Week 5. Linux, are you safe?

Back in the 90s when Linux had gained its momentum, many people, especially software developers, have preferred to use Linux over Windows.  All of the great things about Linux spread quickly.  A few years later, open source development started its trend. I must admit, open source development has helped the software industries enormously.  Development time reduced from years down to months, and months down to days. However, every good comes something bad.  It is the law of nature.  Every time should there be a virus outbreak; the first thought came to people's mind is Microsoft Windows. It must be MS Windows that are attacked. That is the truth, but why? It is simply because MS Windows gained a majority in the personal computer market.  There was no benefit for hackers to put malware into Linux machines. That is not true anymore.  Linux market has picked up with all of the enhanced interfaces, easy to install and update, very flexible, and most importantly ... it is free!

Like I said, every good comes something bad.  Linux is free, is flexible, is open source.  Because of that, Linux attracts hackers more than ever. It becomes the tool for them to learn, to exploit, and to hack.  Let's pick a case for a discussion, say a company releases an Ethernet adapter that supports both Windows and Linux.  What that means is that two drivers are developed, one for Windows and one for Linux. The driver for Windows is most likely closed source while the Linux driver is undoubtedly open source.  The hacker can use the open source driver to learn about the weaknesses in the firmware of the network adapter.  The hacker then turns around and attack the Windows machine. The hacker can also choose to hack the Linux machines that use such adapter.  He or She can then use the machine to attack others.

In April 2017, Project Zero team at Google figured out some of the weaknesses in Broadcom WiFi module that is used by many Android mobile phones.  According to Beniamini, the communication between Broadcom's Wi-Fi module and the driver is not secure (Beniamini, 2017).  The holes in the communication protocol allow a hacker to send messages to the driver from outside as if they came from the firmware.

Eric Brown, in his article, Linux Malware on the Rise: A look at Recent Threats, stated that the number of malware in Linux machines increased by 300 percent in 2016 compared to the previous year (Brown, July 2017).  In the same comparison, MacOS's malware increased 370 percent.

Sources:

Gal Beniamini (April 4, 2017). Over The Air: Exploiting Broadcom's Wi-Fi Stack (Part 1).  Retrieved from https://googleprojectzero.blogspot.in/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html.

Gal Beniamini (April 11, 2017). Over The Air: Exploiting Broadcom's Wi-Fi Stack (Part 2).  Retrieved from https://googleprojectzero.blogspot.in/2017/04/over-air-exploiting-broadcoms-wi-fi_11.html.

Eric Brown (July 7, 2017). Linux Malware on the Rise: A look at Recent Threats.  Retrieved from https://www.linux.com/news/2017/7/linux-malware-rise-look-recent-threats

Comments

Post a Comment

Popular posts from this blog

Week 10 - STRIDE: Elevation of Privilege

Image
Elevation of Privilege, in a nutshell, is the act of gaining access to information, data, or code that otherwise not allowed under the current user’s privilege.   Every user account has a set of access right assigned to fit the account holder’s function.   Traditionally, user privileges are divided into groups like administrative, operation, and view only.   Each user is assigned to one or more groups and has the privileges assigned to the groups.   In a more sophisticated system, users in the same groups can have different access rights.   There are two types of privilege elevations, vertical privilege elevation, and horizontal privilege elevation.    Vertical privilege elevation is when a user gains the privileges of another user whose access right is higher than himself or herself.   An example of this is the sudo command in Debian Linux systems.   Normal user can perform superuser operation when added to the sudo list....
Read more

Week 7 - STRIDE: Repudiation

Image
In 2000, couple individuals at Signal Lake were sued for $25 million by a man named Suni Munshani.   He alleged that Signal Lake’s officers promised him a large amount of asset.     Munshani provided an email that purportedly sent from the dependents as the proof for his allegation.   The court ordered security professional to investigate and concluded that the plaintiff altered one of the emails the dependent sent to him.   Although this does not relate to repudiation, it brings an important aspect of non-repudiation.   (memecrunch.com) Repudiation, in short, is the denial of any wrongdoing , which is the very first thing anyone would do when they get caught doing something illegal.   Professional hackers learn to cover their track very well.   Likewise, security professionals learn to track.   For the email tampering case I mentioned, the defendant would not win the lawsuit if old emails weren’t available for invest...
Read more

Week 8. Secure Your Credit Cards

In the past few years, online shopping had increased tremendously.  With the growth of online purchase, the risk of credit card theft also grows proportionally.  To protect consumers, major credit card issuers and those involved in the credit card transaction have worked hard to maintain satisfactory security level.   Credit card issuers, today, provides free services that used to come with a membership fee.  One beneficial service is text, email or phone call notification on credit card transaction.  The feature can be activated in card holder's account settings.  Once activated and set to a desired notification preference, the card holder receives notification of the transaction made to the credit card.  The card holder can also receive notification of suspected transactions.  The mechanism works by studying how and where the credit card is being used.  When the card is used outside of the norm, the transaction will be stopped, and the no...
Read more