linux celebrates its anniversary: the most important occasions in its history to date
Samsung Galaxy Watch 3: Finally, a perfect smartwatch from a non-Apple smartwatch
Thunderbird messenger survives Mozilla’s layoffs
By registering, you agree to the terms of use and knowledge practices defined in the privacy policy.
You’ll get a loose subscription to ZDNet’s Tech Update Today and ZDNet Announcement newsletters. You may opt out of receiving these newsletters at any time.
You agree to get updates, alerts, and promotions from THE CBS Business Family Circle by adding ZDNet Tech Update Today and ZDNet Announcement. You can choose to leave at any time.