[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian Desktop Environment

I'm curious about how you were infected by a rootkit, which one it was,
and what you did to discover it?  Using a Sandbox is a great idea for
those two, except of course those are generally the applications with
the most sensitive data as well.  I always try to disable html email,
but people insist on using it...

On Tue, 2015-10-27 at 16:25 +0100, Elmar Stellnberger wrote:
> I would believe that it will heavily depend on how you configure your
> desktop environment:
> * One feature I do always turn off is desktop auto indexing because 
> otherwise even storing an email attachement just for invoking it with
> an 
> online view-as-jpeg service could cause an infection. Note that you
> may 
> have to do this twice (once for Gnome and once for KDE) if you have 
> installed according programs of both environments.
> * select starting a new session on every bootup (the session
> restoration 
> can be used as a hook for ephemeral and home directory rootkits)
> * under KDE there is a list of background services that always run;
> you 
> may reduce it to what you really need (invokable via systemsettings)
> * likely there are other important configuration options (ask for
> your env.)
> * get some understanding of what your X-server does (f.i. 
> http://www.elstel.org/xchroot : problems with a pure chroot, trying
> to 
> resolve these problems by hand)
> * double check the security of the underlying system (netstat -atupn)
> * note that your email program and your browser are the two most 
> vulnerable parts of your desktop environment; consider running them 
> under qemu in a virtual machine
> Once you would comply with all these hints you may likely discover a 
> rootkit inside the virtual machine for emailing or browsing as I did 
> lately. The KDE environment of the host system did not appear to have
> compromised the security of the whole system so far at me.
> Elmar
> On 27.10.2015 12:29, Mateusz Kozłowski wrote:
> > Hi,
> > Could You tell me which debian desktop environment is the most
> > security and the best privacy and which You recommned for debian
> > users? (KDE, XFCE, GNOME etc.)?
> > 
> > 

Reply to: