From: Alan McKinnon <alan.mckinnon@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Linux USB security holes.
Date: Wed, 8 Nov 2017 23:02:03 +0200 [thread overview]
Message-ID: <0965810d-d2bb-56d6-04f1-6806de88eee2@gmail.com> (raw)
In-Reply-To: <65c1af14-a224-4c9f-1ca8-eca4ccc71d0f@gmail.com>
On 08/11/2017 07:08, Dale wrote:
> Howdy,
>
> I ran up on this link. Is there any truth to it and should any of us
> Gentooers be worried about it?
>
> http://www.theregister.co.uk/2017/11/07/linux_usb_security_bugs/
>
> Isn't Linux supposed to be more secure than this??
I would say the real problem is USB itself.
What is USB after all? It's a way of sticking any old random thing into
a socket and getting the computer to magically do stuff. So if the
system software then goes ahead and does stuff, it's only really
operating as designed and as spec'ed right?
Yes, those 40 holes are probably all true and quite possibly all
exploitable, and they should also be fixed. But the real problem is that
USB even exists at all.
btw, when you say "Isn't Linux supposed to be more secure than this??"
the answer is a resounding NO
The Linux=safe, Windows=notsafe delusion comes from the 90s when Windows
had no real security features at all, or even any realistic ways to
limit and control access. Linux had a Unix-style userland and kernel, so
you automatically got multi-user/multi-process with per-user
permissions. That alone, by itself, is probably the largest single
security advance in all of computing history. Everything else is icing.
There is nothing in Unix really that is "secure by design", and all von
Neumann machines are actually insecure by design
--
Alan McKinnon
alan.mckinnon@gmail.com
prev parent reply other threads:[~2017-11-08 21:07 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-08 5:08 [gentoo-user] Linux USB security holes Dale
2017-11-08 5:48 ` Adam Carter
2017-11-08 5:49 ` R0b0t1
2017-11-08 15:40 ` [gentoo-user] " Grant Edwards
2017-11-08 5:53 ` [gentoo-user] " J. Roeleveld
2017-11-08 19:35 ` [gentoo-user] " Ian Zimmerman
2017-11-09 6:10 ` J. Roeleveld
2017-11-08 6:02 ` [gentoo-user] " Dale
2017-11-08 6:10 ` R0b0t1
2017-11-08 6:48 ` R0b0t1
2017-11-08 7:24 ` Dale
2017-11-09 14:07 ` Taiidan
2017-11-08 15:23 ` Martin DiViaio
2017-11-08 21:02 ` Alan McKinnon [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0965810d-d2bb-56d6-04f1-6806de88eee2@gmail.com \
--to=alan.mckinnon@gmail.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox