Linux kernal exploit...

[Macro]

Ok, I know it's the Register but it raises some interesting questions with Linux as a consumer desktop system, especially as Google Chrome is (as far as we can see) in effect a Linux distro.

Now of course all OS have security problems of one sort or another but Linux tends to get described as having minimal security worries compared to other OS. I wonder, as distros like Chrome move Linux to the mainstream consumer desktop in more substantial numbers just how much of a target it will become for malware, virus and "hackers", and how willing the Linux community will be to handle Chrome security vulnerabilities in a manner consumers will expect, especially if Google are making billions from it. Let's face it, a Google OS with all the PR that will go with it will be top of the list for exploits and malware.

Even OSX with it's heritage and controlled, customised known hardware configurations has it's problems. After a "holiday" period and outside of the enthusiast market, is there a danger Chrome OS actually hands a "We told you it's not that easy" success to Microsoft, Apple, Red Hat, Novell etc and tarnish Google's so far immaculate cool brand?

http://www.theregister.co.uk/2009/07/17/linux_kernel_exploit/

 

[J.B]

I believe Chrome OS is a very ambitious project, and like all OS will be vulnerable to attack. I would imagine (and hope) google will be pumping some money into supporting it and patching it as problems arrise. There will always be bugs and back doors, its how they are supported and dealt with which defines a good OS IMHO.
I havent read too much on it but knowing Google I imagine it wont meet GNU standards of open source. Some elements will be restricted.
I would be very impressed if it gave MS or Apple a run for it's money. In my mind its biggest competition will be the Ubuntu group and even then probably not too much of an issue. I will probably install it on my laptop as it's meant to be quite light weight and aimed at netbooks. I doubt it will be a viable alternative for a desktop computer though. I cant see many people outside the enthusiast circles installing it.

 

[theheyes]

Yeah I read about this the other day, apparantly the fix is quite simply to reorganise the code so the optimizer doesn't inadvertently strip out the check.

The question about Linux security is an interesting one and in all honesty I think the reality will only become apparant if/when Linux captures a significant market share. The advantage Microsoft have is that their OS is constantly under scrutiny and attack and we've seen some significant improvements (XP SP2, Vista for example) as a result.

I do actually believe there is such a thing as security through obscurity - that's not to say it's a good security model (it's not really a model at all) but it's a positive consequence of not being popular. I often wonder how your average Linux distro would cope in the same environment. Would the open source community be able to handle it? I think in the most part the answer would be yes, and I'm always encouraged by the number of software updates available on my Linux boxes, but it would be naive to think that it wouldn't have to go through the same battering Windows has in order to reach a level of maturity. That's not to say Linux is immature, quite the opposite in fact in so far as the kernel is concerned, but as a desktop OS with layers of GUIs, widgets and applications it is still quickly evolving. It's things like this I think we'll see more of rather than kernel vulnerabilities - I could be wrong though, it's hard to say.

There is also the issue of the user - fast becoming, if not already, the weakest link in the chain. You could have the most robust setup going but if the user absolutely insists on installing "keygen X" from "filesharing site Y" then you're always going to be peeing in the wind regardless of OS.

In regards to Google, I think it is a good thing and might just be the catalyst to see Linux gain some more popularity. We've seen what can happen when a company gets behind a distro (Canonical/Ubuntu) so Google with their cash and talent could well deliver a good product.

 

[BigglesPiP]

I disagree with almost everything the OP said, have you ever used Linux?

The bug is very rare in the wild, only RHEL 5, and only when running SELinux (default) or Puseaudio. It will be fixed, there will be a kernel released. And than another day someone will find another bug, it's how programming happens.

 

[tntcoder]

Its definetly a very interesting exploit considering its pretty much caused by GCC compile time optimizations

This is the vulnerable code if anyones interested:

struct sock *sk = tun->sk;  // initialize sk with tun->sk

if (!tun)
    return POLLERR;  // if tun is NULL return error

During compiling, GCC optimizes out the conditional checking to see if tun == NULL because its already been assigned... so GCC creates an exploit in the kernel!

This on its own is pretty bad, but my understanding is that in order to be exploitable it requires selinux due to memory layouts / null pointer protections.

Hopefully no one will find a way to exploit this kernel feature (and there is no doubt others very similar in nature) without selinx/pulse audio.

 

[Macro]

I disagree with almost everything the OP said, have you ever used Linux?

Sorry, what has my using Linux got to do with the potential for Linux to get a lot of attention from Malware, virus and exploiters of other vulnerabilities.

I asked if it was possible for Google Chrome specifically, to "get it wrong" with a modified Linux based desktop OS and find that taking it to the mainstream of people who neither know, nor care about what Linux is, or how it works and how to mitigate vulnerabilities, could lead to Google tarnishing it's shiny brand and hand an inadvertent "victory" to the existing OS authors/distros (including Red Hat, CentOS, SUSE, Unbuntu etc as well as MS & Apple).

Thanks for the stereotypical fanboy answer though

JB, tntcoder and theheys, thanks for the informative posts, I suspect it'll make for an interesting discussion as more details get released about Chrome.

