Silk Road forums

Discussion => Security => Topic started by: The Reverand on July 24, 2012, 07:28 am

Title: Different Versions Of Linux
Post by: The Reverand on July 24, 2012, 07:28 am
So is their a major difference between the different versions of Linux, such as Linux Mint, Liberte, etc in terms of security, with Liberte being one of the most secure, or does it all just depend, with the difference being how you encrypt and use it?
Title: Re: Different Versions Of Linux
Post by: kmfkewm on July 24, 2012, 11:32 am
There are big differences between the security provided by different linux distros. Liberte is based off of hardened gentoo, which is probably the distro of Linux with the most security potential, however I don't believe Liberte is properly taking advantage of what hardened gentoo has to offer.
Title: Re: Different Versions Of Linux
Post by: oscarzululondon on July 24, 2012, 11:51 am
There are big differences between the security provided by different linux distros. Liberte is based off of hardened gentoo, which is probably the distro of Linux with the most security potential, however I don't believe Liberte is properly taking advantage of what hardened gentoo has to offer.

This is correct.

As OP mentioned it I'll just say Linux Mint is just Ubuntu anyway with pretty graphics.

Variations of Linux aren't however the absolute most secure operating systems, but Linux operating systems such as Liberte are accessible and relatively easy to use, and definitely more secure than things such as Windows or Mac OS X.


Title: Re: Different Versions Of Linux
Post by: digitbh on July 24, 2012, 12:19 pm
You should download backtrack. It's mainly used on a USB drive as a live environment, but there are ways to do a full install on the flash drive. Backtrack is very secure, and if you're worried about security having your evidence on a flash drive is great. It's easy to hide, and easy to physically destroy if need be. Also, they're cheap.
Title: Re: Different Versions Of Linux
Post by: randomOVDB#2 on July 24, 2012, 12:52 pm
Liberte is based off of hardened gentoo, which is probably the distro of Linux with the most security potential, however I don't believe Liberte is properly taking advantage of what hardened gentoo has to offer.

What seems to be missing ?
Title: Re: Different Versions Of Linux
Post by: kmfkewm on July 24, 2012, 01:18 pm
Liberte is based off of hardened gentoo, which is probably the distro of Linux with the most security potential, however I don't believe Liberte is properly taking advantage of what hardened gentoo has to offer.

What seems to be missing ?

Is Liberte 64 bit? If not it is not taking proper advantage of ASLR. Has he configured MAC profiles? If not it is not taking advantage of MAC. Hardened Gentoo provides tools that require both the proper version of the OS (ie: 64 bit) and proper configuration to take advantage of. Using Hardened Gentoo without the proper settings and configuration does not take advantage of what it has to offer.
Title: Re: Different Versions Of Linux
Post by: madhater on July 24, 2012, 06:24 pm
I tried the portable version of ubuntu on usb stick and it wiped out my windows 7 so be careful children
Title: Re: Different Versions Of Linux
Post by: digitbh on July 24, 2012, 06:33 pm
I tried the portable version of ubuntu on usb stick and it wiped out my windows 7 so be careful children

How the hell did you manage that? Were you messing around in a partition editor? Or did you try to "install" Ubuntu without knowing what it was doing, thinking you were installing a video game? There is no way Ubuntu did this all by itself, it would've needed some assistance.
Title: Re: Different Versions Of Linux
Post by: TravellingWithoutMoving on July 28, 2012, 11:54 pm
What are everyones view of OpenBSD, as the main desktop or proxy?


TWM
Title: Re: Different Versions Of Linux
Post by: oscarzululondon on July 28, 2012, 11:59 pm
What are everyones view of OpenBSD, as the main desktop or proxy?


TWM

If done correctly a variation of BSD can be the most secure operating system on the planet, and make versions of Linux, even hardened Gentoo, Liberte, Tails etc look like a joke. However saying that, BSD isn't user friendly at all, and a pain in the ass to secure properly.
Title: Re: Different Versions Of Linux
Post by: kmfkewm on July 29, 2012, 02:26 am
What are everyones view of OpenBSD, as the main desktop or proxy?


TWM

If done correctly a variation of BSD can be the most secure operating system on the planet, and make versions of Linux, even hardened Gentoo, Liberte, Tails etc look like a joke. However saying that, BSD isn't user friendly at all, and a pain in the ass to secure properly.

The general consensus I have seen is that Hardened Gentoo has more potential than OpenBSD, but that OpenBSD out of the box is better. I would actually say pretty much the opposite of what you said, BSD is secure out of the box and less a pain in the ass to secure than hardened gentoo, hardened gentoo is less secure out of the box but has more potential and is a total bitch to configure properly (or even install).
Title: Re: Different Versions Of Linux
Post by: kmfkewm on July 29, 2012, 02:27 am
Some people even say that Unix type operating systems in general are shitty security , and offer up alternatives such as Inferno, however I know very little about these operating systems.
Title: Re: Different Versions Of Linux
Post by: oscarzululondon on July 29, 2012, 02:31 am
What are everyones view of OpenBSD, as the main desktop or proxy?


