Let's continue the series. I intentionally keep this very simple so that even your grandma can understand this. In the past articles we have talked about choosing a safe and decent hardware setup, now it's time to discuss software. We will go by ring levels and discuss each level in future episodes.
Here are the past episodes if you missed them:
- https://steemit.com/technology/@profitgenerator/tutorial-basic-computer-security-1
- https://steemit.com/technology/@profitgenerator/tutorial-basic-computer-security-2
So these are the ring levels:
- Ring 0: Kernel
- Ring 1: Device Drivers
- Ring 2: (Multi) User Space
- Ring 3: Application Space
In this episode we will discuss ring 0, which is the kernel, the core of the operating system. It's basically the operating system itself.
BootLoader
Now there is software loading before the OS, the so called Bootloader, in Linux it's called GRUB, which is the screen that loads after the hardware is initialized but before the software, so you have options to choose how to load the operating system (safe mode, rescue mode, with/out Internet, memory check and other parameters). Now if you think about this this would have a privilege of like -0.5, not -1 because that is reserved for other stuff, but neither 0 because it loads before the kernel, and if the bootloader gets infected, it can infect all operating systems that would be loaded afterwards.
So really if you want to defend against BootLoader malware, just use GRUB which is open source, and it's automatically installed if you install a Linux based Operating System clearly.
NEVER DUAL BOOT! I MEAN IT, NEVER DUAL BOOT LINUX, ESPECIALLY NOT WITH WINDOWS!
So if you want to use Windows and Linux, just buy a separate computer, but dual booting is retarded in my opinion, since Windows is so prone to viruses that it literally makes no sense to use Linux on the same machine, you can be exposed to a EVIL MAID ATTACK. Linux is for people who are serious about their security and Windows is for average people, they don't mix.
So never Dual Boot! Just install a clean operating system with it's associated Bootloader, and use only 1 operating system per computer.
Ring 0 Protection
Well to protect the kernel system from malware, it must be free and open source. So only the Linux kernel can be used if you want a secure computer. There is no alternative, it's free and open source, makes no sense to use a closed source prone-to-malware type of kernel.
So the Linux kernel is the only choice, more than 80% of webmasters use Linux, yet less than 10% of the general population do. Interesting isn't it. For professionals and security experts only Linux is the choice, while your average trendy probably haven't even heard of Linux, or it think that it's only for nerds, while by 2017 Linux has been really packaged into easy to use operating systems, full GUI, and with a very elegant interface.
Choosing the Operating System
So Linux is the kernel, and the Linux kernel is packaged into various open source operating systems like:
And countless others, that you haven't even heard of. I mean literally who would be so dumb to pay like 200$ for an OS when you get these ones with a gorgeous interface and high security for free. They are also fully packaged with all the tools you need.
If you are totally novice, just get started with Linux Mint, it's the easiest Distro for total newbies. But if you want a total advanced experience then try Debian which has over 51,000 free apps, you’d have to be a big sucker to pay for a software after that.
In fact I made a very quick and easy tutorial to install Linux Mint step-by-step:
You can literally install it in 10 minutes. Just back up all your files, make sure they are backed up, and then the installer will do a clean install, wipe your harddisk, and install Linux Mint in 10 minutes or less.
I guarantee you, you will never look back, whatever shitty proprietary operating system you were using before it. No more viruses, no more anti-viruses (you don’t really need one), no more bugs and application errors. Just free and open source software, and true computer security, mixed with the pleasure to discover and built applications by yourself.
Actually all major closed source softwares run on Linux too, except video games, so if you are a gamer, then tough luck, but any other softwares like Skype, Google Earth, Messenger Apps (through Pidgin) and even Minecraft runs of Linux. So really if you are a casual user you will not miss anything.
In fact you will get exposed to real free and powerful softwares like:
- Libre Office (a full & free office suite)
- Audacity, a free & powerful sound editor
- Brasero, free CD burner and editor
- GIMP, free and powerful photo editor
- Image, Video and other app players
- Programming tools
- Cryptographic tools (GPG, hash calculator, encryption, RNG)
- Keepass, free and safe password manager
...etc
Most of them come installed by default, certainly on Linux Mint, so you have all the apps you need already preinstalled, and literally after 10 minutes you have the entire operating system preconfigured for you.
So you have all the benefits and almost no drawbacks except maybe it will take time to get used to it:
- Tons of free & powerful apps
- Open source
- Nice design, and easy to learn softwares
- Safe & frequently updated software by voluntary contributors
Plus you will pretty much eliminate most of the malware threat regarding the 0 ring level. If you use the Linux kernel which is constantly being developed by experts and whenever a bug is found it gets fixed immediately, so it’s development and security is lightyears ahead of it’s competitors, despite having a low funding. Open source developers are just more enthusiastic about their work, than corporate people.
Malware & Ring 0
Now while the malware threat on Linux is severely reduced, it is still not 0, so in the next episodes I will reveal additional things that have to be kept in mind.
There is something called a privilege escalation meaning that if there is a bug in the kernel, then some applications can execute random scripts (possibly malware) in the kernel space, infecting the entire computer.
So there is no defense against this in the kernel side, other than just keeping the kernel updated, always using the latest stable
kernel. Because the latest release may be too experimental and might break several softwares, so using the latest stable release which has been tested at least is the proper way to ensure you are safe against these threats.
But there are things that you can do in the application space to ensure that the application itself is not malicious, so that will be another episode when I’ll talk about ring 1,2,3 issues.
Recap
Okay so the things you have to keep in mind are the following:
- Only use Linux based operating systems “Linux Distros”, no closed source operating systems are acceptable if we really want to be safe. They could have a backdoor or spyware installed, or just have sloppy developers that can’t keep up with the bugs, so it’s always better if the code is transparent and many people can check it.
- NEVER DUAL BOOT, so you should ONLY have 1 Linux installed on your computer through a clean install, and the hard disk formatted before it. One computer should have 1 operating system, that’s it. Let’s not complicate things and in the process expose ourselves to new attack vectors like Evil Maid.
- Always keep the Operating System & Kernel up to date, using the
latest stable
release of the kernel. Neither the latest experimental one, nor the old depreciated ones, but the latest stable one. For softwares, currently, for Debian 9 it’s codenamedStretch
. Linux Mint for example has an auto-updater that will show you whenever a new version of the Linux Kernel is out, so then make sure you update it!
Otherwise just enter the following 2 commands in the terminal periodically for manual update & upgrade (only for Mint, Ubuntu & Debian distros):
sudo apt-get update
sudo apt-get upgrade
Sources:
- https://pixabay.com
- Screenshot by Linux Mint team: GPL, via Wikimedia Commons
Very nice read now I understand more why Linux is a great product, thanks for sharing!!!
it is very cool
Super post
thanks
If you really want windows you can run in as a virtual machine inside virtual box in linux. I use it for testing purposes!
That is if the VM can contain the vulnerabilities inside, and since even the best hypervisors have bugs in them, it's still risky for a sohpisticated malware or vulnerability inside which Windows is very prone too.
It's obvious that you spent a lot of time organizing this material. Nice job.