It is important to highlight user account security

[Just17]

I think there needs to be a lot less emphasis on sudo and protecting root and much much more on protecting the user account and how to visit the internet more securely from the user account.
I really do not give a damn about the OS itself .....  the easiest way into it is through my user account .....  but anything I have of value to me on my machine is available from my user account .....  so if the user account is compromised then that means EVERYTHING I value is at risk.

If that happens what do I care about the remaining OS? I can reinstall that cleanly in a few minutes. It is hardly an inconvenience!

Having my important data compromised from the user account is the real danger!

It is well past the time - for home users, most of which have one user - to be made aware of the dangers to their data and to be advised how to avoid having their user account compromised.

This is where the emphasis should be, IMO, for 'the ordinary user'.

Protecting the OS is necessary, yes ......  but the user account is what is used all day and needs protection ......  yet the 'server' mindset still abounds ......  how often do you hear or read that ....  oh the user account might be hit, but the OS still functions?

Well ....  if my user account is hit, I could not care less about the OS! All my data is already compromised!

IMO, the emphasis needs to be changed for modern use of Linux on desktops.

[Archie]

That'd be another security story. I usually keep almost all my work on my removable drive, which is easy to detach/umount/eject. I have my current stuff on my /home (i have two for each architecture but shared ... this is so settings between the two architectures don't get mixed up). The only thing I have to do is encrypt the drive but I haven't gotten around to doing that.

The practice I mentioned is applicable to small, medium-sized networks.

On a single user, the worst danger/intrusion/exploit is the physical access to one's machine by anyone other than those you allow. For me, a simple Meta+Alt+L locks my machine:

I have a shortcut SystemSettings > Common Appearance and Behavior > Shortcuts and Gestures > Custom Shortcuts ...

Right-click on anywhere on the Name area > New > Global Shortcut > Command URL ...

Change "New Action" to "Lock Desktop". On the tabs area, click Trigger. Click Input on Shortcut and press Meta Alt and lowcase L. On the Action tab, type, qdbus org.freedesktop.ScreenSaver /ScreenSaver Lock then click Apply.

Test out you desktop lock keys by pressing Meta+Alt+L. One level of security.

[Neal ManBear]

For your user account security, the first line of defense is a strong password, IMO. No dictionary word, mind you, but a random set of letters (upper and lower case), numbers and symbols of at least 9 characters. To that add secure practices -- stay away from known "bad sites," don't download apps from the web, never give out your password and so on. Really the user must provide his/her own security for the most part. We could add scripts to reject weak passwords and scripts to force other secure practices perhaps, but that would be not as helpful as it may sound, IMO.     

[Just17]

Archie .....  if your user account is compromised, everything you mount in the file system for access as the user is then available, regardless other measures you take .......  if you can access it then so can whatever is lurking in your user account.
So, removable drives, encryption whatever ....  if you access it then so can the malware.


Neal, there was no implication in what I wrote (I hope) that some things should be forced on users ....  like minimum password strengths etc.

But, there is not enough information or emphasis for the ordinary desktop user about this aspect of securing their user account.

I still read proclamations about how it does not really matter if the user account gets owned, because the OS will survive!

Great!  I have an OS but all my data has been deleted or otherwise copied or whatever!

This needs to change.
Let the server people deal with it as before .....  and the multi-user commercial installations do their thing. Neither of their schemes are suitable for a home desktop user.

Linux is badly in need of a campaign about securing the user account, and how to use a browser on line without endangering the user data etc etc.

Without such education and preparation we are heading for a disaster.

To me, it puts the use of su/sudo, no password for root, and all other bad practices in the shade.

[Neal ManBear]

Neal, there was no implication in what I wrote (I hope) that some things should be forced on users ....  like minimum password strengths etc.

     
Understood. I was expressing my thoughts/opinions.     

But, there is not enough information or emphasis for the ordinary desktop user about this aspect of securing their user account.

     
If you do a security write up for Tips and Tricks, I'll sticky it. Send me the link.     

