Not running literally everything with admin privileges

Which is an X11 client running as the same user as you.
Last time I checked, you could simply attach strace to gksu and see the password when the user types it.
You're the retard for thinking UNIX provides anything more than discretionary access control.
Are you one of those faggots who changes the definition of "correct configuration" every week when you learn about a new vuln? 10 years ago _nothing_ was using caps. And right now, no matter how your system is configured, I could literally just modify your bashrc to load a fake version of sudo or any other program. But still, this doesn't matter, because I'm not even interested in getting root, since I already have all your documents.
Again, your problem is that you think UNIX has anything more than DAC.
Wrong again, moron. It can be embedded into programs in a million different ways. A simple way is to load itself into a Python program (by overriding the module path or something like that). Also note that all your programs are written in C. So they all are full of code execution vulns. Since it's too hard for UNIX niggers to make sure there are no execution vulns, they DO NOT audit code that parses files in ~. Thus it's simple to find a code execution vuln and inject your code into something by making a malformed .nignogrc which some C program called nignog will use.
The point went over your head dickfuck. Your snakeoil privileges are not real privileges. Running some shit as your own user is literally equivalent to running everything as root, for reasons stated above.

Nobody here is running UNIX, the old thing that the UNIX-Haters Handbook references. Most of us are using some recent Linux distro, or a modern BSD derivative. They're all different and many can do more than just DAC, although some need kernel patches for that. But OpenBSD straight up has a MAC framework in the default install that's already been applied to the entire userland of the base system, and they're currently working on the same for the ports tree. Lynx for example was already pledge'd, as you can see from the CVS tree here:
cvsweb.openbsd.org/cgi-bin/cvsweb/ports/www/lynx/patches/
(the file in question is patch-src_LYMain_c)
They haven't added unveil yet (the newer part that controls filesystem access) but that won't be any harder than the code you see in that file. It's not rocket science, pretty much anyone with a basic knowlege of C can do this himself.

And as far as being worried about Xorg or terminal seeing you type the sudo password, well you can just do what I do on my ARM board. I don't use X there, only the framebuffer console. If I want to do something as root, I login on a unusued tty, and do it right there. You can also use this simple method to run various network clients. You don't trust Lynx and your distro doesn't have a MAC framework? Then create a lynx user (who has no wheel or sudoers permissions, or any kind of special privileges whatsoever) and then login as that user on an unused tty and then run lynx there, and only there. Now if this user gets compromised, at least the damage is contained. And hey, guess what? This is all done via those DAC things that you think are worktlesss. But they actually work if you use them properly like this, the way they were designed for. Which is to say: an unprivileged user can't fuck with other users' files, and can't even so much as see or read their files if the other users set their home directory permission to 0700. BTW, before you say again "but nobody ever does this", you're wrong. I never fully trusted irc clients, so always create separate user for irc.

Attached: Screenshot-osiris-netbsd.jpg (1680x1050, 156.62K)

So you don't want your programs having access yo your files, gotcha. Maybe iOS is more your speed then, I heard it doesn't have a filesystem.

?
If the process runs as user X, then it can't fuck with user Y or Z or root.
I know your nigger brain is bad at contextualizing these concepts simce "its da same conputur", but I assure you that its a good idea.

I can't say I wasn't expecting anything else but I was hoping that someone would be able to give me some sort of concrete answer to what specifically I'd be putting myself at risk of by running literally everything as admin. Seems the only answer is "well if you're a complete fucking retard you're bound to get ransomware'd as you download exe's masquerading as .zip's off forums for sharing erotic material featuring subjects of questionable age".

Attached: rose is the best listener.gif (408x259, 1.49M)

Even if you were just trolling, you have created an interesting thread. A much more sensible scheme would do away with user level permissions and by default sandbox all programs, so that access to the user directory is prohibited unless explicitly configured.

Attached: auth.png (633x683, 54.96K)

Good luck coming up with a decent permission scheme for the sandbox.
Try considering the permissions you'd need to have for a text editor and a game with a modder SDK to work correctly, and you'll see how annoying the whole thing is.

Also that comic is retarded, admin access allows much stronger malware persistence and thus allows for long term data theft and botnetting, something that's not possible without sudo.