 

[BigglesPiP]

Sorry, what has my using Linux got to do with the potential for Linux to get a lot of attention from Malware, virus and exploiters of other vulnerabilities.

I asked if it was possible for Google Chrome specifically, to "get it wrong" with a modified Linux based desktop OS and find that taking it to the mainstream of people who neither know, nor care about what Linux is, or how it works and how to mitigate vulnerabilities, could lead to Google tarnishing it's shiny brand and hand an inadvertent "victory" to the existing OS authors/distros (including Red Hat, CentOS, SUSE, Unbuntu etc as well as MS & Apple).

Thanks for the stereotypical fanboy answer though

JB, tntcoder and theheys, thanks for the informative posts, I suspect it'll make for an interesting discussion as more details get released about Chrome.

Google Chrome, if it does use a Linux kernel, will not "get it wrong". Every major Linux distro uses a modified linux kernel, as they all pick up a kernel, and apply their own patches and kernel modules. Google chrome would be no different. This approach isn't what makes, or does not make, and OS. As evidenced by Apple's OSX, which uses a modified BSD kernel. They're doing fine amongst their own occasional security bugs. If you were familiar with what Linux actually is (a very small part of an operating system) you would have known all this, and my post wouldn't have seemed stereotypical or fanboy to you. But as you are not familiar with Linux, I seem like every other Linux bod to you, so don't judge if you don't understand, I happily use Windows too.

Yes, if an OS becomes more popular, it becomes a bigger target to commercial hackers, and hackers who'se intention is simply mass infection. However Google Chrome OS uptake won't be fast, and Distros like RHEL and *buntu will be the main driving force behind Linux for many years to come (Remember that Dell will sell you an Ubuntu machine if you want).

Also, what's with the 1st line? The Register is a very good source of IT news. If it was on the Inquirer I could understand the warning.

 

[dangerstat]

Its definetly a very interesting exploit considering its pretty much caused by GCC compile time optimizations

This is the vulnerable code if anyones interested:

struct sock *sk = tun->sk;  // initialize sk with tun->sk

if (!tun)
    return POLLERR;  // if tun is NULL return error

During compiling, GCC optimizes out the conditional checking to see if tun == NULL because its already been assigned... so GCC creates an exploit in the kernel!

This on its own is pretty bad, but my understanding is that in order to be exploitable it requires selinux due to memory layouts / null pointer protections.

Hopefully no one will find a way to exploit this kernel feature (and there is no doubt others very similar in nature) without selinx/pulse audio.

Erm well the guy quoted in the article says he created an exploit in four hours so I think it's unquestionable this will be exploited. Shame the Linux community didn't take this more seriously.

As to the general comments on the security of Linux, whilst others might want to bash windows for it's malware problems in many ways Linux is almost (if not more so) vulnerable to attacks. IMO the hybrid Kernel of NT is more secure that the monolithic kernel of LInux

 

[yashiro]

Given it affects Red Hat systems I'm sure this will be fixed pronto.
Surprised the null pointer optimization didn't throw up more obvious issues earlier.

 

[BigglesPiP]

IMO the hybrid Kernel of NT is more secure that the monolithic kernel of LInux

While I agree that Linux is probably no more secure than Windows on a technical basis, ans as much as It's fashionable to say otherwise, there is an element of security in obscurity.

Altohugh, I think a microkernel is less likely to be secure then a monolithic kernel due to design complexity. Although it should handle a breach of security in a single component better.

 

[Macro]

Snip lots of waffle..

Also, what's with the 1st line? The Register is a very good source of IT news. If it was on the Inquirer I could understand the warning.

The Register, good accurate source of news and facts.. Uhuh

Please try thinking about what I wrote and stop trying to be an elitist smart ****.

The point I was trying to ask people about (and at no point did I say I knew the answer, I was asking a question) was could Google specifically, end up giving themselves problems by trying to release and support an OS.

Part of my conjecture was that the other OS out there, including various *nix flavours, have to a greater or lesser degree evolved a support mechanism to cope with (in this case) vulnerabilities. These mechanisms range from MS (and Red Hat etc) expensive high end support, to "free" community support and updates.

There's still a question about how "open" the Google OS would be I think, and if Google are making billions from it, how ready would the wider Linux community be to support a Google "Linux". Let's not forget given Google's behaviour with search among other technologies it wouldn't be out of character if Google pushed to make Chrome the de facto Linux OS. Now that's not necessarily a bad thing, or even likely but it's another factor I thought might warrant a sensible discussion, in particular with people having far more knowledge on the topic than me.

If you stopped ranting and making snide comments long enough to think about what I said, you'd realise the question has less to do with "hands on" technology and more to do with how a company with a brand name like Google will cope with security and user issues. For an advertising based company like Google to bring a Linux based OS to the average user who neither knows, nor cares about Linux or what the OS is, could prove to be a mistake. The OS and support mechanism is going to have to support people that are IT illiterate and likely to click on every pop up, download and mail attachment as well as IT pros.

Ironically it could hand a PR "victory" to the existing Linux distros and OS like Windows and OSX if Google aren't very careful.

