WannaCrypt Makes an Easy Case for Linux

Discussion in '[H]ard|OCP Front Page News' started by Megalith, May 19, 2017.

  1. Megalith

    Megalith 24-bit/48kHz Staff Member

    Messages:
    9,484
    Joined:
    Aug 20, 2006
    This guy admits that it’s a tired argument but is using the recent/current ransomware fiasco to raise awareness for Linux and its security benefits again. Yes, you’ve heard most of it before: businesses should all switch from Windows, as it is a huge target for exploits, but he does try to make a novel point by noting that more and more companies are switching to Software as a Service (SaaS) or the cloud (meaning that work is increasingly done through a web browser), making Linux deployment more practical and sensible now. Er, wouldn’t Linux just become as vulnerable as Windows if its usage were to rise to the same level…

    Don't get me wrong, I'm not saying Linux is perfect. Any system connected to a network can fall victim to something. But the truth of the matter is, by design, Linux is far less susceptible to the likes of WannaCrypt than is Windows. How do I know this? I've been using Linux as my only operating system (on servers and desktops) since 1997 and have only encountered one instance of malicious code (a rootkit on a poorly administered mail server). Those are some pretty good odds there. Imagine, if you will, you have deployed Linux as a desktop OS for your company and those machines work like champs from the day you set them up to the day the hardware finally fails. Doesn't that sound like a win your company could use?
     
  2. Zarathustra[H]

    Zarathustra[H] [H]ard|News Staff Member

    Messages:
    22,288
    Joined:
    Oct 29, 2000
    Certainly, obscurity is a part of the advantage Linux holds over windows, but it is far from the only advantage.

    Even if Linux had a user base similar in size to Windows, it's fundamental design elements and fast easy updates of not just the OS itself, but all installed applications mean that it would still hold a significant advantage over Windows even if it lost its advantage by relative obscurity.
     
    wolfofone, ChadD and jfreund like this.
  3. lcpiper

    lcpiper [H]ardness Supreme

    Messages:
    7,754
    Joined:
    Jul 16, 2008

    i can't fucking resist.

    I'm sorry :sneaky:


    So now, Linux is better because so few people use it....

    It'll be fucking great when no one uses it (y) :ROFLMAO: :ROFLMAO: :ROFLMAO:
     
  4. Daeron

    Daeron Limp Gawd

    Messages:
    251
    Joined:
    Aug 7, 2000
    Guess I gotta put on my boots to read this one...
     
  5. otherweeb

    otherweeb Limp Gawd

    Messages:
    383
    Joined:
    Jan 8, 2016
    pfft!

    Currently reading this on my un-hackable abucus.
     
  6. dgingeri

    dgingeri [H]ard|Gawd

    Messages:
    1,948
    Joined:
    Dec 5, 2004
    I've worked with both. Linux has its place, but file server is NOT one of them. Linux file shares and file systems simply do NOT have the flexibility businesses need, mostly in assigning rights to folders and files. Linux is great for web servers, web proxies, and databases, but NOT for file services.
     
    d8lock, swatbat, Sulphademus and 2 others like this.
  7. Vader1975

    Vader1975 Limp Gawd

    Messages:
    169
    Joined:
    May 11, 2016
    Linux has always been a somewhat fragmented community but there are definitely some business friendly distributions with full business support available. There have been basic business software applications for linux for many years and I have seen more companies running thinbooks and ultrabooks with Linux connecting to cloud services. I have also seen some chromebooks and an increasing number of macbooks. As OSX is an offshoot of BSD (long story), it also has plenty of software for business available as well. If a company truly would like to leave Microsoft behind... they absolutely could do so. They can also get high-quality professional support and virtual server and services support and mail server support etc. Now while I am definitely seeing more use of non-microsoft OS's, I am also seeing a lot of windows 10 penetration and am hearing the typical banter about Microsoft updates breaking software. Then they start trying to block updates to keep business working smoothly due to Microsofts rather horrible update testing. I have seen 4 different updates from Microsoft in the last year disrupt millions of dollars in business. So I fully understand why businesses start blocking Microsofts half-baked updates. Then I see a new virus or ransomware come out and everyone screams about people not taking Microsofts updates. I then laugh because Microsoft causes this. They don't test them enough and cause too much disruption. I do not hear about these types of issues from the Linux and OSX users from their software side on a regular basis, but I have heard some grumblings from Mac users about some hardware having issues after a OSX update. I assume a major Linux kernel update could also cause such a thing, but the ram down your throat before its ready mentality of Microsoft doesn't seem to be the norm in professional linux distros. I could see linux coming under more serious attack if it gained significant marketshare.
     
