Re: Debian Desktop Environment

To: Elmar Stellnberger <estellnb@gmail.com>, Mateusz Kozłowski <mateuszk@hush.com>, debian-security@lists.debian.org
Subject: Re: Debian Desktop Environment
From: Jason Fergus <leech@thefnords.org>
Date: Tue, 27 Oct 2015 10:36:40 -0600
Message-id: <[🔎] 1445963800.2003.3.camel@thefnords.org>
In-reply-to: <[🔎] 562F975E.5080507@gmail.com>
References: <[🔎] 773c27e5d2539181f8178d5e8843117f@smtp.hushmail.com> <[🔎] 562F975E.5080507@gmail.com>

I'm curious about how you were infected by a rootkit, which one it was,
and what you did to discover it?  Using a Sandbox is a great idea for
those two, except of course those are generally the applications with
the most sensitive data as well.  I always try to disable html email,
but people insist on using it...

On Tue, 2015-10-27 at 16:25 +0100, Elmar Stellnberger wrote:
> I would believe that it will heavily depend on how you configure your
> desktop environment:
> * One feature I do always turn off is desktop auto indexing because 
> otherwise even storing an email attachement just for invoking it with
> an 
> online view-as-jpeg service could cause an infection. Note that you
> may 
> have to do this twice (once for Gnome and once for KDE) if you have 
> installed according programs of both environments.
> * select starting a new session on every bootup (the session
> restoration 
> can be used as a hook for ephemeral and home directory rootkits)
> * under KDE there is a list of background services that always run;
> you 
> may reduce it to what you really need (invokable via systemsettings)
> * likely there are other important configuration options (ask for
> your env.)
> * get some understanding of what your X-server does (f.i. 
> http://www.elstel.org/xchroot : problems with a pure chroot, trying
> to 
> resolve these problems by hand)
> * double check the security of the underlying system (netstat -atupn)
> * note that your email program and your browser are the two most 
> vulnerable parts of your desktop environment; consider running them 
> under qemu in a virtual machine
> 
> Once you would comply with all these hints you may likely discover a 
> rootkit inside the virtual machine for emailing or browsing as I did 
> lately. The KDE environment of the host system did not appear to have
> compromised the security of the whole system so far at me.
> 
> Elmar
> 
> 
> 
> On 27.10.2015 12:29, Mateusz Kozłowski wrote:
> > Hi,
> > Could You tell me which debian desktop environment is the most
> > security and the best privacy and which You recommned for debian
> > users? (KDE, XFCE, GNOME etc.)?
> > 
> > 
>

Reply to:

Follow-Ups:
- Re: Debian Desktop Environment
  - From: Elmar Stellnberger <estellnb@gmail.com>

References:
- Debian Desktop Environment
  - From: Mateusz Kozłowski <mateuszk@hush.com>
- Re: Debian Desktop Environment
  - From: Elmar Stellnberger <estellnb@gmail.com>

Prev by Date: Re: Debian Desktop Environment
Next by Date: Re: Debian Desktop Environment
Previous by thread: Re: Debian Desktop Environment
Next by thread: Re: Debian Desktop Environment
Index(es):
- Date
- Thread