ReactOS security!
Moderator: Moderator Team
ReactOS security!
Hi! I've been following reactOS development for a long long time! I always had some question about it's future, it says "ReactOS aims to achieve complete binary compatibility with both applications and device drivers meant for NT and XP operating systems", is it gonna be also compatible with MS Windows virus and spywares, if so, what's the reactOs team strategy to make ReactOs more secure?
-
geertvdijk
- Posts: 318
- Joined: Wed Jun 15, 2005 8:19 am
Being open source is part of it I think, now not only can security companies check if current binary distributions are unsafe in the way they do with Windows, they can actually browse the source to check for the flaw and maybe write a patch as well, but at least bughunting is easier. Then everybody can propose patches, and even though a ReactOS dev will still need to approve of it, it is substantially less work than getting a patch into Microsofts implementation of Windows. 
-graey-
It'll depend upon how the viruses work. A lot, I should imagine, depend upon some form of oddity or exploit that, since it isn't known about, isn't documented (unless they are discovered and fixed) In that sense ReactOS should have another form of incidental security versus MS Windows viruses as ReactOS would have to have the same vulnerabilities in the same places in order for it work on both platforms.
Windows Viruses are not only a reactos problems.
http://www.winehq.org/?issue=343
Note wine running as root on Linux infected can equal completely dead Linux system.
Windows lacks lots of the defense Linux/BSD/Solaras systems have. Cause is running as Administrator more than anything else. Sometime in future a way to fool applications that they have administrator will have to be developed. All of the *nix have had that feature for ages. Applications demanding root did not have to be granted. chroots old method more modern ways of lieing to applications are being developed.
http://www.winehq.org/?issue=343
Note wine running as root on Linux infected can equal completely dead Linux system.
Windows lacks lots of the defense Linux/BSD/Solaras systems have. Cause is running as Administrator more than anything else. Sometime in future a way to fool applications that they have administrator will have to be developed. All of the *nix have had that feature for ages. Applications demanding root did not have to be granted. chroots old method more modern ways of lieing to applications are being developed.
It is a feature NT does not have. To be correct even Linux compared to some other Unix's has be lagging in ways to do it.
chroot was a hackup way to do it. More modern Linux kernels are bringing container tech to linux. What means the means to create virtual process tables and userid separations at kernel level. Nt had features of job control for controlling like process cpu and memory usage. Linux is also picking that up with container intergation.
chroot hacked the function calls to do the I am root when I am not trick.
Sorry etko NT compared to some of the Unix's is lacking a few key features.
To have the full range of Unix Tech secuirty NT design will need expanding.
chroot was a hackup way to do it. More modern Linux kernels are bringing container tech to linux. What means the means to create virtual process tables and userid separations at kernel level. Nt had features of job control for controlling like process cpu and memory usage. Linux is also picking that up with container intergation.
chroot hacked the function calls to do the I am root when I am not trick.
Sorry etko NT compared to some of the Unix's is lacking a few key features.
To have the full range of Unix Tech secuirty NT design will need expanding.
1. At first the same defence system as Windows due to that is what is need to run applications. Down the track other features can be added.
2. If you think Windows XP source code is closed to inspection you are completely fooling yourself. If you are at the right uni's you can read the complete source code of XP. Of course there are conditions like never working on a clone for like 10 years. There is even a chance in a year Vista's source code might be under the same licence agreement.
So really more vulnerable no. Even if windows is kept truly closed source nothing stops it being inspected with fuzzing tools and other things to find defects. At least opensource you are free to run as many tools as you like until you are happy you can trust it as well as fix the faults you find.
Also note http://www.coverity.com/ that producing a closed source program you have to have a licence to use. Since reactos is open source we could request in time for them to inspect ros source code as part of there research and testing for free.
There are other bits of closed source testing software that is also free to reactos that Microsoft would have to pay to use. Question are they putting up the cash to find as many bugs as able.
2. If you think Windows XP source code is closed to inspection you are completely fooling yourself. If you are at the right uni's you can read the complete source code of XP. Of course there are conditions like never working on a clone for like 10 years. There is even a chance in a year Vista's source code might be under the same licence agreement.