  8. Cyraxx

    Cyraxx [H]ardness Supreme

    Messages:
    4,179
    Joined:
    Feb 21, 2005
    The security is a direct reflection of the user base.

    Which would you rather.... Hack a system and have access to 300 users, none of which are more likely to have money than the other... Or would you rather have 300,000?
     
    Sulphademus likes this.
  9. Galvin

    Galvin [H]ard|Gawd

    Messages:
    2,001
    Joined:
    Jan 22, 2002
    Windows 10 has linux built in, if anything people will just stick with windows.
     
    Talyrius and heatlesssun like this.
  10. vegeta535

    vegeta535 Limp Gawd

    Messages:
    511
    Joined:
    Jul 19, 2013
    Also Linux is hackers baby and they wouldn't do anything to make it look bad. Not too mention Linux is open source. Wouldn't it be a lot easier to find vulnerabilities or push compromised builds?
     
  11. lcpiper

    lcpiper [H]ardness Supreme

    Messages:
    7,754
    Joined:
    Jul 16, 2008
    You bring up an excellent point. When Red Hat first showed up I was confused, "why would anyone pay for a Red Hat when Linux in general was free?"

    Then I got into the real working world and realized that businesses don't want free. They can't bill for free, they can't justify costs for free, how do you go to a customer and tell him you want to charge him for something that you got for free?

    What's more is, businesses use their clout as paying customers to promote change. I need this so change up the next release and add support for what I need. If you are paying someone then you have leverage, but if it's free what leverage do you have? Nothing at all.

    This is why businesses don't support free, and why Red Hat was able to make a go of a business model built on something that was free. Red Hat said "I'm going to charge you for our Linux OS and because you are paying, we'll be listening".

    Just thought this was a good time to bring that up.
     
  12. webdev511

    webdev511 Limp Gawd

    Messages:
    299
    Joined:
    Dec 1, 2004
    If One Billion people used Linux on personal computers, then One Billion people would still be the target of criminals.
     
    Talyrius, MavericK and heatlesssun like this.
  13. Zarathustra[H]

    Zarathustra[H] [H]ard|News Staff Member

    Messages:
    22,288
    Joined:
    Oct 29, 2000

    I can see that. It can be a bit difficult to get the file and user permissions right, but once you figure it out it's not bad.

    I run my file server at home under Linux, and wouldn't even consider a windows box for that role, but I don't have to continually add and remove users.

    If you are experienced enough you can set up a Linux install to communicate with Active directory, and run scripts to setup new user permissions and remove old ones, but I've never done it, as I've never needed to.
     
  14. Ur_Mom

    Ur_Mom I'm Not Serious

    Messages:
    22,655
    Joined:
    May 15, 2006
    This bugs me. I've been using Windows since Windows 2. I've only personally encountered a couple instances of malicious code. I do know there is a shit ton out there, though. This guy may have only encountered one instance, but there have been many more. Personally, for me, the odds are great for me to continue to use Windows. I'm a safe, protected, good computer user. I'm sure if I downloaded and clicked on everything in Linux, I'd be more susceptible to infections, too. Not as high as Windows (which is the major target as you're getting grandma, execs, 90+% of computer users), but it's still a possibility.

    I still like Linux, though. I just don't think his experience should dictate the odds. Just because he has only personally experienced the one instance doesn't mean others don't exist. Just make sure all the info is on the table.

    If I told people to not run anti-virus, that'd be dumb. But, some people don't run it and just don't click on anything or download anything questionable and have never had an issue.
     
  15. jkw

    jkw Gawd

    Messages:
    551
    Joined:
    Oct 10, 2004
    (Disclaimer: I'm a Linux fanboy)

    Linux is only *seemingly* more secure because it is targeted less AND because Linux users are typically more security savvy. If you replaced every Windows install with Red Hat or Ubuntu or whatever other popular Linux OS, we'd see a dramatic increase in compromises and malware. Why? Because Linux is full of vulnerable code, and because endlusers would break it and make it less secure. The average endluser is not security savvy and will definitely fuck up something as complex and powerful and Linux (complex to them, but simple and beautiful to me). If you don't believe that Linux is more vulnerable, then go count the # of Windows vulnerabilities and compare it to Linux vulnerabilities. Check CVE, NVD, Red Hat Security, Linux Kernel and Ubuntu websites for proof.

    Also, it's worthy noting that Windows can be locked down and made VERY secure. Linux can too ... if we lock it down so the endluser can't break it and make it insecure. Some Linux distros are pretty well locked down, but the 3rd party software packages they distribute are not. Mac OS has the same issues as Linux, but Apple has a head start because they have locked down OS X while still allowing power users to do their thing.
     
  16. Chuklr

    Chuklr Gawd

    Messages:
    539
    Joined:
    Nov 1, 2009
    The best way to ensure one never finds a virus, trojan, malware, or other nasty is to never look for it. :D
     
    heatlesssun likes this.
  17. jkw

    jkw Gawd

    Messages:
    551
    Joined:
    Oct 10, 2004
    Fixed that for you.
     
    geok1ng likes this.
  18. Chuklr

    Chuklr Gawd

    Messages:
    539
    Joined:
    Nov 1, 2009
    :D Are you spying on me!!!??? :D
     
    Mr34727, GoldenTiger and heatlesssun like this.
  19. jkw

    jkw Gawd

    Messages:
    551
    Joined:
    Oct 10, 2004
    raz-0 likes this.
  20. Simmonz

    Simmonz [H]ard|Gawd

    Messages:
    1,937
    Joined:
    May 14, 2008
    Not surprised, the NHS are already thinking of moving to Ubuntu.
     
    davethehedgehog likes this.
  21. DukenukemX

    DukenukemX 2[H]4U

    Messages:
    2,852
    Joined:
    Jan 30, 2005
    That depends on what you think people are using? For example, Android is linux. Most routers are linux. Good amount of web servers run linux. Google's entire business runs linux. I think they use Ubuntu or something.

    But yea we're talking about desktop OS's here. But otherwise there's plenty of incentive to write Linux ransomware. It's just not easy to do.

    That's odd, since Linux is superior to Windows in performance when it comes to file services. And Linux has a plethora of file systems to choose from. Nearly all NAS's run Linux.

     
    Master_shake_ and jkw like this.
  22. DukenukemX

    DukenukemX 2[H]4U

    Messages:
    2,852
    Joined:
    Jan 30, 2005
    Bash isn't Linux, it's just a small part of it.
     
    CacaSapo likes this.
  23. leezard

    leezard [H]ardOCP Case Reviewer Staff Member

    Messages:
    4,118
    Joined:
    Aug 24, 2004
    Until people start disabling updates...
     
    Talyrius and GoldenTiger like this.
  24. BHenry

    BHenry Limp Gawd

    Messages:
    222
    Joined:
    Oct 8, 2008
    Coming from the security scanning side of things, we get a ton of vulnerabilities that have to be fixed on Linux also. Also, who the hell names the vulnerabilities? Dirty Cow, Eternal Blue, logjam, so on...
     
