Jump to content

Wamukota

Members
  • Content Count

    91
  • Joined

  • Last visited

Community Reputation

10 Good

About Wamukota

  • Rank
    Message Adept
  • Birthday 12/21/1956

Contact Methods

  • Website URL
    http://baudrez.be
  • ICQ
    0
  • Skype
    wamukota

Profile Information

  • Gender
    Male
  • Location
    Brugge (Belgium)

Previous Fields

  • Main System Specs:
    HP Pavillion P6000 Series - i7 - 8 Gb
  • Secondary System Specs:
    Toshiba Tecra 11 laptop
  1. Thanks for the extra info guys.
  2. I run Linux Mint MATE17.3 workstation behind a router from my ISP and I have UFW enabled with the default settings. Suppose I downloaded and installed the tampered LinuxMint 17.3 ISO with the Tsunami Backdoor. In this case the malware could be installed on the servers due to a security breach in a Wordpress Plugin, but I suppose a tampered ODT or PDF file could be used just as well to install malware on my laptop. Would the default firewall settings be enough to prevent my system from being used by the Linux Mint downloader/IRC Bot backdoor? If not, what settings must I apply to the iptables to allow normal desktop use of my laptop and prevent unwanted/malware services to generate incoming/outgoing traffic? If there are no settings to prevent any incoming/outgoing malware generated traffic, what is the use of a firewall then?
  3. I think it is clear now that all security is compromised on any EXT2/3/4 formatted drive, as anybody using Windows can read my not-encrypted ext4 formatted thumb drives. The question I still have is : Opt for encryption or Go for XFS or JFS or BTRFS.
  4. I read the article [How To] Access Linux in Windows when dual-booting Linux, Ubuntu, Linux Mint and Windows 10/8.1 here and decided to try it out on my Win7/Ubuntu dual-boot desktop. The tools works good. Too good even !! You can view all your Linux files on your EXT4 partition from within the Windows Explorer, but you can also modify, rename, delete them, create new folders and files... In short, gone is all the security typical for ext4. I tried all sorts of rights to protect the EXT4-files, but up to now, no joy at all. I know that once a user has access to your box, security is gone, but the kind of users I try to convert to Linux, have multiple accounts under Windows mostly with admin rights (dad, mom, sons, daughters, ...). Once logged in into Windows, all it takes is 2 minutes to install ext2fsd and he/she can have his/her way on all the / or /home data normally secured behind Linux/EXT4 I do not intend to revert to full partition encryption, so... Is there a way to prevent ext2fsd from having write and execute access on the ext4-partition fom within Linux? If not. What would be the best filesystem to format the partitions, XFS or JFS or ...
  5. I used to like KDE 3.5 but when the 4.0 appeared and was not 100% fit yet, I looked around and started to like XFCE as my prefrences are for a 'naked' desktop. Once Canonical released their Unity, I was sold. For me it just works. I tried Mate and Cinnamon but they don't 'speak' to me. KDE 4.x is totally out of the question now as too complex, too much glitter. The only DE I would like to try in the future is Openbox, as it has even less on the desktop, but until that time, it is Unity for me.
  6. The whole issue about Java security made me think twice, but after looking around, I found this as a reply on the following topic What Is Java, Is It Insecure, and Should I Use It? and it gives a clear answer for me, so here it is. Java is a development language. It is used to create the software that you use on your day-to-day basis. You know those nice little apps you're using on your iDevices? They use Objective-C as a development language, for example. There are many development languages out there including Javascript (yes, completely different than Java), C, C++, Ruby, PHP, Scala, Python and the list just goes on and on and on. Is Java less secure than the other development languages? The answer is a clear-cut 'NO!'. If the answer would have been yes, you'd probably want to throw away your DVD and Blueray players, your refrigerators, phones, cars and many other devices that run Java. That's right. So where is the problem? Java has two ways of running applications. Directly on your computer or via the web browser. The problem is within the web browser plug-in. When Java just started, quite a few years ago, its developers thought it would be nice to be able to run Java applications directly from within the browser. However, they did a poor job in building a proper plugin. The plugin has many vulnerabilities which haven't been fixed in the years to come. Not by its original developer Sun, and not by the guys who took over - Oracle. The plug-in is rotten from the inside, and seems like a lost cause in attempts to fix it. Does this mean that Java applications are not secure? Absolutely not. It means that the plugin that's running in your browser is insecure, and it itself poses a security risk. By all means, you should go ahead and disable the Java plugin from your browser, whichever your favorite browser is. Today, there's an alternative way to run Java applications from the browser. They won't open within the browser page itself, but rather require you to click on a button and then the application will be installed on your computer and ran in its own window as its own applications. These applications are also completely safe to use (as any other desktop application you may have installed). Does this mean you should completely uninstall Java from your computer? Absolutely not. There's nothing wrong with Java as a language, and in fact, it is much more secure than some of the development languages that were previously mentioned.
