• Lunacy@lemmy.ml
    link
    fedilink
    arrow-up
    19
    arrow-down
    5
    ·
    3 years ago

    Hi!

    I personally saw a bit of confusion in the comments. I think you’re missing the point of the article, which is a technical analysis about a software, in this case Linux. He actually is a security researcher and his points in the article are not false since many other security researchers have the same view about Linux, including:

    • Brad Spengler, the developer of the most extensive kernel hardening patchset in existence and inventor of many widely used exploit mitigations along with pipacs (including ASLR, W^X, CFI, etc.):

    https://grsecurity.net/10_years_of_linux_security.pdf

    https://grsecurity.net/~spender/interview_notes.txt

    https://nitter.net/grsecurity/status/1249850031357788162

    https://nitter.net/spendergrsec/status/1308734202330963970

    https://nitter.net/spendergrsec/status/1308762791734632454

    • Kees Cook, Alexander Popov and more prominent Kernel Self-Protection Project members:

    https://www.youtube.com/watch?v=v7_mwg5f2cE

    • Daniel Micay, lead developer of GrapheneOS (formerly CopperheadOS), hardened_malloc, linux-hardened, etc.:

    https://www.reddit.com/r/GrapheneOS/comments/bddq5u/os_security_ios_vs_grapheneos_vs_stock_android/ekxifpa/

    • Dmitry Vyukov, another prominent Linux security developer:

    https://events19.linuxfoundation.org/wp-content/uploads/2017/11/Syzbot-and-the-Tale-of-Thousand-Kernel-Bugs-Dmitry-Vyukov-Google.pdf

    https://github.com/ossf/wg-securing-critical-projects/blob/main/presentations/The_state_of_the_Linux_kernel_security.pdf

    • Joanna Rutkowska, founder of QubesOS and author of many well-known security papers:

    https://nitter.net/rootkovska/status/1136220742662664193

    https://blog.invisiblethings.org/2011/04/23/linux-security-circus-on-gui-isolation.html

    • Jon Oberheide, co-founder of Duo Security:

    https://jon.oberheide.org/files/syscan12-exploitinglinux.pdf

    • Solar Designer

    https://www.openwall.com/lists/oss-security/2020/10/05/5

    Now, of course this doesn’t mean that madaidan and the others people I “quoted” are promoting closed source instead of open source, they simply did a security analysis on Linux.

    Madaidan itself uses Linux and he said many times how much he loves Linux and how much he hates windows.

    • snek_boi@lemmy.ml
      link
      fedilink
      arrow-up
      8
      ·
      edit-2
      3 years ago

      First of all, thanks for sharing this. I also found their text a couple of days ago, and was thrown off by it. It’s both enlightening and slightly scary. I really want FLOSS’s flourishing to be not only a personal wish upon the world, but to result in an objectively securer world . However, I think Madaidan successfully lets us see the proactive approaches towards security that Windows and MacOS have adopted, as well as the concrete ways in which those manifest. But some people are highly critical of them. That threw me off further. So here we are, thrown off and wanting to talk about it to sort it out to the extent that we can.

      My opinion of them has to be prefaced by two disclaimers that frame it. First, I think it’s perfectly possible for us to recognize the truth as well as wish for a different reality. Second, there is an objective reality that is always filtered through our perspectives. This means we can’t play the ‘God trick’ of claiming all truth nor claim knowledge is 100% relative; rather, knowledge is positioned.

      So back to Madaidan. Do we want to dismiss a clearly-laid-out and valid argument because it doesn’t align with our expectations (e.g. “FLOSS is securer. Linux is FLOSS. Therefore, Linux is securer”)? The answer depends on whether we feel comfortable with the world not aligning with our perspective. Similarly, the criticisms I’ve seen of them are mainly about their “racist” views, their censorship of others, and their promotion of non-FLOSS software. Some of these are not light accusations, and they have implications for the interpretation of his arguments. For example, are they aiming for FUD for people to trust Linux less? Maybe, but I can’t help but notice that the criticisms levied against them are not directly dealing with the validity of their claims, but rather are about their personal characteristics and their behavior.

      This is where the positioning of knowledge is important. It’s perfectly possible for someone to be a bigot and yet make a valid argument. The value-laden goals that motivate someone to argue something (e.g. ‘racial superiority’ [sic] justifying racism, or freedom justifying open licensing) are important to know whether to be skeptical or to ease our guard. But until a validity threat weakens the argument, an argument that is well crafted is valid. Even Hitler could validly argue that the Earth rotates around the Sun and not the other way around. I’m not defending people worth condemning. I’m trying to get at the golden nuggets of truth that can be found if we’re willing to accept a world that is different to what we want.