In the off chance you're not trolling, a virus running as admin can do nastier things, such as embedding itself within your motherboard, within your hardware firmware (especially for I/O devices), and generally making itself a lot harder to detect.

Each program has it local file tree it can access. Want two programs to cooperate on the same set of files? You create a new "filespace" for the two of them. Only the operator (a fusion of user/admin) can perform these actions through a confined interface, for which there is no ABI.

When I install a program, I want to see a list of network locations it can talk to, and locations on my computer it can access. By default, it should only be able to operate in the space automatically granted to it.

not stored locally and passwords can't be read out without admin rights.
So the browser may run as user but can't be accessed as user.
only if the user uses a client program
Most normies read them in the browser these days.
True but what use does an application have that can't process data because there is nothing it can access to process it?

tl;dr image is retarded like said.

Hate to break it to you but that is unrealistic.

you stupid fucking nigger

you clearly are computer illiterate though because you bothered to ask a retarded question

HOW EXACTLY WOULD ANY SUCH MALICIOUS SOFTWARE EVEN ENTER MY SYSTEM?

Is this question really so hard to answer or is it just that it's too much fucking trouble to entertain the idea that the person asking it might not be an idiot?

Attached: 1420921803283.jpg (803x790, 72.64K)

You refuted nothing. Obviously there is nothing of value on your machine, but to most people, their most valued assets are in their home directory.

Sorry honey, but the alternative is running software, and hoping it doesn't do anything evil. I hate to break it to you, but that is insane. Open source does not help here users do not have time to perform a full analysis on the software they run (anyone who claims to do this is lying).

The only people who enjoy the Russian roulette approach we have today are those in computer security or retards who fear having to retrain.

Package manager, ports tree... as a home exercise, why don't you come up with a few more ways you can fuck up a machine.

Is this question really so hard to answer or is it just that it's too much fucking trouble to entertain the idea that the person asking it might not be an idiot?

You're not on reddit, you stupid shit.
Downloading from trusted/VIP uploaders and uploading the exe to virustotal.com?
As if anyone does this.

You heard of BAD USB?

This IS a huge step in the right direction. Imagine a FOSS system like that setup with a fine grained permission model. You could run ''totallynotavirustrustmegoy.exe' without much concern. It's much easier to get the security right in ONE place, than relying on the goodwill of the community to A) write clean code, B) catch bad code.

Is this question really so hard to answer or is it just that it's too much fucking trouble to entertain the idea that the person asking it might not be an idiot?

Would you at least fucking apply yourself? All your replies so far basically boil down to "well you see user, assuming you were being a retard one day..."

Attached: condescending loli.png (455x382, 164K)

Who totally cannot be compromised maliciously or through bribes. How many retards just blindly install what their package manager tells them to without even verifying the hashes?

However that is how most people get viruses. Believe it or not.

I'm on Windows. I have many but don't have to use them and I don't. Windows Store(only nonserver/nonLTSB user goyim), PowerShell and I think there was another one

Read a goddamn book.

Off the top of my head, from real world examples:

* Pre-installed malware from vendor
* Malware installed alongside something else, either via acutal original CD or download. Some bundle shit (even obnoxiously obvious as toolbars), some servers get compromised to serve up installers with 'additional features'
* actual 0day against your system - eg: wannacry
* You're a dumb fuck who installed it and bypassed UAC already - what was the correct download button again?
* You've been singled out and targeted
* File sharing with extra payloads
* drive-by browser exploit - you go to the wrong webpage, or are even redirected to it or it loads in an invisible iframe of some other compromised site
* router compromised because it's both out of date and shit, injects/alters your traffic or redirects DNS elsewhere

The list just goes on.

Attackers need to know a thousand ways to breach a system, but only need to leave one trace to be found. Defenders need to know a thousand ways to protect a system, but only need to find one clue of compromise (or attempts of).

The goyim are too stupid to operate computers. A system designed by benevolent Jewish thought leaders could provide a system outlined below.
This system is good because it stops terrorists, pedos, drug dealers and other such hostiles from misusing computer equipment for malevolent deeds. Anyone who objects is suspicious.

nice to see it mentioned and other thing is that tbb doesn't even block frames

This assumes the person buying/using the computer is a complete fucking retard

This assumes the person installing the software the computer is a complete fucking retard

This assumes the person is on a network with tech illiterate morons as only a complete fucking retard would be

This assumes the person using the computer is a complete fucking retard

BY WHO? HOW?

