Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Using 14.04 fresh-updated Ubuntu for home PC. I guess I got backdoor and Im trying to find out how its possible.
I do not downloaded side apps. Using Ubuntu for browsing most all of the time.
So I have 2 version:
1) Compromised updated from Canonical (I know it sounds little paranoid but its possible?) 2) Im get backdoor after personal attack by substite my download queries on apps (from Muon Software Center or Updates) to stucked apps with backdoor on server/provider side or vpn-server side (im using vpn server from time to time).
I know its paranoid and Im not pro system guy, but I really want to know this. So my questions:
Is it possible?
What other ways I can got backdoor?
Please don't ask me why I think my system was compromised, lets think theoretically.
Also do I need to look out variant of bugged browser? Im asking because of root password...
It is OK to raise theoretical questions about the security of your distribution. Unfortunately your questions are not well organized. Shall I try and then let you clarify?
You wonder if Canonical has some sort of built in way to spy on a Ubuntu system.
You wonder if general web engagement by your computer can cause it to be compromised, and these concepts include: general browsing, performing updates, as well as applications using the web for status or reports to somewhere.
You generally wonder if the first two are possible and also what other possibilities exist.
Your final query is confusing and raises the topic of a bugged browser. Not understanding whether that means bugged as in surveillance, or bugged as in software bug.
For (1) Canonical has some built in ways to get reporting of what you do with Ubuntu, the impressions they foment are that this all has to do with the improvement of the product as a whole. You can determine what level of concern you have with that versus not. And these are the known things, you can find information about this on the web using general web searches. If there are things more well hidden, I'm sure it's possible and not beyond the scruples of companies, but in general when things become big, like Windows if they "hide" this stuff and then it comes out later that they did this, it's pretty bad PR. That all being said, and without looking it all up, I'd wonder how much it would matter versus not for something which is free. The only real way to deal with this concern is to not use it, right?
For (2) if you use Google, you probably already know that they use the cookies and all other stuff involved to determine your web browsing/searching trends and provide ads to your customized per your actions. Whether or not they have other intentions or share that information, .... well that's all couched in the legalese which you can read and I never do. There are threads about what web search facilities people use and in those threads many of them also discuss the privacy issues related to the various search engines; of which I think bing and google get some of the worst criticisms.
For (3) there are a whole variety of things which could expose your system. Some things to try are from another computer, see if you can "see" your Ubuntu system on the network, see if you can ssh to it using root with no password, see if you can ftp to it as anonymous, try some stuff like that. Read some of the network security for Unix books to learn ways invaders would crack into a system and see just how exposed versus not the distribution is. Read The Cuckoo's Egg and other similar books, definitely read other ones because the concepts in The Cuckoo's Egg are very old, like serial terminal/modem old, but still interesting. And almost ALL of the network stuff is still around today, ftp, tftp, telnet, ping, and etc.
For (4) sorry you'll have to clarify. If you're really paranoid about a "bugged browser" there's little ... "DON'T CLICK THERE!!!!" Sorry you were about to allow a dangerous script by clicking OK and that's just a bad idea .... I mean "FORGET about what I said!" "There's NO SUCH THING as a bugged browser!" "Statistical IMPOSSIBILITY!"
1) Compromised updated from Canonical (I know it sounds little paranoid but its possible?)
If someone at canonical behaves malicious, yes.
Quote:
2) ...by substite my download queries ... with backdoor
Ubuntu digitally sign their packages - like all large distributions do (I sure hope all do). The installer checks the signature with a public key which got on your computer while you installed ubuntu (Or checksums are checked, and a file containing the checksums is itself signed, and the signature is checked). An attacker who wants to sneak modified packages onto your system would have to sign their modified packages, which they cannot do without ubuntu's private key. So as long as
1) Your install medium was clean
2) Ubuntu keeps their private package signing keys private
3) You do not tamper with your apt-get in a way which makes it forget the signature check
4) Noone finds a fundamental way to break the applied public-private-key signing technic
Found a big security hole in Ubuntu yesterday. Poking around in GRUB I went to Advanced options for Ubuntu and booted into recovery mode. From there, you can have root access and do whatever you wish from the command line!
Found a big security hole in Ubuntu yesterday. Poking around in GRUB I went to Advanced options for Ubuntu and booted into recovery mode. From there, you can have root access and do whatever you wish from the command line!
This is not a "security hole" but rather a "recovery mode" allowing the system administrator to recover a broken system. In other words, it is a documented/intentional feature, not a bug you just discovered.
This is not a "security hole" but rather a "recovery mode" allowing the system administrator to recover a broken system. In other words, it is a documented/intentional feature, not a bug you just discovered.
It is a security hole if:
1) Letting people have physical access to your system
2) Let them access BIOS
3) Not setting a BIOS boot password
4) Allowing a boot loader to boot arbitrary programs.
Using 14.04 fresh-updated Ubuntu for home PC. I guess I got backdoor (..) Please don't ask me why I think my system was compromised, lets think theoretically.
As the same thread played out similarly elsewhere I assert the OP is not willing to supply useful information, participate or solve a (perceived) problem. Thread closed.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.