I still read proclamations about how it does not really matter if the user account gets owned, because the OS will survive!

Great!  I have an OS but all my data has been deleted or otherwise copied or whatever!

This needs to change.
Let the server people deal with it as before .....  and the multi-user commercial installations do their thing. Neither of their schemes are suitable for a home desktop user.

Linux is badly in need of a campaign about securing the user account, and how to use a browser on line without endangering the user data etc etc.

Without such education and preparation we are heading for a disaster.

To me, it puts the use of su/sudo, no password for root, and all other bad practices in the shade.

     
I've always advocated that users practice security and take responsibility for their security. It is, in my opinion, something that should be a part of every user's basic understanding of OS use.     

[Just17]

I've always advocated that users practice security and take responsibility for their security. It is, in my opinion, something that should be a part of every user's basic understanding of OS use.    

I agree .....  but there is ......  or I at least have the impression ......  not much emphasis on this when Linux security is discussed.
Most of the emphasis is on 'root' ....  user account security is the 'elephant in the room' IMO  

As for doing a security write up   ......  I may see the dangers, but am not informed sufficiently to do this.

Maybe one of our more security-informed members (and there are quite a few) would take up that challenge.

[Neal ManBear]

I was thinking that you articulate the issues quite well.     

[Archie]

Hey CO, what ticked you? You've been acting all paranoid for a couple of days now?

However, whatever our user security is only as good as how we apply the tools that are available to us, and the knowledge that we have learned.

I agree with your points - emphasis, education, awareness ... but a reaction bordering fear is not like you at all and it is not going to help any.

No doubt we all agree that if our login account is compromised we're pwned. How many times in the news have we read about thousands of users info stolen, zombie network and botnets, about sniffers, keyloggers, anonymous and lultz. The reason we are using a more stable and secure OS is so we can avoid getting in the mix. Schooling users about computer security, especially one's user account, is a tedious lesson to be learned.

I just remembered Retroshare. Remember when we were playing with the app and exchanging MP3s, etc. then we stopped using it. Why? I'm sure you would agree that it was a good tool to use among friends but subconsciously we were alerted to the possibilities of other users snooping on our shares. From then till now, I'm sure we've learned a great many a-things.

[Just17]

Hi Archie!  No, not ticked off   nor even paranoid    ... although a healthy level of paranoia is to be welcomed 

***

I guess this has been bubbling with me for quite a while.

I am fed up with the responses people get from long term Linux users about how the OS itself must be protected and ways to ensure any danger to IT is minimised, while at the same time ignoring for the most part, the fact that the only real valuable data on the user's PC is accessible from the user account and it is from there the real danger lies.

If my PC is connected to the internet, but my single user account does not use any application to go on line for any reason, then there is a miniscule danger to my data .....  or indeed to the OS itself.
This is, no doubt, because the Linux OS is designed for security. Yes there will be breakages, but hopefully they get fixed with updates.

This means I am very happy that my OS is as secure as is reasonable, while still allowing functionality.

Now add a user account with GUI on top of that, and what have we for the DE?
Mostly, it seems to me, the security of the DE gets ignored, with the usual responses of the OS is OK, make back-ups of your data 'just in case' and so on.

I want to see that change.
I want users to be made aware that although the OS is pretty well secured, their data security is dependent on their DE, user's actions and practices etc etc.

That message is not being promoted as *I* think it should.

There is not much point in having the most secure OS, (even impregnable,) if my user data is at risk through lack of knowledge, education and bad practice on my part.

It is my belief that we have a responsibility to users to inform them of the possibilities (maybe probabilities in the future) of malware due to their current practices, and at the same time, offer some possible solutions.

For certain they do not have to apply those suggestions, but they cannot come back later and say they were not informed.

At this point in time, I have only vague ideas of the malware possibilities (present and future) and possible solutions.
I want to be informed so that I can make decisions on the risks I am prepared to take.

To me that is what this is about .....  information to allow informed decisions to be taken by the user.

Categorising this as paranoia and fear is doing everyone a disservice.

This, IMHO, is a subject that needs to be brought out into the open; let the light shine on it, so that opinions can be expressed, information provided and users can learn and maybe employ more secure habits.

So no, I am not being paranoid or fearful.
I am highlighting a lack of information and advise which is endangering user data, by giving a misleading impression that because the OS is very secure the user data is covered by that security. Yes there is an overlap, but hopefully the reader gets my point.

regards 

[Just17]

I noticed this discussion has brought this thread waaaaay off topic.

Maybe a mod would consider breaking out the OT posts?

Sorry for my part in that

[Archie]

Done ... and changed the topic to be appropriate.

[Archie]

I'm with you, CO. I agree that we have a responsibility to inform our users that in spite of the security and stability that they feel Linux has to give, the plausible dangers of the Internet are very real and that they should take the necessary steps and measure to secure their user accounts through ...

(1) Using a strong password.
(2) Installing apps only from reputable PPAs and mirrors.
(3) Scan USBs and other devices if they are not the user's
(4) Avoid downloads from unreliable sites; read comments for the downloads
(5) Be selective in posting personal information
....

I think I'll join the campaign ... what should we call it?

Oh gawd ... I am blabbering again, ain't I? Time for more coffee.

(6) Vampires are good programmers.

[Just17]

 

Dunno about a campaign    but maybe a few members could get together and create a bunch of short articles dealing with specific aspects of this, and then it could all be brought together into one comprehensive article outlining the dangers and the preventive measures that the user might take.

For instance .....  one might be using a browser ....  yes there are all sorts of plugins etc and quite a few of them are available for most popular browsers.

But why should advice be dependent on the availability of plugins?

Would it not be much safer to run a browser in a secured environment all of its own?
Would it not be better if all browsers were subject to the same environment?
So even if the browser did manage to accept malware it would be confined to that environment and not be able to access either the root or the user environment.

Do we have an article - a step by step guide for users - about how to achieve this, in a simple manner?
If it is not so simple could we not provide a script to do it?  or some other means to make it easy for user?

It is practical ideas like this that I think might be useful.

What do you think?

Am I just dreaming?

[kjpetrie]

I suppose you could start by setting up a separate user to run your browser in, and modifying the browser menu item to switch to that user before launching it. I'm not sure whether that user would need a password if the only thing it could run is the browser, if it didn't need a password that would lessen the inconvenience in launching it. If your user permissions are set properly, that would give the browser no access to your home directory tree.

The downside is you'd have to switch user to view any downloaded files and you might have to switch to root to copy them into your home directory if you actually wanted to work on them. There's always a small risk in becoming root, of course. Also, mailto links wouldn't work unless the special user could also run your e-mail program.

The problem is, the more you confine applications to their own sandboxes, the harder it is for them to interact. It's the interaction which is both convenient and a threat, because it's what makes the machine powerful. You can have it hard to use but secure or easy and insecure, but it's difficult to have both because if you lock doors you need keys to open them before you can go through.

Different users for different purposes and careful decisions about which users can do what is the way to achieve it, but it would be a big job to work out and most of us haven't the time to do it. Putting your most sensitive data in an account you only access when you need it would be one way to protect it, but it would make use of the machine inconvenient much of the time. At worst, you'd need to enter a password to launch every application or to copy every file, and things wouldn't be able to talk to each  other.

[Just17]

As you say kjpetrie, it is not easy do while still maintaining a reasonable amount of convenience.

I recall I did once set up a separate user account from which I ran browsers .....  but did not have the knowledge to make it more convenient while remaining reasonably secure.

I believe that most of the inconvenience could be overcome with judicious use of permissions etc.

How to best achieve this is a different matter.

I would hope that such things could be brought forward for discussion and ideas on how best to implement them. That I believe would benefit us all.

So .....  other user account for apps .....  maybe a common storage for downloaded files which could be checked regularly ......  maybe make use of VBox if possible ..... other ideas ....