This assumes the person using the computer is a complete fucking retard

This assumes the person using the computer is a complete fucking retard

This assumes the person is on a network with tech illiterate morons as only a complete fucking retard would be

Every single example you've given here for vectors of infection only apply to people who are complete goddamn idiots.

I AM ASKING YOU VERY SIMPLY TO STATE AN EXAMPLE OF HOW AN ATTACK AGAINST SOMEONE WHO ISN'T AN INFANTILE BRAINBURGLED INVALID WOULD MANIFEST ITSELF AND EACH FUCKING TIME YOU TRY YOU FAIL MISERABLY, IF YOU HAVE NO ANSWER OR IF NO SUCH ANSWER EVEN EXISTS WHY NOT JUST SAY SO?

Attached: go back to plebbit.png (396x382, 172.63K)

lol, you are actually retarded, aren't you

Ten points to Gryffindor. This shit happens in the wild.

NO U

Attached: 1363980671674.jpg (230x318, 53.59K)

It doesn't matter how it was last time you checked, it's fixed now. Every system has had exploits and gotten more secure over time, fuck off.
You would have to provide a modified version of all the tools. That would be impractical compared to doing it at the kernel level. And the root user would still be allowed to see it.
Provide me a proof of concept that will do privilege escalation on my system or stfu.
And your reasons are shit.
If you manage to prevent 50% of infections, then that's better than nothing dipshit.
Not it doesn't.
What's the fucking alternative according to you? Rewrite everything in lisp? Yeah good luck with that.
And good luck manually managing what files each executable can access without your computing experience turning to a never ending shitstorm of UAC prompts.
If all you do is browsing facebook sure, iOS might work for you, but for anything more complicated you're going to be using various tools on your files anyways.

Linux is indistinguishable from UNIX aside from fags who take UNIX seriously. Even Windows is basically UNIX since it's the same bullshit based around a C API and files.
never read it.
YES. They can do MAC, which nobody uses. Securing the user against himself is a non-goal.
This is how I did it too and hence why I hate Linux. Even then it still has innate vulns. Even logging in is a pain in the ass. If you type your username and hit enter and then type the password without pausing sufficiently long after the enter key, part of the password goes to stdout instead of being captured. Absolute garbage. Right now on my Linux systems I just run everything as root.
Clearly they don't work if they require the user to do huge workarounds 100 times a day.
Literally write your own IRC client in a memory-safe PL. Problem solved. No DAC or even MAC needed. I stopped trying to get MAC to work around 2009 and went for capability-based security instead.

ransomware _DOES NOT_ remotely require any privileges. if you run something as your own user on Linux or Windows it can do whatever it wants with all your files. who gives a fuck about system32? I can reinstall the OS. what matters is obviously only the user's files

this picture is literally smarter than 99% of neckbeard LARPers

Because UNIX braindamage will make you answer questions like "hurr durr do you want give access to this SHM, socket, and file, etc". Because UNIX braindamage is full of retarded global namespaces. The capability security model in contrast makes sandboxing much easier.
Already debunked ITT. Also user level rootkit is a big and old topic.
And you're relying on shitty Linux/Windows OSs to have no escalation vulns. You're already owned. Everyone here already knows the way to run untrusted software is on a separate machine. If we had a capability-secure OS we could run it on any machine and know it wont escalate, but for now we're stuck with UNIX braindamage.
doesn't matter since they pass through your local userspace
No system works like that jej. UNIX has nothing more than DAC. Stop pretending otherwise.
No, what....

t. UNIX cuck

go back to /g/ you cock sucker. people that don't understand basics of how their beloved UNIX works should fuck off
malware does this even without admin/root privs
LOLLLLLL what am I on Unknown Cheats or RIN?

the fuck are you on about. sane package managers do cryptographic verification. that wont stop you from getting malware from upstream. UNIX is DAC so the moment a single package (and it has tons of redundant packages because UNIX is bloat) is compromised, you're fucked. are you saying you verify against the upstream signatures? LOL. enjoy your marginal security gains while there are much bigger problems you are not addressing

is this 1994? shut the fuck up. if you're using a firefox fork you're already pozzed. There are _millions_ of ways for a website to "stealthly" include files, one of which is frames.

wut
if it's a targeted attack you're already pwned. Every UNIX system has literally millions of vulns which are unintentionally patched and introduced every day in the latest UX update.