TWM

If done correctly a variation of BSD can be the most secure operating system on the planet, and make versions of Linux, even hardened Gentoo, Liberte, Tails etc look like a joke. However saying that, BSD isn't user friendly at all, and a pain in the ass to secure properly.

The general consensus I have seen is that Hardened Gentoo has more potential than OpenBSD, but that OpenBSD out of the box is better. I would actually say pretty much the opposite of what you said, BSD is secure out of the box and less a pain in the ass to secure than hardened gentoo, hardened gentoo is less secure out of the box but has more potential and is a total bitch to configure properly (or even install).

Yes you are correct, Gentoo is a much bigger bitch to install and configure for a basic user than BSD, simply due to it's nature, that's how people who regularly use it want it to be, that's the whole point of Gentoo.

However I would say the main failing of Gentoo, that it can't escape from, is it's Linux Kernel, and simply for this reason I believe a properly locked down BSD installation with it's BSD kernel is more secure, and the main reason why most publicly accessible secure servers containing highly sensitive materials such as bank servers tend to use BSD as their main operating systems rather than a variation of Linux or GNU / Linux.

I'm only speaking from my personal experience here, dealing with banks and a few other institutions here in the UK and US, it may be different in other places.

Debian BSD which takes the best of both worlds is of huge interest to me currently, but seems to be incredibly poorly supported, especially in regards to propitiatory drivers:

http://www.debian.org/ports/kfreebsd-gnu/
Title: Re: Different Versions Of Linux
Post by: steelseth on July 29, 2012, 02:06 pm
What are everyones view of OpenBSD, as the main desktop or proxy?


TWM

If done correctly a variation of BSD can be the most secure operating system on the planet, and make versions of Linux, even hardened Gentoo, Liberte, Tails etc look like a joke. However saying that, BSD isn't user friendly at all, and a pain in the ass to secure properly.

The general consensus I have seen is that Hardened Gentoo has more potential than OpenBSD, but that OpenBSD out of the box is better. I would actually say pretty much the opposite of what you said, BSD is secure out of the box and less a pain in the ass to secure than hardened gentoo, hardened gentoo is less secure out of the box but has more potential and is a total bitch to configure properly (or even install).

Yes you are correct, Gentoo is a much bigger bitch to install and configure for a basic user than BSD, simply due to it's nature, that's how people who regularly use it want it to be, that's the whole point of Gentoo.

However I would say the main failing of Gentoo, that it can't escape from, is it's Linux Kernel, and simply for this reason I believe a properly locked down BSD installation with it's BSD kernel is more secure, and the main reason why most publicly accessible secure servers containing highly sensitive materials such as bank servers tend to use BSD as their main operating systems rather than a variation of Linux or GNU / Linux.

I'm only speaking from my personal experience here, dealing with banks and a few other institutions here in the UK and US, it may be different in other places.

Debian BSD which takes the best of both worlds is of huge interest to me currently, but seems to be incredibly poorly supported, especially in regards to propitiatory drivers:

http://www.debian.org/ports/kfreebsd-gnu/
That is false.
If you feel you need to be publicly humiliated again please reply and I will make it happen.
Title: Re: Different Versions Of Linux
Post by: h4xx on July 29, 2012, 07:12 pm
The best way to determine linux version security is:

-what does it install by default?
-how committed are they to releasing patches in a timely manner? do they have enough devs to do this or is it a 2-man show?
-what security history do they have?
-is it focused on noob users who want nothing but graphical interface? then it's probably insecure as it's just trying to be a windows or apple clone.
-do the kernel devs focus on trusted code auditing or are they rapidly releasing shit like Linus Torvalds?

Of course you can take any version of linux and lock it down yourself but easier to get a blank install with nothing enabled, then you have to make it insecure but activating shit instead of finding shit to turn off. If the NSA/CIA/Secret Service or Scotland Yard, or hired criminal hackers aren't after you for being Scarface or Mega Carding Kingpin, then you're prob fine with any linux installation. If worried disable X-windows and lock down everything else.

Or look into other operating systems like OpenBSD or shit like this:
http://www.scs.stanford.edu/histar/

Here's an article about it, Nikolai is an MIT comp sci prof now
http://soe.stanford.edu/research/profiles/infotech_mazieres.html

Only 17,000 lines of code?!?! Compare that to a typical linux distro with millions of lines of code.
OpenBSD also audits absolutely everything so you have a trusted code guarantee.

Security is about trusted audited code running on trusted audited hardware, and constant vigilence to patch and update your system, adapt to new threats, run behind a pf firewall running carp, and a whole host of sociology like not giving away who you are easily. Bruce Schneir's blog covers a lot of this.