Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
magic-wormhole
Discontinued get things from one computer to another, safely [Moved to: https://github.com/magic-wormhole/magic-wormhole] (by warner)
-
ansible-collection-hardening
This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
-
Armada
Armada is a tool for writing, and proving correct, high-performance concurrent programs. (by microsoft)
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
- syslog-ng
The name enumeration alone should ring bells.
There's always more that can be done, but https://github.com/systemd/systemd/tree/master/src/fuzz contains more than most of the aforementioned combined.
As for how your run your alternative services as non root, you may wish learn about what the contents of this file means: https://github.com/systemd/systemd/blob/master/units/systemd... or this one: https://github.com/systemd/systemd/blob/master/units/systemd...
Can you point to a commonly used initrc that comes even remotely close?
You should also read https://systemd.io/JOURNAL_FILE_FORMAT/ and NetworkManager, which is what Ubuntu uses.
By all means bash away (pun intended), but I keep seeing these points go uncontested and they're not very well founded.
Agree. Not something I know a lot about but it seems to be a significant undertaking. I figure a production-grade implementation in safe Rust is more likely than a verified implementation in SPARK.
I don't know how serious the rustls implementation is. Nice to see it makes no use of Rust's unsafe features.
https://github.com/ctz/rustls
magic-wormhole could be useful. Secure and fast (and fun to use)!
https://github.com/warner/magic-wormhole
While I did not read this properly yet, it seems like a good primer.
There is also a great set of ansible playbooks and roles that should cover this and more that is a good base for Linux servers: https://github.com/dev-sec/ansible-collection-hardening
> If the user has a super secure password shared with a different, compromised service, libcrack will not detect that.
There's a module[0] for that (TM).
> Expiry results in passwords like: (prefix)Dec2020, (prefix)5
libcrack can enforce similarity and rotation checks too [1].
> or cycling the last 2/3 entries.
There's also another module[2] just for that.
[0]: https://github.com/skx/pam_pwnd
Even there it depends. 'Programming practices' is vague. Even C can be tamed, at great expense, using formal methods techniques. [0][1][2][3] Adoption of such methods can give a solid assurance of the lack of UB, like use of a safe language. Weaker measures, like adopting MISRA C, don't provide such strong assurances (although they can eliminate certain categories of errors), and as you indicate, their real value is a bit more subjective. Mandating a bad programming style could actively make things worse.
[0] https://trust-in-soft.com/
[1] https://www.eschertech.com/products/perfect_developer.php
[2] https://github.com/microsoft/Armada
[3] https://www.microsoft.com/en-us/research/project/vcc-a-verif...
https://github.com/PowerShell/Win32-OpenSSH/releases
I think everyone with valid criticisms of this should file an Github issue, I'm definitely planning to, because of these things:
- Lots of discussion on X11 security issues without any mention of wayland
- Not on the Linux page, but they recommend iOS as a secure OS, which is total bullshit given how many failures we've seen with serious bugs/vulns put into production. I can't even remember how many times I've read about bugs in Safari, Whatsapp or some other app that can be chained to get kernel-level privileges. Remember the Jeff Bezos hack?
- No discussion of threat models
- Focusing on academic/technical arguments and not looking at real-world malware ecosystems/exploits (or: why there is orders of magnitude more malware for Windows than Linux)
- Memory safe languages - Linux is totally exploring a way to use rust for parts of the kernel, and Windows is still probably 99% C/C++
I'm all the more confused by this guy since he's a whonix developer, this almost sounds like a Microsoft employee based on how little scrutiny he applies to Windows...
https://github.com/madaidans-insecurities/madaidans-insecuri...
Related posts
- Ubuntu 24.04 (and Debian) removed libsystemd from SSH server dependencies
- Systemd minimizing required dependencies for libsystemd
- Going in circles without a real-time clock
- Excellent succinct breakdown of the xz mess, from an OpenBSD developer
- What we know about the xz Utils backdoor that almost infected the world