This isn't even bait at this point.

He's basacally saying security is not needed because people dont make mistakes.

Learn what the problem with an ad-hoc hypothesis is and fuck off.
Here is how it goes in UNIX land:

Instantly breaks 99% of software, and you'd need to do some incredibly tedious work to even read the README in a program's folder.
Also, how can multiple binaries with shared data files even work out of the box?
Examples include tools offering a CLI binary and a GUI binary such as 7zip, games including a level editor binary, and large work suites such as matlab.

Attackers do not care too much about what you find valuable, they care about what is valuable for them.
One more computer in their botnet is pretty valuable, as it's one more layer of security between them and the law, and that requires root to be able to cover your tracks.
Your credit card info is very valuable too, and that requires long term logging of your actions.
Your dick pics are easy to access but also not something attackers really care about.
Ransomware is a thing, but not too popular since getting paid safely is hard.
The other alternative is coming up with a non-retarded permission system instead of shitting out one more idiotic one.
Microsoft is doing some promising work with local registry hives, but it's far from a full sandbox.

Calling a complex permission system "one place" is cheating.
It's cleaner code for sure, and it's better than what we have now, but let's not pretend it would be easy to write correctly.

Absolutely nothing.

Correct, we should have a capabilty-secure OS in SML, instead of pandering to UNIX trash.
By separating code from data.
most skiddos have never even bothered going for root or hiding their tracks......
LOL. typical darwinist cancer
Yes, which is easily done in userspace

There are already kernels with capability-based security. Why don't you use or develop for one of those instead of-

Confirmed for genuinely retarded.

Attached: 99e26f23dff59b54480f47ba311df6af0ff4d0125cee23198f2c716de232833f.png (850x464, 507.93K)

So he is a C/C++ weenie?

...

Amazing strawman.
Oh I know what user isolation and privilege separation are for. In Unix they aren't nearly as sexy as a dedicated capability-based operating system, but they're still neat when people actually use them.
Here's the thing: imperfect security is still better than no security at all. I'd like to fuck around with OpenBSD or a capability-based operating system, but in the meantime I'll stick with running things as a regular user + separate users for different processes + occasional firejail sandboxes. Will logging in as a regular user protect me much more than logging directly into root? Maybe, maybe not, but I'll take that extra little layer of security even if it isn't much.
You are a sad, angry little man. You have my pity.

Attached: 1447799754473-1.jpg (499x499, 130.24K)

If you want to restrict processes to a subset of the filesystem you already have SELinux, AppArmor, BSD Jails, containers, you can make one user per application like Android does, and probably more solutions I don't know about. What's your problem with Linux and UNIX again? If those OSes are insecure, WHAT operating system do you use? You already said you don't like Windows NT.
HOW do you know your fucking utopian perfect OS is even POSSIBLE to implement in the modern world?
That was a vastly simpler environment where the most complex drivers you had were for a serial interface for a VT100, a single tape reader and a single dot matrix printer, and your user only had two or three files which they edited with vi for their research project.

This anime fag makes some great points.
Windows and Mac are like do download malware and get fucked. Whereas linux is like don't download malware.
That's what I call empowering the user.

It's just a bait thread. OP is clearly a troll.

I have a windows box where I run everything as admin, I run pirated games and software. I also use some websites for work/avoiding work. I have kept a close eye on its network traffic because if you listen to the internet an unpatched windows 7 box with spectre and meltdown should get pwned in 5 minutes. This pc has gone 3 years without getting any virus that I can observe. OP is a faggot, but with common sense/good torrents it really is hard to get a virus or stolen creds. I also have a crypto wallet on there to see if it ever gets emptied, never has.

...

I'm not him but there is the model of capability based computer security. OS implementations of this kind of technology do exist.

I have a windowless box apartment in San Fransisco as a gayman, I butt pirate other gays without protection and suck dick. I also use grindr apps for work/avoiding work. I have kept a close eye on my blood tests because if you're a scene boy having unprotected fag sex with gonorrhea and HIV you can get pwned in 5 minutes in a back alley. This cock has gone 3 years without getting any virus that I can observe. I am a faggot, but with common sense/good bottoms it really is hard to get a AIDS or even HIV. I also have a crypto wallet on there to see if it ever gets emptied during gay orgies, never has.

