Dedicated admin account (was Re: Debians security features in comparison to Ubuntu)
On Sun, 18 May 2014 01:36:44 +0900 Joel Rees joel.r...@gmail.com wrote: There are more reasons than the X11 hole to refrain from using your admin user to surf the web. Just out of curiosity, what are these reasons? Your browser and any plugins, addons, etc. that it loads, including java, flash, java/ecmascript, and, well, any scripting language the browser can be running, for starters. Shoot, if my memory serves me, I seem to remember a class of vulnerabilities that has never really been answered, involving pushing keyboard loggers into the keyboard controller itself. If you are worried about needing to find answers to admin problems by searching the web, lynx helps somewhat. But I still restrict the places I visit with lynx while running as an admin to my search engine site, certain subdomains of debian.org, and such. I'm not only worried about my admin account. This is still a big security-hole for non-admins. The web is not safe. If you do internet banking, at least make a separate, dedicated account for that, too. And if you go places where maybe you should not let you go, re-think your reasons for going. So basically I would need one account for surfing, one for online-banking, ssh(-agent) and other important stuff and an admin-account. Some accounts I missed? I know that's not gonna help, but I fell like there should be a better way to isolate processes. PS: Please don't CC me Regards Sven signature.asc Description: PGP signature
Re: Dedicated admin account (was Re: Debians security features in comparison to Ubuntu)
May be off topic, but IMO one should use an OS booted from DVD or write protected USB Stick for online banking. On 17. Mai 2014 18:50:42 MESZ, Sven Bartscher sven.bartsc...@weltraumschlangen.de wrote: On Sun, 18 May 2014 01:36:44 +0900 Joel Rees joel.r...@gmail.com wrote: There are more reasons than the X11 hole to refrain from using your admin user to surf the web. Just out of curiosity, what are these reasons? Your browser and any plugins, addons, etc. that it loads, including java, flash, java/ecmascript, and, well, any scripting language the browser can be running, for starters. Shoot, if my memory serves me, I seem to remember a class of vulnerabilities that has never really been answered, involving pushing keyboard loggers into the keyboard controller itself. If you are worried about needing to find answers to admin problems by searching the web, lynx helps somewhat. But I still restrict the places I visit with lynx while running as an admin to my search engine site, certain subdomains of debian.org, and such. I'm not only worried about my admin account. This is still a big security-hole for non-admins. The web is not safe. If you do internet banking, at least make a separate, dedicated account for that, too. And if you go places where maybe you should not let you go, re-think your reasons for going. So basically I would need one account for surfing, one for online-banking, ssh(-agent) and other important stuff and an admin-account. Some accounts I missed? I know that's not gonna help, but I fell like there should be a better way to isolate processes. PS: Please don't CC me Regards Sven -- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.
Re: Dedicated admin account (was Re: Debians security features in comparison to Ubuntu)
On Sat, 17 May 2014 18:57:35 +0200 Franz Brandl franz.bra...@runbox.com wrote: May be off topic, but IMO one should use an OS booted from DVD or write protected USB Stick for online banking. Assuming that no remote attacker can plug my HBCI-cardreader into the USB-HUB, I think that is not necessary. On 17. Mai 2014 18:50:42 MESZ, Sven Bartscher sven.bartsc...@weltraumschlangen.de wrote: On Sun, 18 May 2014 01:36:44 +0900 Joel Rees joel.r...@gmail.com wrote: There are more reasons than the X11 hole to refrain from using your admin user to surf the web. Just out of curiosity, what are these reasons? Your browser and any plugins, addons, etc. that it loads, including java, flash, java/ecmascript, and, well, any scripting language the browser can be running, for starters. Shoot, if my memory serves me, I seem to remember a class of vulnerabilities that has never really been answered, involving pushing keyboard loggers into the keyboard controller itself. If you are worried about needing to find answers to admin problems by searching the web, lynx helps somewhat. But I still restrict the places I visit with lynx while running as an admin to my search engine site, certain subdomains of debian.org, and such. I'm not only worried about my admin account. This is still a big security-hole for non-admins. The web is not safe. If you do internet banking, at least make a separate, dedicated account for that, too. And if you go places where maybe you should not let you go, re-think your reasons for going. So basically I would need one account for surfing, one for online-banking, ssh(-agent) and other important stuff and an admin-account. Some accounts I missed? I know that's not gonna help, but I fell like there should be a better way to isolate processes. PS: Please don't CC me Regards Sven -- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet. signature.asc Description: PGP signature
Re: Dedicated admin account (was Re: Debians security features in comparison to Ubuntu)
On Sun, May 18, 2014 at 1:50 AM, Sven Bartscher sven.bartsc...@weltraumschlangen.de wrote: On Sun, 18 May 2014 01:36:44 +0900 Joel Rees joel.r...@gmail.com wrote: There are more reasons than the X11 hole to refrain from using your admin user to surf the web. Just out of curiosity, what are these reasons? Your browser and any plugins, addons, etc. that it loads, including java, flash, java/ecmascript, and, well, any scripting language the browser can be running, for starters. Shoot, if my memory serves me, I seem to remember a class of vulnerabilities that has never really been answered, involving pushing keyboard loggers into the keyboard controller itself. If you are worried about needing to find answers to admin problems by searching the web, lynx helps somewhat. But I still restrict the places I visit with lynx while running as an admin to my search engine site, certain subdomains of debian.org, and such. I'm not only worried about my admin account. This is still a big security-hole for non-admins. The web is not safe. If you do internet banking, at least make a separate, dedicated account for that, too. And if you go places where maybe you should not let you go, re-think your reasons for going. So basically I would need one account for surfing, one for online-banking, ssh(-agent) and other important stuff and an admin-account. Some accounts I missed? I know that's not gonna help, but I fell like there should be a better way to isolate processes. There are some experiments in sandboxing in the browser, other, more general experiments in sandboxing apps in general. Somebody mentioned Qube or some such. Openbsd is partially mitigating the X11 hole with some interesting stuff. I have a poor-man's sandbox that I blogged about several years back, but I got it wrong relative to X11, if I remember right. I suppose I should do some testing and update my blog, but nobody's read that post in the last year, I think. But that method, involving sudo, does, at least, isolate the javascript code and the cookies. If you have a million dollars to front a project for the next three years and feed me and my family and about ten developers, I might be able to produce a Linux or BSD derivative that allows you to log in as one user and fire up ephemeral users for tasks. The bulk of the development is going to go into isolating the video buffers, I think. And the resulting video will be slow, probably won't be able to use most of the current hardware acceleration. I jest. I have other things I want to do. Cheaper and quicker to just get used to separating what you do and how you log in. Well, xen or one of the other VMs might help. But I'm not sure even those will properly isolate the video buffers to avoid screen-scraping. PS: Please don't CC me Sorry about that. I usually remember to delete the sender. Too lazy to set up a proper MUA for mailing list access. -- Joel Rees Computer memory is just fancy paper, the cpu and i/o are just fancy pens. This is not the magic you are looking for. -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/caar43ios-hxrketyaymyetxcgux33ym59_v5m5evn3m-+v7...@mail.gmail.com