So really more vulnerable no. Even if windows is kept truly closed source nothing stops it being inspected with fuzzing tools and other things to find defects. At least opensource you are free to run as many tools as you like until you are happy you can trust it as well as fix the faults you find.
Also note http://www.coverity.com/ that producing a closed source program you have to have a licence to use. Since reactos is open source we could request in time for them to inspect ros source code as part of there research and testing for free.
There are other bits of closed source testing software that is also free to reactos that Microsoft would have to pay to use. Question are they putting up the cash to find as many bugs as able.
Re: ReactOS security!
Hi guys.
There are a couple of things to remember:
1/ Windows NT X.XX is not inherently insecure. Most of the problems come
from bad marketing choices like ease of use versus security. This means,
as far as I remember, that software contributors were never pushed to
make their programs work for normal users (I think about cd burning
software for instance). You need to have administrator rights to use!
2/ About a year ago, I was reading some news about security flaws
comparison between NT an Linux. The raw number, taking into account the
ratio of users was about the same. The advantage of Linux over NT was
that any discovered flaw was usually fixed within 24h against weeks for
windows patches.
3/ Reactos has the best of both worlds. Security decisions can be made
strict, hence good. Code visibility is high and flaws, when found, can be
fixed quickly. It just means that a suitable security dowload system has to
be set up, that's all.
4/ Things change very fast in computers world and any new security
system can be adapted to Reactos, even if windows do not have it! I think
about sandboxing of jailing for *NIX for instance.
We just have to ensure that users have access to the proper security fixes easily (some sort of live update ?)
Cheers.
There are a couple of things to remember:
1/ Windows NT X.XX is not inherently insecure. Most of the problems come
from bad marketing choices like ease of use versus security. This means,
as far as I remember, that software contributors were never pushed to
make their programs work for normal users (I think about cd burning
software for instance). You need to have administrator rights to use!
2/ About a year ago, I was reading some news about security flaws
comparison between NT an Linux. The raw number, taking into account the
ratio of users was about the same. The advantage of Linux over NT was
that any discovered flaw was usually fixed within 24h against weeks for
windows patches.
3/ Reactos has the best of both worlds. Security decisions can be made
strict, hence good. Code visibility is high and flaws, when found, can be
fixed quickly. It just means that a suitable security dowload system has to
be set up, that's all.
4/ Things change very fast in computers world and any new security
system can be adapted to Reactos, even if windows do not have it! I think
about sandboxing of jailing for *NIX for instance.
We just have to ensure that users have access to the proper security fixes easily (some sort of live update ?)
Cheers.
jmmercy if its the one I am thinking with the compare of security it was discredited.
2004 report lots of useful stuff http://www.theregister.co.uk/security/s ... _vs_linux/
There have been a lot of other compares threw 2005 2006 2007 and even 1 at the start of 2008. Sorry to say there have been a few that tried to say windows was equal. But have been discredited for either comparing too much software. Ie Linux distros have like almost every package you could need included. Its really like comparing to a full platform so just comparing windows 2003 to that was kinda bias. Really you don't want to see the full security compare of the windows platform vs Linux platform. There are many places were windows is miles behind.
Some of the issues in the 2004 report have been attempted to be addressed in Vista and 2008.
Windows NT X.XX design is really paste the need for a injection of features.
With the Linux Secuity Modules are constantly trying to create new ways so a unknown attack damage is limited. Selinux is even working on expanding same kinda of security to all users private home/profile folder. Also Selinux is not stoping on just Linux. Curently it has ports for Mac OS Freebsds and Solarias. They key is its security profiles for applications. So applications cannot access features of the OS they would not normally use.
Note windows did have some advantages for stability. Job control limiting cpu access and memory. Sorry that disappearing fast.
Note security and stability are two different factors.