The quote from the register was just topical and made me wonder how Google might cope with this sort of thing if it takes Chrome to the mainstream. You can guarantee with all the PR surrounding Chrome there will be headlines all over the press as soon as the first problem shows up. It's also likely there will be a queue of "hackers" waiting to become infamous as the first to get a major "Google OS has security problems headline.

Less "you don't use or understand Linux" digs please and more informative discussion...

 

[Macro]

While I agree that Linux is probably no more secure than Windows on a technical basis, ans as much as It's fashionable to say otherwise, there is an element of security in obscurity.

Without doubt, which is part of why I wondered if Google taking the OS to the mainstream consumer could land it with a bunch of security and update problems that most *nix distros don't have to worry about at the moment.

 

[BigglesPiP]

High horse waffle I choose to ignore

The register regularly provides accurate reporting on the industry and other news, padded with witty remarks, I like it. However I have worked on projects and seen an El'Reg article trying to guess what the product will be like and getting it completely wrong, which is amusing, but they make it clear they are speculating. Other news sites simply present guesswork as fact and get the maths wrong while they're at it.

Without doubt, which is part of why I wondered if Google taking the OS to the mainstream consumer could land it with a bunch of security and update problems that most *nix distros don't have to worry about at the moment.

Well, Google claim to be making a 100% new OS from the ground up, which leads me, personally, to believe it will not be Linux. People are only assuming that it will use a Linux kernel because Android does. But if it is Linux, it will certainly inherit security traits of the Linux kernel only.

Their ground up production of the OS means they are likely to produce their own desktop and package manager, maybe even so far as the file-system and shell, all things Linux types get very attached to (I like *.deb) so they won't be targeting the linux elite. Aside from their target audience, building from the ground up, they will create their own security traits, both good and bad.

Regardless of what they do, there is one thing we can be sure of about Google Chrome OS; it will have major security flaws, just like every other piece of software.

 

[Dj_Jestar]

Pffft.. much ado about nothing. This 'exploit' will be fixed in no time, long before Google release their OS, and long before any distros adopt a kernel with the vulnerability.

And also, just so everyone can untwist their knickers, I am going to highlight the biggest point to consider:

By itself, Spengler's exploit does not work remotely.

If someone has physical access to your system, you're ****ed with or without this new exploit.

 

[manic_man]

I think the OPs original question was less about this exploit per se and more using it as an example that as the general public begins to use Linux as an everyday OS, which with the advent of Netbooks and Chrome OS, is very likely, then just how vulnerable to malware attacks will Linux be.

Its a two pronged question without any easy answers. Without a doubt, Windows appears as unsecure as it does because it has a majority share of users, and has had for well over 10 years. Having said that, Windows as we know it is only just coming to the point where its general security model can be said to be equivalent to Unix/Linux etc. Even up to Windows XP, all the security measures where top level filtering systems bolted on by MS and not intrinsic to its design.

I believe that on the whole, the Linux kernel will be relatively secure. Its a very agile platform, new kernels can be released very quickly to lots of users. However I think the main problems will lie in the 3rd party apps you find in the many different distros, and this is where Google will have to spend its time and effort.

Just think how easy it is to crash many of the smaller apps that are chucked in with most distros in order to make them into a user friendly package. Some of it is designed in house, some of it comes as part of the GUI, some of it is entirely seperate. Thats a whole load of variability to overcome.

Having said that, my guess is that Chrome OS will probably come with its own shell, i'd be suprised if its built on Gnome or KDE, as well as apps made in-house at Google and we know the browser will be. So in theory all of the vulnerable bits will be fully in Googles control.

Those that laugh at the idea of Linux being vulnerable are naiive though. Any OS is vulnerable, as has been said, users can be stupid, installing random programs etc. But there are also a lot of bored but clever and slightly rebellious people out there. Once enough people are using Linux that making a virus will have enough of a widescale effect, then people will set about doing it. Even OS X is starting to see the advent of specifically design malicious code.

Only time will tell tbh.

 

[FirebarUK]

People are also forgetting the very nature of Open Source development. The sheer number of contributors to the kernel and literally the number of eyes and brains going over the code has huge advantages compared to Closed Source projects.

Also, many hackers and crackers etc. would like to see Linux succeed and Windows fail. I'd probably say it's more likely for some uber-leet geek to spot a bug and tell devs prior to publishing with Linux. Whereas with Windows and OSX they are more likely to publish it first.

I still think Google Chrome OS will be based on a Linux kernel. I can't believe they will be pouring tonnes of money into creating their own kernel whilst they could just re-use existing development which has proved perfectly satisfactory for Android.

 

[theheyes]

I still think Google Chrome OS will be based on a Linux kernel. I can't believe they will be pouring tonnes of money into creating their own kernel whilst they could just re-use existing development which has proved perfectly satisfactory for Android.

This is my thinking, why reinvent the wheel. Even on the Google Blog it says:

Google Chrome OS will run on both x86 as well as ARM chips and we are working with multiple OEMs to bring a number of netbooks to market next year. The software architecture is simple — Google Chrome running within a new windowing system on top of a Linux kernel.

They do go on to say however that it is a completely separate project from Android.