Rich Freeman on 2 Mar 2017 06:45:44 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] "Most Secure" heh heh

On Thu, Mar 2, 2017 at 9:22 AM, jeff <> wrote:
> the majority of Windows 10 vulnerabilities (93 percent)
> could be mitigated by removing admin rights.

How are they defining a vulnerability?  Just something that leads to
admin rights?  They mentioned that removing admin rights solves the IE
vulnerabilities.  That suggests some kind of sandbox violation.  Well,
removing admin rights might block that vulnerability leading to a root
compromise, but probably not a local user compromise.

I think people pay far too little attention to local user compromises.
On the typical single-user desktop box (no matter what OS it runs) an
exploit that lets you run arbitrary code as the logged in user lets
you do just about anything a root compromise would.  It just can't
affect other users on the same machine (on these machines there
typically aren't any other users anyway).

Is it really comforting to know that malware can no longer listen on
port 100 but it can still read your keystrokes and send them to an
arbitrary remote server, read your browser cache, copy all your
documents, encrypt and ransom all your documents and every network
share you have access to, and so on?

Now, cleaning up a PC that is only compromised at the level of an
unprivileged account is going to be much easier as you don't have to
worry about the bootloader or OS itself.  But, is the effort of a
re-install really the biggest cost of a malware infection?  And is any
serious admin going to even take a chance that the malware didn't get
root at some point?

(I'm not really trying to debate whether Windows vs Linux is more
secure overall, just the statement that you can mitigate a lot of
issues by not running privileged.  You can probably mitigate some, but
on a desktop OS it probably isn't as much as you might think.)

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --