Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Pastimes : Computer Learning -- Ignore unavailable to you. Want to Upgrade?

To: steve harris who wrote (80420)

12/22/2012 5:36:53 PM

From: maceng2

Read Replies (1) | Respond to of 110653

-lol- Im still playing with my 32 bit version of Ubuntu on a virtual machine. It runs well enough. Printer drivers etc can be a problem.

Do many people run the 64 bit version?

an interesting link...

ubuntuforums.org

e.g...

Re: Ubuntu and Viruses

You shouldn't have done anything; as of this moment, viruses are almost non-existant in Ubuntu (the most recent one rendered harmless years ago). Why do you think it is used on 66% of servers?

but...

Re: Ubuntu and Viruses

Quote:

Originally Posted by doas777
my biggest worry, is that someday someone will compromise the repos.

It's already happened to several distros, with Fedora being the most recent example.

And even without repo compromises, one must still ask, "who watches the watchers?" It was demonstrated over 20 years ago by Ken Thompson (one of the creators of Unix) that one can hide backdoors in compilers and make them undetectable -- literally impossible to find even if one checks the compiler source. Thompson himself created a Unix backdoor that gave him full access to any Unix system compiled with a specific compiler and only told the world about it during his 1983 Turing award acceptance speech, some 15 years after he did it.

I suppose the lesson to be learned is you can only have a limited amount of trust in any sophisticated software project like an OS, whether it be closed-source or open-source (though open-source would be less susceptible by nature but still not bullet proof). Unless one can go through every line of the ~9 million lines of code in the kernel oneself to check for every possible security hole, one can never be sure. Even seasoned security experts cannot spot all the errors. And then you have to take into account not only a distro's package repostory but also the CVS, subversion, and git repositories from where the code is originally stored. It's possible for an intruder to crack those repos and insert malicious code even without the developer's knowledge. Of course such code probably wouldn't last all that long before it was discovered, but it would still be feasible for it to "get into the wild."

And this is all not even taking into account compromised hardware. It's perfectly feasible that CPU manufacturers, for instance, could allow compromised microcode to be released. This would allow total system compromise no matter the OS being used. This is a concern due to the fact that some chips are manufactured in countries that aren't really that friendly to the west.

The only thing the end user can do is take the basic security steps (firewall, don't run as root, only install from distro repos, etc) and hope that the "watchers" are trustworthy. That's why "viruses" and the like should be the least of a Linux/BSD user's worries. They aren't really a threat at all. The biggest threat is from compromised or incompetent source code.