2

I don't know if you've all heard/read about the software from companies such as "hacking team", see e.g. the remote control system:

I was a bit surprised about how easy it is for everyone to use such a tool to hack everything. What they do is to have a really really simply tool (the interface is simple, obviously the security penetration is for highly specialized hackers) that even idiots can use, to hack other people's computer - ALSO LINUX. So Linux is not safe.

For me, I normally don't click links in emails. I don't download pirate software. But I think if somebody should use such a tool against me, they should setup a webpage and after I've visited this webpage my pc would be injected. It's not that I have anything to hide, it's just I want to protect my pc against criminals and get the highest possibly security.

So I've been thinking about "sandboxing" my mozilla browser and chromium browser. I think that should make me >95% more safe, as this is where I imagine criminals potentially could take over my pc. Do you agree that sandboxing the browser is the best defense against criminals taking over one's pc? Exactly which tools/methods are recommended for increasing the security level against such dangerous attacks (they're invisible to virus/malware scanners and exploit 0-day vulnerabilities)?

I also have wireshark, but I'm not clever enough and haven't learned how to analyze my own IP traffic to look for such things in my home network although I would like to learn more about how to detect such attacks. I think this is indeed a very interesting topic, I hope to hear/read good guidelines other than just "don't click links in emails which is suspicious"...

Okay Dokey
  • 108
  • 16
  • 2
    The only way to be 100% safe is to throw away your computer, or at least don't turn it on - they can even read electromagnetic fields. Now, of course, they're not going to do this (likely) but you never know. Security is a process and not an application. You decide what you want to do and what risks you'll take to accomplish it. There's no one answer I can give except to suggest a search engine and a lot of time dedicated to learning. Linux is, for the most part, more secure by default but the security hole is almost always the user. Trust, but verify. Also, not really on-topic here. – KGIII Oct 21 '15 at 23:29
  • How about sandboxing? – Okay Dokey Oct 21 '15 at 23:37
  • Sandboxing your browser will prevent things from getting escalated privileges and "escaping" your browser to do other harm, well - at least make it more difficult. You can look into AppArmor and SELinux if you want, as well. However, this really isn't an Ubuntu specific question. Thus, you're probably better off at a different SE site such as the Unix site. Take a weekend and sit down at your favorite search engine - maybe read Bruce Peren's blog and Steve Gibson's site. It's a deep subject and too broad to cover. I'd love to answer it but it's not really within the scope of this site. – KGIII Oct 21 '15 at 23:42
  • http://catb.org/esr/writings/unix-koans/script-kiddie.html – Panther Oct 21 '15 at 23:43
  • 1
    @bodhi.zazen - One of my favorite Koans. As a Buddhist, I approve of your message (and the site). I do kind of wish the question was one that I could answer here but I feel it would be inappropriate and would be way too long to be acceptable. – KGIII Oct 21 '15 at 23:47
  • I think it's strange that there's no ubuntu-way of sandboxing... Anyway, I'll think about it. – Okay Dokey Oct 22 '15 at 00:12
  • @OkayDokey - Define "sandbox". Chrome/Chromium runs in a sandbox. You can use apparmor - http://wiki.apparmor.net/index.php/AppArmorSandboxing or you can use virtualization such as LXC or KVM. Your question is too broad. – Panther Oct 22 '15 at 00:18
  • About the only safe computer is one that is turned OFF. The next best thing is to NEVER connect to the internet. Other than that, there remember you are dealing with complicated software millions of lines of code that probably cannot be absolutely verified (i.e. bugs). Also, no emcryption can with absolute certaintity can be considered unbreakable. Again, it is much easier to dis-prove (break) something that prove it ABSOLUTELY correct. – mdpc Oct 22 '15 at 02:46

1 Answers1

0

I have heard that the Secret Services of several counties are moving back to a paper system. Honestly if informations systems security is your goal you should consider learning about "The Tor Anonymity Project," and "The Tails Amnesic Incognito Live System." You should probably also know how to implement "GNU Privacy Guard," and the GPG Tools Suite that goes along with your OS distribution, and your email application. Unfortunate no current computer system should be considered 100% secure. Even systems that have been "air gaped" from a network can be, and have been compromised. The best we can hope for is keeping really critical information in a drawer, or in our heads. ----Best of Luck!

Thompson Dawes
  • 695
  • 1
  • 6
  • 20
  • I think that article is from 2013, the problem is worser today because not even encrypted traffic makes your data private, if a backdoor is installed on your pc without your knowledge... Anyway, how about sandboxing browser communication? I think this is a very weak point, at least on my pc - how else should criminals get in if it wasn't from installed malicous software from email or browser links? Ofcourse I trust the software from linux distributions and "official" repositories... – Okay Dokey Oct 21 '15 at 23:29
  • I understand your concern, it is indeed a lot worse, and a lot more complicated then you might imagine. Though I wouldn't lose my composure over it. Unfortunately your question is overly broad, and some what off topic for this forum. Perhaps you could edit it to bring out a specific question about a specific condition. You use a lot of jargon, and that question you ask in bold is impossible to interpret. Best wishes. – Thompson Dawes Oct 22 '15 at 00:15
  • Thanks. I don't fully understand that the question is "off topic" and "too broad" and "not ubuntu-specific". It would be interesting to see a few words - not a whole book or article about ubuntu-tools for e.g. sandboxing and protection, but instead the opposite happens... I've asked about sandboxing methods many times now, but people say like "it's not ubuntu"... I'm very surprised to see that there's no "ubuntu"-methods available (at least nobody wants to write about it) and that the question is off topic. – Okay Dokey Oct 22 '15 at 00:22
  • http://askubuntu.com/questions/292925/how-to-sandbox-applications I would still brush up on encrypting my data if I were you. – Thompson Dawes Oct 22 '15 at 00:35
  • 1
    Thompson Dawes, that link is absolutely perfect - I can spend many hours digging into that so I'll do that when I have time. I think it's a good idea with a form of "sandbox environment" for e-mail and browser. I also do encrypt my data (and backups), but if someone installs a backdoor the encryption is useless... Thanks a lot for the last link, that's really a great resource (and I think I could find a solution that fits my temper between the options metioned there)...! – Okay Dokey Oct 22 '15 at 01:53