2004 report lots of useful stuff http://www.theregister.co.uk/security/s ... _vs_linux/
There have been a lot of other compares threw 2005 2006 2007 and even 1 at the start of 2008. Sorry to say there have been a few that tried to say windows was equal. But have been discredited for either comparing too much software. Ie Linux distros have like almost every package you could need included. Its really like comparing to a full platform so just comparing windows 2003 to that was kinda bias. Really you don't want to see the full security compare of the windows platform vs Linux platform. There are many places were windows is miles behind.
Some of the issues in the 2004 report have been attempted to be addressed in Vista and 2008.
Windows NT X.XX design is really paste the need for a injection of features.
With the Linux Secuity Modules are constantly trying to create new ways so a unknown attack damage is limited. Selinux is even working on expanding same kinda of security to all users private home/profile folder. Also Selinux is not stoping on just Linux. Curently it has ports for Mac OS Freebsds and Solarias. They key is its security profiles for applications. So applications cannot access features of the OS they would not normally use.
Note windows did have some advantages for stability. Job control limiting cpu access and memory. Sorry that disappearing fast.
Note security and stability are two different factors.
I think it was a different one, I do not remember this. Anyway it could be based on it.oiaohm wrote:jmmercy if its the one I am thinking with the compare of security it was discredited.
2004 report lots of useful stuff http://www.theregister.co.uk/security/s ... _vs_linux/
My point there was not the fact that one or another was better, I do not
believe one is, really. I have known some people who had security
problems, be it even based on Debian (see breaking in the Debian
repository about two years ago). Red Hat was even worse earlier on.
What is much more important in Linux is the fact that the impact of one
security flaw is less (do not run as root ...). In addition, you can fix a
broken machine online (I saw it done, remotely, very neat; try to do
that with windows). Now, if you run Windows software under Wine...
Could we imagine that Reactos could use some of the Linux security
systems and improve on Windows while still being compatible ?
Regards
Read the 2004 one. Lists many critical problems in the NT design.
Also as has been since then. Windows has had a higher number of critical flaws.
Application profiles and not running as root/admin are critical. Reduces the numbers of critical flaws. Application profiles stop a program being used out side its funciton. A full profile includes the directories and files the application is permitted to access, functions its permitted to use all of them any use of function outside list sees program killed. These alterations are not part of windows design. So will not be simple to do.
Next major problem lots of windows applications need to basically rootkit the OS. Even worse windows signs these files. Once you have lots of different drivers from different sources unchecked and unfix able in the kernel you are basically snookered. Now think threw list of key information that would be useful to breach a computer system. Then think the list anticheat software goes after. Bad news they are basically the same. If you have exactly what defense is on the other end you can replicate it and search it for flaws. Even worse some of these anti cheat have even allowed running what ever code you are at kernel mode. What will be a true nightmare if central servers of those games get breached.
Lets just they the battle to protect NT is going to be hard. Linux classes any form of rootkitting by applications as pure evil and its basically not tolerated. Common problem I hear is that the Linux kernel does not have a constant driver abi. Does make rootkitting harder.
The root user is only one difference. Newer Linux kernels are adding containers. So reducing what the server/deamon can see in the OS is taken to a new level UML in 2004 without the UML overhead. Microsoft is missing the critical bases. Reactos repairing those holes are not simpler.
Point to breaching the Redhat and Debian repository breaches you are missing something important. MS servers have been breached at different times too. Difference is Redhat and Debian both went public with it. At least you know. Note the recent Debian breach was basically a beat up. After audit nothing in the repositories had been compromised. Debian admins acted as if it was the worst. Correct action really. Better to presume breach as critical than take it lightly and have more breached machine.
Also as has been since then. Windows has had a higher number of critical flaws.
Application profiles and not running as root/admin are critical. Reduces the numbers of critical flaws. Application profiles stop a program being used out side its funciton. A full profile includes the directories and files the application is permitted to access, functions its permitted to use all of them any use of function outside list sees program killed. These alterations are not part of windows design. So will not be simple to do.
