Gentoo Developer: Is The Linux Desktop Less Secure Than Windows 10?

Written by Michael Larabel in Desktop on 5 February 2017 at 01:24 PM EST. 68 Comments
DESKTOP
Gentoo Linux developer Hanno Böck, who also writes for Golem and runs The Fuzzing Project as a software fuzzing initiative to find issues in software, presented today at FOSDEM 2017 over some Linux desktop security shortcomings and how Microsoft Windows 10 is arguably more secure out-of-the-box.

Böck's presentation was motivated by recent posts on Chris Evans' security blog pertaining to how a Super Nintendo Emulator could exploit a modern Linux desktop. Check out that blog for a lot of interesting technical details on the exploit.


Hanno Böck's presentation pointed out issues with GNOME's Tracker and KDE's Baloo auto-indexing files, including fresh downloads to computers. While Tracker has already implemented sandboxing via libseccomp, KDE/Baloo doesn't yet sandbox their file indexing work.

Böck also criticizes Linux distributions for not generally making full use of Address Space Layout Randomization (ASLR) yet with it being "one of the strongest exploit mitigation techniques." Ubuntu had introduced support in 16.10, Fedora has offered ASLR / posiition-independent executables since Fedora 23, Debian is picking up support in Stretch, there isn't much work in the openSUSE space, and only hardened Gentoo enables these security features. Windows meanwhile had ASLR support in Vista and that modern Windows desktops already use "next-level mitigations" for fending off attack vectors on the desktop.

Another open area is that GStreamer, commonly found on most Linux desktop distributions, is very prone to memory safety bugs. Fuzzing GStreamer still yields a number of open issues, but many of its dependencies may also have their own issues.

So Hanno Böck's argument for the Linux desktop being less secure than Windows being that the automatic indexing of files under Linux has "a lot of questionable quality parser code" and that there isn't this behavior on Windows by default, but that Windows users generally are running anti-virus software too. An exploit with Ubuntu's Apport bug reporting tool was also pointed out and that more must be done to improve the Linux desktop security.

Those wishing to learn more can see these PDF slides while waiting for the video recording to be made available.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week