    Talyrius, jkw, Chuklr and 2 others like this.
  25. prime2515102

    prime2515102 [H]ard|Gawd

    Messages:
    1,197
    Joined:
    Mar 3, 2003
    I tried several times to run Linux but the learning curve was well beyond my attention span. I reckon I should bite the bullet and finally educate myself. My gaming days are just about over anyway (I was killed by a tree the other day in Crysis fer corn sakes!) so it's probably a good idea.
     
    dgz likes this.
  26. lcpiper

    lcpiper [H]ardness Supreme

    Messages:
    7,754
    Joined:
    Jul 16, 2008
    It's no harder to write code to hammer a Linux box over a Windows box other than you might have to learn other ways to exploit things. The issue isn't difficulty, it's payoff. There's little incentive in it and businesses and such that use Linux have solid DR capabilities.

    We have Linux servers on our network, sure you could hurt one, (if you could get on our network that is, we aren't connected to the internet or outside the building for that matter), but the systems are certainly vulnerable to something. But they are also VMs, if the VM can't be restored the datastore that holds it can be restored. Of course any business that protects itself in this way is immune to any lasting and serious attack. No the individual user doesn't have such resources available so they are much more vulnerable. But it's not because of the OS involved, it's about what kind of resources you have.
     
  27. heatlesssun

    heatlesssun Pick your own.....you deserve it.

    Messages:
    44,529
    Joined:
    Nov 5, 2005
    The Windows Linux Subsystem is far more than Bash, it's essentially Linux running on top of Windows, essentially it's the reverse of Wine.
     
  28. heatlesssun

    heatlesssun Pick your own.....you deserve it.

    Messages:
    44,529
    Joined:
    Nov 5, 2005
    Porn script writers?
     
  29. Lakados

    Lakados Limp Gawd

    Messages:
    137
    Joined:
    Feb 3, 2014
    This is a Cyclic argument at best, if Linux had the same user base as Windows it would be a much more lucrative target, and people trying to break it would increase dramatically. WannaCrypt is an example of why you should do your damned updates and Linux servers are just as likely if not more so to go without updates longer than a Windows PC or Server. At the end of the day it is the user on the computer and who set the hardware up that is responsible for 99% of a systems security, Microsoft tried to implement a more Linux like security with UAC and I think we all know how that turned out.
     
  30. andrewaggb

    andrewaggb Limp Gawd

    Messages:
    191
    Joined:
    Oct 6, 2004
    meh - linux won't help. It has most of the same issues. I've seen plenty of linux boxes hacked. And almost always because they aren't kept up to date and more services and ports are open to the world than necessary.
     
    darkpaw, Talyrius, BHenry and 2 others like this.
  31. dgingeri

    dgingeri [H]ard|Gawd

    Messages:
    1,948
    Joined:
    Dec 5, 2004
    Linux file rights are simply read, write, and execute for the owner of the file, the members of the group owners of the file, and all others. There aren't really any directory level rights, and nothing inherits. It's just not flexible enough. Performance means little if the files can't be secured down or can't be adjusted tot he needs of the company. And, yes, Linux has a bunch of different file systems and runs a bunch of NAS devices. Whoop-dee-doo. Those devices are for when half a dozen people need access to the files, not a department of 40 or a company of 300. Those NAS devices are horrible for security and even worse for flexibility. The file systems are great for flexibility for drive configuration and redundancy, but can't do a tenth of what NTFS can do for security and sharing flexibility, and Windows has made lightyears of progress in drive configuration flexibility with Storage Spaces, more than enough to leave all of Linux behind in that area. With Storage Spaces, I can put together a group of 12 drives and make one virtual drive on it with mirroring redundancy, one with dual parity redundancy, and one with just basic striping across all the same drives, all with hot spares and hot swapping drives all handled by software. Linux has nothing to match that. Performance was pretty bad with the first version, but that has improved with the second version, and will likely improve as it becomes more developed.