Next major problem lots of windows applications need to basically rootkit the OS. Even worse windows signs these files. Once you have lots of different drivers from different sources unchecked and unfix able in the kernel you are basically snookered. Now think threw list of key information that would be useful to breach a computer system. Then think the list anticheat software goes after. Bad news they are basically the same. If you have exactly what defense is on the other end you can replicate it and search it for flaws. Even worse some of these anti cheat have even allowed running what ever code you are at kernel mode. What will be a true nightmare if central servers of those games get breached.
Lets just they the battle to protect NT is going to be hard. Linux classes any form of rootkitting by applications as pure evil and its basically not tolerated. Common problem I hear is that the Linux kernel does not have a constant driver abi. Does make rootkitting harder.
The root user is only one difference. Newer Linux kernels are adding containers. So reducing what the server/deamon can see in the OS is taken to a new level UML in 2004 without the UML overhead. Microsoft is missing the critical bases. Reactos repairing those holes are not simpler.
Point to breaching the Redhat and Debian repository breaches you are missing something important. MS servers have been breached at different times too. Difference is Redhat and Debian both went public with it. At least you know. Note the recent Debian breach was basically a beat up. After audit nothing in the repositories had been compromised. Debian admins acted as if it was the worst. Correct action really. Better to presume breach as critical than take it lightly and have more breached machine.
If you correctly setup your NT system you are pretty much secure for basic daily use, making most of the bad things fail. Run with things like suDown or sudo for win under Admin or use restricted account. Run minimal set of services, which is like 4-5 on usual xp system. Use scopeID for netbios network. Block or delete all unneeded accounts and you are pretty much done. Use proper software (usually OSS one) and common sense and 99% of the threats will disappear instantly.
In office use, there are only 3 software packages clerks and accountants really need and these are:
Accounting software is usually fine - if you are from europe, it will be some obscure shit, nobody outside from your country will really care about. If it requires write access to database files, create daily automatic backup script, and point clients to writable network share with reasonable quota. If a day is lost it is usually not that much info, good accountants can input it pretty much fast.
Invest into several cheap SATA drives and them use as backup tapes, store them in cheap wall mounted safe. Even better it is to put whole server disk into the safe after the shift (we got robbed once and disk was stolen with one computer, however all the critical info was safe).
To elevate security - strip PPT and other "friend sent me" shit, from all email attachments passing through your local mail server, you can even mark messages with multiple recipients as Spam safely, usually tends to be "friends" shit. Clerks should work and not listen and watch shitty powerpoint kitch.
Use proper AV software - the one with obscure name is usually better one, avoid nrtn and shit. If you are really interested in getting best in this field check out virus builletin for VB100% award. If you have IQ above 70 you should spot the right one instantly.
I guess u are now safe like on Unix
. Not really, but most of the exploits are targeted at stupid users, these got mostly mitigated by this simple policy.
You are not hack-proof now. Plus if you store the HDDs in safe, it can be robbed. But now it requires more effort to do so, and only enemy with intent will exercise one.
I will consider ROS done when I'll be able set it up like this.
In office use, there are only 3 software packages clerks and accountants really need and these are:
- * Thunderbird (instead of OE)
* Firefox (instead of IE - use NeoFox theme - people won't get the difference)
* OpenOffice (instead of MS Office)
Accounting software is usually fine - if you are from europe, it will be some obscure shit, nobody outside from your country will really care about. If it requires write access to database files, create daily automatic backup script, and point clients to writable network share with reasonable quota. If a day is lost it is usually not that much info, good accountants can input it pretty much fast.
Invest into several cheap SATA drives and them use as backup tapes, store them in cheap wall mounted safe. Even better it is to put whole server disk into the safe after the shift (we got robbed once and disk was stolen with one computer, however all the critical info was safe).
To elevate security - strip PPT and other "friend sent me" shit, from all email attachments passing through your local mail server, you can even mark messages with multiple recipients as Spam safely, usually tends to be "friends" shit. Clerks should work and not listen and watch shitty powerpoint kitch.
Use proper AV software - the one with obscure name is usually better one, avoid nrtn and shit. If you are really interested in getting best in this field check out virus builletin for VB100% award. If you have IQ above 70 you should spot the right one instantly.
