Unix/Linux/BSD security vs. Windoze security (was Re: 30 Miles of Bad Code (FORTRAN-&

NG followup shifted to comp.os.linux.misc as this very OT in c.l.f.
JG : Please read on, and respond in c.o.l.m or comp.os.linux.advocacy.
For others reading this in c.l.f., please ignore.

James Giles wrote:
 
>
> You are living in a fantasy world.  Unix is pretty insecure.  The
> last I saw a demonstration, a malicious attacker needed less than
> ten minutes to get root privilege from an unprivileged account.

Let me put it this way - I don't believe you. Unix passwords in /etc/passwd
are fairly strongly encrypted, and even if some dumb admin allowed (a
password generator for instance) to repeatedly try passwords without limit
or interval, I think it would a lot longer than 10 minutes to crack a well
chosen password.

As to obtaining privileges, an unprivilieged user, who is not a member of
groups like "root", "admin", "staff" or "wheel", cannot do much where
his/her native group ("users" usually) does not have write and execute
permissions.

>
> Unix security doesn't even meet the lowest classification of
> security certification:

Then I am curious about this classification system and a list of OSes that
meet the lowest classification or higher (if any).

A URL would be very useful.

>
> The CAPP (Controlled Access Protection Profile) provides for a
> level of protection which is appropriate for an assumed non-hostile
> and well-managed user community requiring protection against
> threats of inadvertent or casual attempts to breach the system security.
> The profile is not intended to be applicable to circumstances in which
> protection is required against determined attempts by hostile and well
> funded attackers to breach system security. The CAPP does not fully
> address the threats posed by malicious system development or
> administrative personnel.

No OS can defend against a malicious root or system software developer !!

>
> As one observer said:
>
>     Translating that into colloquial English:
>
>     Don't hook this to the Internet, don't run e-mail, don't install
>     software unless you can 100% trust the developer, and if anybody
>     who works for you turns out to be out to get you you are toast.

If you have a malicious root, the above is pointless.

>
> And no Unix version is certified at this level.  Unix has as many
> holes as Windows.  Neither is a very good system.  Not secure,

Linux holes tend to be found (eyeball count) and fixed long before they
become a widespread problem. Windoze holes remain unfixed for a very long
time comparatively, costing the poor saps that use the OS lost time, money,
productivity, etc.

> reliable, or user friendly.  I'm convinced that Microsoft decided
> they didn't need any of those characteristics have a successful
> system by observing the success of Unix.

They had no choice. Networking was an afterthought in DOS / win 3.1. Getting
an elephant to fly, IMO.

And returning to your initial bromide about Linux not being as targetted as
windoze, most servers run Linux/BSD. By your logic, most of them would be
compromised (or in a fraction at least as high as compromised windoze
servers).

Your "argument" so far seems to be something along these lines :

An airplane cannot take you instantaneously from, say, Atlanta to Los
Angeles. Neither can an Amtrak train. "Ergo", they are equally slow.

You can always set security standards so ridiculously high so that they are
of no practical value, and every OS extant fails to meet them. That does
not mean that you can ignore their significant differences.

Madhusudan Singh wrote:
> NG followup shifted to comp.os.linux.misc as this very OT in c.l.f.
> JG : Please read on, and respond in c.o.l.m or
> comp.os.linux.advocacy.
> For others reading this in c.l.f., please ignore.

I'm not going to argue with you and I'm not even going to read
a defensive advocacy group.  I have no ax to grind.  I give more
credence to people whose job it is to do *real* research on
system security.  From their work it's still clear that Unix is
about as secure as Windows, that is: pretty much not at all.
Several universities (and some government agencies and private
companies) have research projects on secure OS development.
As far as I've heard, none intend Unix compatibility.  For example,
from Jonathan S. Shapiro, Johns Hopkins University Information
Security Institute:

> It is possible to do much better. EROS, a research operating
> system that we are working on here in the Systems Research
> Laboratory at Johns Hopkins University, should eventually
> achieve an EAL7 evaluation rating, and is expected to provide
> total defense against viruses and malicious code. It won't be
> compatible, because the most important security problems in
> Windows and UNIX are design problems rather than implementation
> problems. In fact, none of the viable research efforts toward
> secure operating systems are compatible with existing systems.

--
J. Giles

"I conclude that there are two ways of constructing a software
design: One way is to make it so simple that there are obviously
no deficiencies and the other way is to make it so complicated
that there are no obvious deficiencies."   --  C. A. R. Hoare

Madhusudan Singh wrote:
> Let me put it this way - I don't believe you. Unix passwords in
> /etc/passwd are fairly strongly encrypted,
> [... other security advantages of Unix ...]

James Giles wrote:
> [...]I give more
> credence to people whose job it is to do *real* research on
> system security.  From their work it's still clear that Unix is
> about as secure as Windows, that is: pretty much not at all.

Well, I guess James is saying that 20 is much larger than
both 4 and 2 and that 4 and 2 aren't very much different.
On the other hand, Madhusudan is saying that 4 is significantly
larger than 2, without referring to 20.  Of course, both of you
are correct!  :)

I guess the audience have already noticed this, without me
pointing it out. . . .

Cheers,
Ryo

In article <1115774944.550133.236670@g43g2000cwa.googlegroups.com>,
Ryo <furufuru@ccsr.u-tokyo.ac.jp> wrote:

>I guess the audience have already noticed this, without me
>pointing it out. . . .

We noticed you continuing an off-topic discussion, yes... any chance
you could stop? Thanks.

-- g

Greg Lindahl wrote:
> In article <1115774944.550133.236670@g43g2000cwa.googlegroups.com>,
> Ryo <furufuru@ccsr.u-tokyo.ac.jp> wrote:
> 
>
> We noticed you continuing an off-topic discussion, yes... any chance
> you could stop? Thanks.

I appologize if I offended you (and others).  But, _I_ didn't have
intention of continuiung the off-topic discussion.  I tried to
settle the issue by pointing out the difference between the two
parties who were arguing.  Your sarcastic tone offends me.

Perhaps the discussion had ended before I posted. I hadn't carefully
checked the date and time of the post to which I was replying or
hadn't consider difference in time zones.  (But, you know, it's hard
to tell whether a particluar disussion has ceaced or not.).  Also,
I didn't make it clear that my intention was to settle the issue.
I admit these were my faults.

Regards,
Ryo