  7. Up to now I've used Gambas as programming language for developing my apps under Linux. That is mainly because I came from a Visual Studio Dot Net enviroment on my work. I would like to expand my programming knowledge and switch to another programming language because my ultimate goal is to develop some Android Apps in the future. But I must learn the new Java language of course because AFAIK Java is used for Android programming I have some questions: I hear quite a lot of security issues from the Java front. What is the impact of those 'holes' Why would I use Java instead of Python? Can I roll-out Java apps as a deb-file? TIA guys, A.J.
  8. I always wonder if the topics I write on my blog http://baudrez.be should be translated in English. Translating the text isn't that hard, but all screenshots are from Dutch localized distros. I would have to make a second user on my box and have it use English en redo all the shots. And probably all I wrote is already available on an English page somewhere in cyberspace. that beind the case, you shouldn't brush up your foreign language skills...
  9. I often go to a computer fair where together with some mates we set up a little desk, roll-out our laptops en try to make the passers-by aware that Windows only holds a small portion of the world. We all run different flavors of Linux and people are free to 'play' on the boxes. You'd be amazed at how many of them try to insert a pendrive in the machines. I don't care what is on the pendrive, as the account active at that time is locked down and there is no data on the box. The pendrive is not recognized nor mounted automagically. One of my buddies was running Ubuntu and had taken his laptop to the fair, created a new account, but didn't know that his personal $HOME folder was open to the world, as is standard by Ubuntu (drwxr-xr-x rights). It took 1 guy a few seconds to be browsing in his personal stuff. Thay was an eye-opener for me, and since then I began to look in the default safety settings of Linux, and was amazed how 'open' (pun intended) my OS was. I try to lock-down my account, not because I have earth scattering stuff on it, but because I hate to lose time by having to go through everything to see if nothing was tampered with, or something was inserted (like child porn) while my laptop is on display. All my lessons learned are put into laymans terms on my blog, as most of the guys visiting my site are visitors on Seniorennet (a website dedicated to the 50+ ) and are more like 60 or 70 than 30. It is a fun thing. I have to do research, learn quite a lot, and I can help someone else.
  10. Eric, yes, I know that once you gain physical access to my box, you'll take off with my deepest and dirtiest secrets. But the point is that most people are unaware that even a Linux box, is only as safe as you make it. Some little hardening can be done even by new ex-XP Linux users. So, I am only showing the guys who follow me on my blog, that little tweaks can make it just that tiny bit harder for a cracker that he'd rather be off to another machine, instead of waisting time or lacking the will to persue his 'drive-by' attack. One of the things is preventing the automount, but I couldn't figure out where on earth Unity had hidden the User & Groups front end and when stuck, you call in the help of the people who know where to find what you couldn't find. I am happy that I'll be able to finish my post this weekend. CU A.J.
  11. Urmas, you found it. Thanks a lot. I wonder why I didn't find this website. Anyhow, So Long, and Thanks for All the Fish
  12. Hoi Eric, yes, long time no see. Had some other stuff to do and being retired means less time for me... I didn't explain my problem well enough I think. What I am doing is, that I am writing a topic for my blog about hardening your Linux Desktop Environment. One of the topics is preventing 'the other unknown passant' from gaining access to your system using pen-drives and CD's using the automount feature. Alas, in Unity, I cannot find the tools to modify the users rights. The tool 'User and Groups' seems to be gone. And my target group are not the ones who will switch to a terminal and start hitting keys on the command-line. I used to do it in earlier versions of Ubuntu. Strange...
  13. Hey guys, I am using Ubuntu 14.04. I need to disable the automount for USB and CD on a per user basis, so that I have full automount, but the guest accounts don't. I thought I'd go to System > Administration > Users and Groups, then select the user and head to the Advanced Settings > User Privileges tab and uncheck the boxes corresponding to the Access External Storage Devices Automatically option, the Mount Userspace Filesystems, and Use CD-ROM Drives option, so that when mounting anything, a password would be required. But, unless I am mistaken, (which at my age is a possiblity ) I do not find anything that resembles a Users and Group entry in Unity I find User Account in the System Settings, but there is no advanced settings button and obviously no way to alter the settings of the guest user, except his login settings. I could install KUser , but I hate to drag in half of KDE just for such a basic thing. Anyone?
  14. You can only beat an opponent. Who is Linux competing with?
  15. As long as the hordes of users will use it as their DE, it will survive. If we all flock other DE's it will simply die. Those are the elementary laws of nature
×
×
  • Create New...