I guess u are now safe like on Unix
. Not really, but most of the exploits are targeted at stupid users, these got mostly mitigated by this simple policy. You are not hack-proof now. Plus if you store the HDDs in safe, it can be robbed. But now it requires more effort to do so, and only enemy with intent will exercise one.
I will consider ROS done when I'll be able set it up like this.
Zvince and etko you are both kinda wrong.
Limited user account is useless if the OS has been root kitted. So if you are a game player using some forms of signed copy protection and anti cheat you are toast. Since if you look at there tech they are root kits allowed people to run any software they like at kernel level
With a rootkit when breached you OS is gone. Limited Account is not a protection method that works while you have driver problems. Some containment system for the evil things that have been allowed to slip threw.
Virus scanners are rarely used on Linux. Instead more often than not a HIDS (host intrusion detection software) is used. What is the major advantage of a HIDS over a anti virus. Anti virus need signatures to find viruses. HIDS don't for a lot of viruses. Now how is a HIDS finding the virus simple non approved alterations and additions. HIDS really should be applied to all core parts of Reactos in time. Now some unknown virus gets in starts altering reactos trips the HIDS so you know.
How to avoid detection of something that is just looking for unapproved tampering. It is a lot more complex game.
Backups are critical no matter the system. HIDS also kick in with restoring system after a virus hit to locate the damaged and exploited files. So in some cases reinstalling or restoring images lossing data can be completely avoided. Since even that you don't know what the virus/rootkit was you can find its damage and remove it.
Windows users are still responding with the least effective tech. Anti-virus software virus writers can get vb100% award winners just like everyone else. Even worse code there virus to avoid detection.
Yes etko is correct in the regard that using solid applications over flawed ones is critical. Problem always is when a person has a flawed application they love with no other replacement. Ie games.
HIDS + Internal OS security solid provides good level of protection.
Anti-virus + Internal OS secuirty solid provides a ok level of security.
HIDS or Anti-virus + flawed Internal OS security is one way worse than not running either a HIDS or a Anti-virus. Since people think they have protection when they have none.
Anti-virus used in combination with a solid HIDS with good Internal OS security is about the best you can do.
Limited user account is useless if the OS has been root kitted. So if you are a game player using some forms of signed copy protection and anti cheat you are toast. Since if you look at there tech they are root kits allowed people to run any software they like at kernel level
With a rootkit when breached you OS is gone. Limited Account is not a protection method that works while you have driver problems. Some containment system for the evil things that have been allowed to slip threw.
Virus scanners are rarely used on Linux. Instead more often than not a HIDS (host intrusion detection software) is used. What is the major advantage of a HIDS over a anti virus. Anti virus need signatures to find viruses. HIDS don't for a lot of viruses. Now how is a HIDS finding the virus simple non approved alterations and additions. HIDS really should be applied to all core parts of Reactos in time. Now some unknown virus gets in starts altering reactos trips the HIDS so you know.
How to avoid detection of something that is just looking for unapproved tampering. It is a lot more complex game.
Backups are critical no matter the system. HIDS also kick in with restoring system after a virus hit to locate the damaged and exploited files. So in some cases reinstalling or restoring images lossing data can be completely avoided. Since even that you don't know what the virus/rootkit was you can find its damage and remove it.
Windows users are still responding with the least effective tech. Anti-virus software virus writers can get vb100% award winners just like everyone else. Even worse code there virus to avoid detection.
Yes etko is correct in the regard that using solid applications over flawed ones is critical. Problem always is when a person has a flawed application they love with no other replacement. Ie games.
HIDS + Internal OS security solid provides good level of protection.
Anti-virus + Internal OS secuirty solid provides a ok level of security.
HIDS or Anti-virus + flawed Internal OS security is one way worse than not running either a HIDS or a Anti-virus. Since people think they have protection when they have none.
Anti-virus used in combination with a solid HIDS with good Internal OS security is about the best you can do.
Who is online
Users browsing this forum: Ahrefs [Bot], Bing [Bot] and 20 guests