Update I have come to a decision. Thank you to all who contributed suggestions. Please feel free to keep the discussion going to help others.

You are viewing a single thread.
View all comments View context
1 point

You do realize that this is bullshit, right?

Its typical fearmongering (in fact the same article too) that I have been sent a ton of times by low tech users that fanboy for graphene.

There is no such thing as „physical port attacks“. It also works very different on phones then on computers. You can for example use i2c on an iphone to crack it open which somewhat straightforward to do but still has zero implications for daily use. The linux apps are desktop apps and as such dont have any chance to get through all of the open source community‘s eyes undetected.

Its a completely backwards take that assumes using bad faith software written in the dark by proprietary vendors which just isnt real.

permalink
report
parent
reply
1 point

I only mentioned physical port attacks in a much larger list of things Linux MUST improve on. I am not a grapheneOS shill, nor did any of the supporting articles I sent relate to GOS, so I don’t really understand your response. Read through the links I posted and learn more about the operating system you use. I am NOT saying linux is dogshit, I very much love linux. Why not just educate yourself on this topic instead of assuming things from a place of ignorance or constructing a strawman. I spend multiple hours per day reading and putting into practice Linux hardening techniques, I am not just working with a surface level understanding of Linux security.

Even open source is vulnerable. Two questions: do you examine all the commits on every app you use? Do you compile every update to the apps you use from source? Sandboxing is important because if an application is compromised it cant lead to privilege escalation or userspace spyware.

permalink
report
parent
reply
1 point

I‘m not that bad at rhetoric either but I avoid it when I can.

Your argument is empty. Privilege escalation attacks are plain old cves that get found, evaluated and fixed. You need access to the phone, mostly in an unlocked state to get anything to work like that, same as with a computer.

I know a couple of pen testers and I would definitely know if there were large differences between operating systems securitywise.

permalink
report
parent
reply
1 point

CVEs are often go mislabeled as normal bugs and dont get the attention needed. It also may take a bit for such vulnerabilities to make it downstream.

A simple privilege escalation attack on basically every system goes as follows: add a function into the bashrc file of a users that runs a script, have the script intercept the users sudo credentials and pass the command on normally as if it was just the regular sudo command. Now you have root. Nothing here requires priveleges beforehand. Anything, be it a script, appimage, malicious binary, etc can follow those steps and gain root access by compromising the wheel user. Even without compromising a user, it could simply add a Systemd user service that keylogs (keylogging is still possible on Wayland without security hardening)

A prerequisite of course is getting that file onto the user’s computer. There are a plethora of ways. Simplest way is to learn what applications the user installs, find the weakest link, and compromise them.

There are of course much more sophisticated and better ways, some of which are detailed in the supporting links I sent. Every Security expert and researcher I have talked to can recognize that Linux has an outdated security model. The best links to read would be the hardening guide and “linux isnt secure”.

permalink
report
parent
reply

Privacy

!privacy@lemmy.ml

Create post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

Community stats

  • 4.3K

    Monthly active users

  • 1.7K

    Posts

  • 24K

    Comments