In this post, I wrote about Linux security. My point was the OS can be quite robust, but certainly not bulletproof by default, so it’s a huge mistake to trust it too much.
Linux is a wonderful OS. Here, we only “enumerate” the dark parts and things that could go wrong.
While Linux holds about 1% of the market if you only consider the end users, it’s used everywhere in reality:
- IoT devices
- Cloud-based architectures
- Military infrastructures
- Systems that drive critical tasks such as Air Traffic Control
And many more…
- Hundreds of distros (distributions) and subsystems, and many of them are unmaintained or flawed
- Multiple kernel exploits over the past years
- Devastating Local Privilege Escalations such as Dirty Pipes, Dirty cows
- Desktops that do not protect users’ privacy, allowing any app to access all data (there’s no sandboxing)
- Sandboxing solutions like
firejailare considered flawed by nature by many security researchers, as it executes as root, so any flaw in the package would result in a root privilege escalation
- Multiple memory corruption vulnerabilities (e.g., unitialized variables, shellcode injections, ROP/JOP chain attacks)
- Multiple sudo exploits (keyloggers, hooks via
LD_PRELOAD, fake sudo prompt)
And many more…
Linux does a nice job with some default configurations, but that does not mean you can skip essential steps.
Of course, it depends on your threat model, a.k.a what are the potential risks associated with your activities, but, in my experience, hardening Linux is necessary and requires deep knowledge.
It’s not uncommon for advanced security teams or pen-testers to build their own distributions with security tweaks and packages they like to use.
While it’s true they mostly do it for efficiency and prevent stability issues that could jam their work, they also perform various hardening.
For the average Linux user, a significant part of the global security is handled by browsers, not the operating system.
It’s always the same process: learn, experiment, and jump to the next step. There’s nothing you can do against global adversaries, but unless you are doing weird things or you become a person of interest unwittingly, additional layers of security will make things much much harder for kiddies and less dangerous actors.
Here are practical recommendations for the individuals:
- use full disk encryption, not just for your
- disable any telemetry (e.g., disable system reports, don’t send crash reports) and file history if you don’t need them, which is likely
- disable wireless connections if you don’t need them (e.g., Bluetooth, WiFi)
- get rid of useless services (e.g., in privacy settings) and packages, and close unused ports
- cover your camera
- lock down the desktop, but also the BIOS (e.g., set administrator password)
- don’t use security packages blindly, as it might be used against you
- don’t use the same devices for classic and sensitive activities
- consider moving to SELinux
Unlike proprietary systems such as Windows and macOS, Linux is open-source, which brings lots of advantages including trustworthiness and auditability!
However, it does not mean you can’t criticize it just because it’s free. Some features are great and others are debatable, including the ones I would recommend.
Exploring things is great but can have some costs. You can raise curiosity, and if anything goes wrong, some people may question your activities:
- why are you running distros made for hackers or pen-testers?
- why are you learning advanced compartmentalization?
- why the heck are you using fake MAC addresses?
- why do you switch off your phone?
- why do you need such level of anonymity while basic privacy would be sufficient?
There are a few downsides you need to consider because, unfortunately, the nothing to hide argument is prevalent in our societies, and Linux won’t solve your problems automagically.