      So, is there truth in what Madaidan says? I certainly think their arguments in the Linux post are valid. I am also perfectly willing to search for and accept others’ validity threats to their argument, a search spurred by the context of accusations against them. For example, the discussion regarding sandboxing, present in a couple of different comments, is precisely the kind of discussion that we should be having to untangle this whole thing!

      Finally, I think it’s valuable to give fodder to accept the worst case scenario. That scenario is Linux indeed having poorer security in many respects compared to Windows and MacOS. If anything, this kind of open discussion about Linux’s security approach is precisely what is great about FLOSS! I had never heard about these problems in Linux’s security model, but in the past week I’ve found Madaidan’s article three times in three entirely different contexts. I think they’re turning a lot of heads. Hopefully that will spur changes in Linux for the better. It could be improved systematically with the insights that have been garnered for the past couple of decades.

      • JustEnoughDucks@lemmy.ml
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        3 years ago

        I think a big distinction that must be made would be acknowledging the problem, vs a proposed solution. I think, that is where the internal motivations make more of an impact.

        Linux devs can agree that there exists a problem while not agreeing on a solution. Perhaps Madaidan has been more criticized because his possibly bad motivations would influence the solution, not just recognition of the problem? As the above poster said, many other security experts have released similar reports, why is this one turning so many more heads than those?

        Perspective of a non-security expert by far. I don’t understand everything in the article, but it was relatively well simplified for the common power user I think.

        Also, specific question: is his point about sudo insecurity and keylogging mostly mitigated by the better security of Wayland? Is there a better way to secure sudo, or would that significantly reduce usability?

        • pinknoise@lemmy.ml
          link
          fedilink
          arrow-up
          1
          ·
          edit-2
          3 years ago

          keylogging mostly mitigated by the better security of Wayland?

          Yes and no, programs can’t keylog or record the screen of other programs via the wayland interface as they can in X. Wayland (and pipewire) have mechanisms for access control builtin. Thats a good start but it’s pretty useless if you don’t have proper access control / “sandboxing” for the other parts of your system. I remember reading some PoC code for a wayland keylogger that just injected a library (edit: into user programs) and there are probably some other (more creative) ways to do it.

      • Lunacy@lemmy.ml
        link
        fedilink
        arrow-up
        4
        arrow-down
        2
        ·
        edit-2
        3 years ago

        Thank you for your reply, is quite impressive! I agree with you. Just one thing;

        Similarly, the criticisms I’ve seen of them are mainly about their “racist” views, their censorship of others, and their promotion of non-FLOSS software. Some of these are not light accusations, and they have implications for the interpretation of his arguments. For example, are they aiming for FUD for people to trust Linux less? Maybe, but I can’t help but notice that the criticisms levied against them are not directly dealing with the validity of their claims, but rather are about their personal characteristics and their behavior.

        The reason why I wrote my first comment is because every time this article appears on the internet there are some people full of anger who spread misinformation about madaidan and/or miss the his point. For instance, some people says that he is racist. While this is a really heavy accusation, it quite obvious he is not. Everyone can easy check whether this is true or not by joining his community - which is only spite, he was never part of the nogoolag -.

        Personally, I really like Linux and the ideology behind. I actually think it’s important to understand the possible linux’s flaws in order to make it better in the future. Being in denial mode is not a good approach in my opinion.

        Again, thank you. It’s really nice to debate pacifically without involving hate. :)

        Edit: he actually was part of nogoolag, my bad here. However, he is not part of the group anymore.

    • federico3@lemmy.ml
      link
      fedilink
      arrow-up
      2
      ·
      3 years ago

      This statements can be profoundly misleading when taken without context.

      Security is complex and multi-faceted. It needs to be understood with the proper context:

      • what type of user are we protecting: skilled, unskilled, an entire company? An entire nation?
      • what type of data are we protecting: a database? The user email address, browsing activity, connection metadata?
      • what is the threat model or the attacker: a simple email scam? Surveillance from big companies? Targeted attack from a nation state?

      The majority of security breaches are surprisingly low-tech (phishing, guessable password…, stalkerware, built-in telemetries)

      Without context an article that goes “Linux being secure is a common misconception in the security and privacy realm.” can easily fuel FUD.