Yet another Linux on the desktop article

[Oren Beck]

Uncle Jim wrote:
> On Sat, Jul 31, 2004 at 01:20:23PM -0500, Jonathan Hutchins wrote:
> 
> 
>>Most PC's will boot from a floppy - or for that matter a CD these days - 
>>before they ever even load the OS, so anybody with physical access can 
>>potentially compromise "security".  It's all in how you set the system up.  
>>
>>I really can't see that simply mounting a floppy is any greater hazard than 
>>any other form of file loading.  Of course, if you could make a case for it, 
>>then you would want to turn automount off.  
> 
> 
> I realize that physical access to the hardware means all bets are off but automount
> is equivalent to root with no password.
> 
> It takes a little time and effort to open the case and short pins on the motherboard
> or pull hda and put it in another host.  Even Brian, who has the metro area's largest
> collection of "Live CD"s and should be considered potential security risk, would have
> to take the time to reboot the machine.  If I have a floppy with a copy of bash that
> is owned by root with permissions of 4755 and I come to your machine all I have to do
> is insert the floppy and type "/mnt/floppy/bash", 16 keystrokes.  If root has no password
> I simply type "su - root", 9 keystrokes.  So if you assume that I've always had a mouse
> and can only type with my left thumb and can only reach 10 words per minute (1 sec. per
> keystroke) thats only seven seconds + time to insert floppy different from root without
> password.  And I'm getting better with my left thumb all the time.
> 
> So, if you have a machine where you think a password for root is a waste of time then I
> think you should also enable automount.
> 
> Since mounting removable media carries a security risk I don't think it is unreasonable
> to have the system request a password before mounting.  Keep in mind that a security
> breach at your host usually is not just your problem, it often ends up affecting lots
> of other people on the Internet.
> 
> So I fail to see where the ability to automount should be a criteria for "desktop ready"
> unless "desktop ready" means isolated, unconnected host.
> 
Let's take this in a different direction or look at it from different 
viewpoints

To my take it defaults to threat assessment .
What level of exploit skills are expected and what level of lossage if 
defenses crack . XP on a cash register ?
Since most POS gear reads cards as a keyboard wedge WiFi connected XP 
registers WILL be hacked and SOON!
Reason that gets mention here is every Ebay or Amazon transaction you 
make at home makes a remote POS out of  that "Low threat perceived" 
single user no free access to strangers desktop . So Linux can be more 
secure as IE makes it near impossible to default erase all HD traces of 
transactions . Do _that_ with MS and -system restore ,temp  the just 
because copies .?  DO PLEASE find anyone who can refute the information 
on the Microsuck site

http://fuckmicrosoft.com/content/ms-hidden-files.shtml

That site if true thus having to my point removed MS from contention 
leaves it to WHICH Linux or Mac desktop ?
And thence to how it gets "made so " . Back to Mission requirements and 
how we decide them .

A kiosk in an unsupervised public access area as opposed to a single 
user machine in their own house with no other persons having free access 
? An Office or Educational networked machine that has unsupervised users ??
The computer in the family room used by not only your family but every 
kid your kids play with ?
ALL of these present a different threat list .  Applying the wrong 
profile in the wrong location has some  issue potentials to put it 
lightly . Blanket judgments have their places . And places where they 
often can be counterproductive .

We can make a software build that literally cannot be exploited because 
it lacks any point of entry other than filtered  .
Now do consider how maddening it would be attempting to use such 
crippledware .
<insert deity of worthy curse value> - a prospect that makes XP look good ?

  I see the schizoid nature of wanting everything locked down by default 
yet wanting everything to *work*  .
MS and Mac are for good or bad slanted towards appliance operators in 
some details . Look at Which ones and Why .
Digging thru Arcana of permissions etc hardly can compete with "plug  in 
and it works. " GUI Vs CLI ancestry .
Noting of course that plug and work still has lots of plug and curse 
experiences for users of any current systems .

All of which brings us to a simple derived point . It is defacto 
impossible to please everyone by blind defaults.
Thus semi scripted first run menus should balance usage profiles so it's 
usable by the masses but not exploit bait .
Easier done than said as the pun goes captures the surrealistic 
landscape of how to please everyone and offend no one .
Anyone feeling up to the task of assigning "permissions suggestions" to 
some common situations is welcome to do so .
I am slowly building out WiFi for my wife's campground and some threat 
assessments are in progress here .
Any constructive dialog is VERY welcome. Flames ,Yahbuts etc send to The 
Gehenna postmaster .

Oren Beck

www.campdownunder.com

" I want a Linux Distro that my appliance operator Mother can use and 
enjoy "