    What about user security on Linux? Linux can't even do that natively. Any user level security is done through Samba, NFS only has security in restricting certain IPs from accessing the share, and what use is that? It wouldn't take any half competent script monkey a minute to bypass that security. Samba and CIFS might be a little better, but it still pales in comparison to Windows user level security and control. I could (and do) have a file share that a whole department could log into while one group has access to 14 folders within it, but only a certain subgroup has access to 3 more folders on that share. I have one share for home folders where everyone has access to the root, but all the subfolders are only accessible to their owners and the domain admins. Plus, proper 'best practices' can be done with Windows in assigning rights to folders and shares only done by groups, and then add users to the group to control who gets what access. That simply can't be done in any means with Linux.
     
    ManofGod, d8lock and GoldenTiger like this.
  32. WorldExclusive

    WorldExclusive [H]ardForum Junkie

    Messages:
    10,559
    Joined:
    Apr 26, 2009
    Will those Linux machines still be connected to the Internet?
    These experts still think the OS/machine is the problem.
     
  33. heatlesssun

    heatlesssun Pick your own.....you deserve it.

    Messages:
    44,529
    Joined:
    Nov 5, 2005
    I don't think any organization that has a good update process got hit with this, we didn't. But we have an excellent update process.
     
    Talyrius, GoldenTiger and lcpiper like this.
  34. lcpiper

    lcpiper [H]ardness Supreme

    Messages:
    7,754
    Joined:
    Jul 16, 2008
    Exactly correct

    If there is an argument to be made regarding this malware, it's that organizations and individuals need to keep their shit patched regardless of what OS or update method they choose to employ. They will either be effective or they will not but the proof is in the pudding.
     
    Talyrius, GoldenTiger and heatlesssun like this.
  35. Zarathustra[H]

    Zarathustra[H] [H]ard|News Staff Member

    Messages:
    22,288
    Joined:
    Oct 29, 2000

    More often than not, when I see Linux boxes compromised, it's because the person who set it up left the default passwords in place.

    Sure, there are privilege escalation exploits on *nix systems as well, but they are much rarer, and when they are discovered, they are typically patched much more quickly.

    Certainly, if Linux saw the userbase that Windows currently ha, more malware would be written for it, but they still wouldn't be even remotely close to equal.
     
  36. heatlesssun

    heatlesssun Pick your own.....you deserve it.

    Messages:
    44,529
    Joined:
    Nov 5, 2005
    Perhaps not but ultimately if one doesn't properly maintain their systems, shit will happen. We're talking about people who didn't even have decent anti-virus or IDS setup. Maybe Linux would prevent them these kinds of attacks but the quality of the IT management that people who got hit with this is a pretty clear sign that they're easily hackable folks, the OS wouldn't really help them that much if they are that bad at managing their IT infrastructure.
     
  37. Zarathustra[H]

    Zarathustra[H] [H]ard|News Staff Member

    Messages:
    22,288
    Joined:
    Oct 29, 2000
    That's a fair assessment
     
    Talyrius and heatlesssun like this.
  38. Zarathustra[H]

    Zarathustra[H] [H]ard|News Staff Member

    Messages:
    22,288
    Joined:
    Oct 29, 2000
    What good does running Linux as a guest do you, if the host it's running on top of gets pwnt?
     
  39. heatlesssun

    heatlesssun Pick your own.....you deserve it.

    Messages:
    44,529
    Joined:
    Nov 5, 2005
    There's absolutely nothing new about WannaCry. Use a well documented remote execution flaw in Windows that's been patched or can be mitigate several ways and deliver a payload. The only reason why these kinds of attacks work is because some people just refuse to learn and do the most basic stuff.
     
    CacaSapo likes this.
  40. heatlesssun

    heatlesssun Pick your own.....you deserve it.

    Messages:
    44,529
    Joined:
    Nov 5, 2005
    True, fortunately Windows 10 wasn't even targeted by this worm which I thought was interesting though Shadow Brokers did mention that they had specs on attacks for Windows 10 and mentioned 10 by name, the only OS they mentioned by name. Though this SMB flaw was in 10 as well.