Isnt that what I just mentioned? (selinux etc)

Nice.

Genuinely can no longer tell if OP is faggot troll or genuine autist.

kek, well memed. I hope you aren't saying I should run everything in some vm world or container, I like computing enviroments that I can smash with a hammer.

SELinux doesn't exactly follow all the features of the capability model to security. In the capability model, the capability token is communicable meaning it can pass from process to process. This doesn't happen for SELinux that works on access controls.

Genuine autist
This thread has done nothing else than validate my approach to assuming full ownership of everything on my system and running everything as admin.
Anyone not doing this is basically a closeted bugchaser since
A) UAC won't save you if you're anencephalic and soon enough you'll suffer a freudian slip and choke on cock
B) if you're not a bugchaser, what are you doing exposing yourself to the poz?

If you don't observe PERSEC then no amount of software-level safeguards will be of any relevance

T-terry???

Attached: terry-grips.mp4 (640x360, 10.77M)

In Winblows it's fucking useless as well-designed malware can bypass UAC anyway, but it can prevent retards from fucking with system settings if you share a computer for some reason in 2018.

Attached: e00ccdfa7d6f9920c5a5ab6451af284262210e8194ec7e2b31c874dabf60a8f7.jpg (927x1032, 85.24K)

While it's gotten fucky, there are kernel patches out there to enforce MAC on linux.

You're mostly correct about these issues though. In a system where some form of privesc is possible any bad program is a threat. The problem is that the whole industry is retarded and they don't want to spend the money to dev a real solution. Like say ksos 11 which was a fully theorem proved OS developed by the DOD to run routers.

kudos, I actually enjoyed this thread. Non-root does not fix everything, QubesOS and the tranny are on the right track.

too bad that malware can use 'alias', ay?
PKI ensures legitimate software more than pure hashes and UAC, but you've got to be a fool to willingly abandon a useful security abstraction.

This all comes back to the same point though, if you share your computer with a retard you've clearly not even progressed beyond the play pen yourself.

Attached: 1375592649830.jpg (560x407, 30.87K)

would it not be solved if the risky aplication would be on another useracount?

Sure thing user!

Attached: laughing sararymen.jpg (400x282, 39.36K)

Are you making an argument?
That's not how it works. The masses adopted that statement to say it's okay to use software that might have vulns in it. You're using it to say it's okay to use something that is insecure by design, which is completely different.
We're talking about running everything as a single non-root user here.
There is absolutely no security retard. Look how stupid you look typing sudo followed by a password every minute when your malware can simply record the password as you type it, and then run sudo itself.
This sounds like the classic reddit "argument": "I bet ur fun at parties". Cock sucker.

I just found out my OS is fucking retarded
oh it must be impossible to implement something else, surely they would have done it otherwise
t. nodev
LOL WUT? this can be done in 0 lines of code in a memory-safe PL with no global variables.
OS dev is magically hard because different hardware exists

Correct, SELinux has nothing to do with the capability security model.

Yeah but nobody uses MAC and much less the idiots ITT who think they can safely execute malware because they type sudo followed by their password 50 times per day.
Privilege escalation can only be done by a few people who know unpatched exploits. Meanwhile, owning a user who runs everything as himself instead of root is trivial and always will be. If there were no vulnerabilities in Linux, you'd still be able to pwn a user who runs everything as a non-root user as well as your malware, since that's be design.

Are you talking about malware like what this thread is about? How will PKI or encryption fix this? The moment you can see the cleartext of a file, so can the malware.

If you were able to use XP without getting malware, you don't need UAC or a limited user account.
/thread tbh

It's not impossible, it would just be so cumbersome to manually specify which parts of the filesystem each process can access that nobody would do it. You don't need any particular modification to the kernel either, you can do it by creating multiple users, SELinux policies, etc.
And I don't see how those capabilities would help you out here, because its not possible to programatically figure out which programs should have access to which parts of the filesystem.
A process being a child of another doesnt mean it needs strictly less privileges that its parent, it might need more or it might need less, I don't see how the parent being able to grant its privileges helps you out at all.
It's not magic, the way more diversity of hardware, protocols and functionality increases the difficulty of developing and maintaining an operating system is pretty simple. The more things you need your OS to do and interact with, the more man hours you need to spend writing, testing and maintaining the different components.

