Jump to content











Photo
- - - - -

Security on Linux


  • Please log in to reply
9 replies to this topic

#1 Mikorist

Mikorist

    ▂ ▃ █ ▅ ▆

  • Advanced user
  • 771 posts
  •  
    United Nations

Posted 30 September 2008 - 08:51 PM

I am not a security expert at all.

But NSA is..... :cheers:

U.S. NSA recently released a security-enhanced version of Linux -- code and all -- to the open source community.


From NSA Security-enhanced Linux Team:

As part of its Information Assurance mission, the National Security Agency has long been involved with the computer security research community in investigating a wide range of computer security topics including operating system security. Recognizing the critical role of operating system security mechanisms in supporting security at higher levels, researchers from NSA's National Information Assurance Research Laboratory have been investigating an architecture that can provide the necessary security functionality in a manner that can meet the security needs of a wide range of computing environments.

End systems must be able to enforce the separation of information based on confidentiality and integrity requirements to provide system security. Operating system security mechanisms are the foundation for ensuring such separation. Unfortunately, existing mainstream operating systems lack the critical security feature required for enforcing separation: mandatory access control. As a consequence, application security mechanisms are vulnerable to tampering and bypass, and malicious or flawed applications can easily cause failures in system security.

The results of several previous research projects in this area have yielded a strong, flexible mandatory access control architecture called Flask. A reference implementation of this architecture was first integrated into a security-enhanced Linux® prototype system in order to demonstrate the value of flexible mandatory access controls and how such controls could be added to an operating system. The architecture has been subsequently mainstreamed into Linux and ported to several other systems, including the Solaris™ operating system, the FreeBSD® operating system, and the Darwin kernel, spawning a wide range of related work..



Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
FreeBSD® is a registered trademark of the FreeBSD Foundation.
Solaris™ is a trademark or registered trademark of Sun Microsystems, Inc. in the United States and other countries.


From:
Security-Enhanced Linux


Posted Image

Conclusion:

If NSA need a secure OS internally, and that is the Linux
we can take to be relatively secure in Linux as home desktop users.

Download

SELinux is now available in Hardy Heron.
See that page for installation instructions:

https://wiki.ubuntu.com/SELinux


:confused1:

#2 Mikorist

Mikorist

    ▂ ▃ █ ▅ ▆

  • Advanced user
  • 771 posts
  •  
    United Nations

Posted 01 October 2008 - 04:34 PM

Some of the top computer-scientists and
programmers in the world worked on SELinux ...

Security policy and enforcement are independent using SELinux.

Posted Image

Look:
Anatomy of SELinux

... so they may know
something about Linux that most don't.

What is that knowledge?
Linux is the most secure operating system (OS) in World.


Does NSA/US government use Linux as their main operating system??

NSA collaborate with Linux...

NSA really want to help EVERYONE LINUX users with security?

We will never not know that for sure....

...but your tax dollars are paying for SELinux package!

P.S
The SELinux package is OPTIONAL, you don't have to install it.

:confused1:

#3 sanbarrow

sanbarrow

    Silver Member

  • Developer
  • 788 posts
  • Location:Germany - Sauerland

Posted 01 October 2008 - 06:19 PM

Linux is the most secure operating system (OS) in World.


what about OpenBSD ?

#4 was_jaclaz

was_jaclaz

    Finder

  • Advanced user
  • 7100 posts
  • Location:Gone in the mist
  •  
    Italy

Posted 01 October 2008 - 06:48 PM

The most secure OS in the world is ANY operating system on ANY machine NOT physically accessible by intruders and NOT connected to the internet.

FYI:
(interesting comparison and links to various BSD's) :confused1:
http://www.linuxques...posting-177142/

jaclaz

#5 Mikorist

Mikorist

    ▂ ▃ █ ▅ ▆

  • Advanced user
  • 771 posts
  •  
    United Nations

Posted 01 October 2008 - 07:08 PM

what about OpenBSD ?



My answer to this is in citation from NSA.


The most secure operating systems in World :

1. Linux® is a registered trademark of Linus Torvalds in the United States and other countries.

2. Solaris™ is a trademark or registered trademark of Sun Microsystems, Inc.

3.FreeBSD® is a registered trademark of the FreeBSD Foundation.

4.Darwin is operating system released by Apple Inc. in 2000.



This include all BSD & Unix OS Derivatives ...


:confused1:

#6 Mikorist

Mikorist

    ▂ ▃ █ ▅ ▆

  • Advanced user
  • 771 posts
  •  
    United Nations

Posted 01 October 2008 - 07:15 PM

The most secure OS in the world is ANY operating system on ANY machine NOT physically accessible by intruders and NOT connected to the internet.

jaclaz


This is really true !

:confused1:

#7 rawr

rawr

    Frequent Member

  • Advanced user
  • 163 posts

Posted 10 October 2008 - 07:08 PM

I am not a security expert at all.

But NSA is..... :cheers:


:cheers:
Linux kernel backdoor blocked

some old news & intresting quote :confused1:

"If you were the NSA, how would you backdoor someone's software? You'd put in the changes subtly. Very subtly."



#8 was_jaclaz

was_jaclaz

    Finder

  • Advanced user
  • 7100 posts
  • Location:Gone in the mist
  •  
    Italy

Posted 10 October 2008 - 07:25 PM

GOOD find, rawral, :cheers:

Some OLDER news:
http://www.heise.de/...l/5/5263/1.html

And some NEWER news:
http://arstechnica.c...a-backdoor.html

:confused1:

jaclaz

#9 Mikorist

Mikorist

    ▂ ▃ █ ▅ ▆

  • Advanced user
  • 771 posts
  •  
    United Nations

Posted 10 October 2008 - 09:00 PM

:cheers:
Linux kernel backdoor blocked

some old news & intresting quote :cheers:

"If you were the NSA, how would you backdoor someone's software? You'd put in the changes subtly. Very subtly."




If you were the NSA and you know that Linux is the most secure operating system (OS) in World,
how would you backdoor someone's Linux?

Security policies ??

NSA really want to help EVERYONE LINUX users with security?

:confused1:

#10 rawr

rawr

    Frequent Member

  • Advanced user
  • 163 posts

Posted 11 February 2009 - 11:13 PM

very interesting /informative links !!


hears another olde to add to the collection ..

theregister.co.uk/1999/03/12/microsoft_caught_with_pants_down/

The cultural gulf between control freaks and open source freedom fighters is widening daily.


:poke:




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users