I'm not talking about "basic isolation", whatever that is. Im talking about the non existent operating system that you would consider satisfactory, yet would be suitable for day to day usage.
Do you even have a proof of concept? No? If it's so easy why haven't you written one?

This TBH. The primary benefit of privileges is preventing badly written software from raping my entire machine, and putting nice tight diapers on retarded family/friends/coworkers/clients to keep them from shitting up their playpen. For actual security against malign actors, your only real tool on modern systems is common sense.

Start here:
en.wikipedia.org/wiki/Capability-based_security#Implementations

I'm , not
I have my own OS and it only works on my hardware. If someone wants to use it he can port it. Meanwhile in Linux land you bruteforce the fuck out of the hardware until you mistakenly identify it as configuration #52378572385 and go on and have a shitty unstable system. Oh you need actual engineering instead of waving your hands and saying "it just werks", who woulda thunk? Everything is written in SML and global variables are disabled. So program A has access to nothing by default until program B passes something to it.

(cont)
And i know some UNIXnigger wont be able to comprehend this, but there are no syscalls or builtin functions that can do anything with side effects

>en.wikipedia.org/wiki/Capability-based_security#Implementations
The Flex machine is pretty amazing. It's a stack machine designed for Algol 68 with a microcoded GC and closures as a native data type.
en.wikipedia.org/wiki/Flex_machine
tendra.org/Currie81-firmware.pdf
tendra.org/Foster79-intro.pdf

user vs. elevated privileges making hacking harder
I've taken some pentesting/infosec classes, and having a regular reverse shell has limited usefulness, which makes things more difficult
having a reverse root shell makes things much easier
sometimes you can do privilege escalation, if it's running a really old kernel, but that's not always the case
look up capability-based permissions

It is "always the case" that's the point of the thread. You might not know how you could right away. The whole OS environment is made in a way that allows more privescs to be possible than you could find in your whole life. How do I know this ? Look at the number of man hours spent finding them. Look at the number of man hours spent fixing them. Look at the huge number found over the years. Look at the huge loss of productivity and human potential this whole "worse is better" attitude has caused.

The only way to prevent this kind of thing isn't just MAC it's theorem proving the whole OS and the hardware. Simply stomping bugs as they show up is never going to stop undefined behavior from leading to security issues. The only way to fix this is to eliminate undefined behavior. What people like you do, by having the attitude you have is harmful. It's like trying to stop a bleeding artery shooting blood across the room with a band aid. The "pentesting" and "computer security" industries have a huge incentive in not fixing things. Don't take pentesting classes and sell your soul to become a professional snake oil salesman.

See below.
The point was that this situation is still slightly better than malware not having to scan for your password because it already has root and can fuck over your system immediately. "Absolutely no security" my ass, not to mention that you can completely avoid this issue if you avoid X11, use a better shell, or sandbox your shit properly.
It wasn't an argument, it was a statement. Even if you have some valid points you sound so fucking salty that most anons will just disregard you, which makes this entire idea of educating anons about their security pointless.

And there we have it

Attached: pointing-finger-hi.png (600x307, 101.82K)

Are you using your own OS to post here? I didnt just mention hardware, I also mentioned protocols and practicality for day to day use.

bump

Gtfo winfag

sudo npm install

Attached: 1449441388780.jpg (768x1024, 145.9K)

idk about that but turning off password protection of sudo makes it easier to use if you have a secure password and need it often. its just annoying when so many things need it and its always asking for passwords.

maybe they installed it with a distro package manager and the package is configured to put everything in locations that only root can access? lots of things like to use /var or /usr and normal users cant write there.

It adds an extra layer of security, yeah. It's better than running everything under the same uid, much less the admin/root account where any attacker automatically gets superuser privileges on the first shot.

It's even easier to just login as root on tty1 and swich to other terminal until you need root permissions again.

Attached: 707dd2d44a1511a8fca99cb9811c10820ff7fbb8ae162a70e39e12e339c169d4.png (352x332, 249.45K)