[TUTORIAL] Basic Computer Security [3] by profitgenerator

View this thread on steempeak.com
· @profitgenerator · (edited)
$3.27
[TUTORIAL] Basic Computer Security [3]
<center>
![PC.png](https://steemitimages.com/DQmTirrUa1A6Dq7GzmeQRPRHTojGaZXJQJMgvgvajXJYiZZ/PC.png)</center>

<br/>

Let's continue the series. I intentionally keep this very simple so that even your grandma can understand this. In the past articles we have talked about choosing a safe and decent hardware setup, now it's time to discuss software. We will go by [ring levels](https://en.wikipedia.org/wiki/Protection_ring) and discuss each level in future episodes.

**Here are the past episodes if you missed them:**
* https://steemit.com/technology/@profitgenerator/tutorial-basic-computer-security-1
* https://steemit.com/technology/@profitgenerator/tutorial-basic-computer-security-2

<BR/>

**So these are the ring levels:**
* Ring 0: Kernel
* Ring 1: Device Drivers
* Ring 2: (Multi) User Space
* Ring 3: Application Space

In this episode we will discuss [ring 0](https://en.wikipedia.org/wiki/Kernel_(operating_system)), which is the kernel, the core of the operating system. It's basically the operating system itself.

<BR/>

# BootLoader
Now there is software loading before the OS, the so called [Bootloader](https://en.wikipedia.org/wiki/Booting#Second-stage_boot_loader), in Linux it's called [GRUB](https://en.wikipedia.org/wiki/GNU_GRUB), which is the screen that loads after the hardware is initialized but before the software, so you have options to choose how to load the operating system (safe mode, rescue mode, with/out Internet, memory check and other parameters). Now if you think about this this would have a privilege of like -0.5, not -1 because that is [reserved for other stuff](https://security.stackexchange.com/a/129099), but neither 0 because it loads before the kernel, and if the bootloader gets infected, it can infect all operating systems that would be loaded afterwards.

So really if you want to defend against BootLoader malware, just use GRUB which is open source, and it's automatically installed if you install a Linux based Operating System clearly.

### NEVER [DUAL BOOT](https://en.wikipedia.org/wiki/Multi-booting)! I MEAN IT, NEVER DUAL BOOT LINUX, ESPECIALLY NOT WITH WINDOWS!

<BR/>

So if you want to use Windows and Linux, just buy a separate computer, but dual booting is retarded in my opinion, since Windows is so prone to viruses that it literally makes no sense to use Linux on the same machine, you can be exposed to a [EVIL MAID ATTACK](https://en.wikipedia.org/wiki/Rootkit#bootkit). Linux is for people who are serious about their security and Windows is for average people, they don't mix.

So never Dual Boot! Just install a clean operating system with it's associated Bootloader, and use only 1 operating system per computer.

<br/>

# Ring 0 Protection

Well to protect the kernel system from malware, it must be free and open source. So only the Linux kernel can be used if you want a secure computer. There is no alternative, it's free and open source, makes no sense to use a closed source prone-to-malware type of kernel.

So the [Linux kernel](https://en.wikipedia.org/wiki/Linux_kernel) is the only choice, more than 80% of webmasters use Linux, yet less than 10% of the general population do. Interesting isn't it. For professionals and security experts only Linux is the choice, while your average trendy probably haven't even heard of Linux, or it think that it's only for nerds, while by 2017 Linux has been really packaged into easy to use operating systems, full GUI, and with a very elegant interface.

<br/>

# Choosing the Operating System

So Linux is the kernel, and the Linux kernel is packaged into various open source operating systems like:
* [Ubuntu](https://en.wikipedia.org/wiki/Ubuntu_(operating_system))
* [Linux Mint](https://en.wikipedia.org/wiki/Linux_Mint)
* [Debian](https://en.wikipedia.org/wiki/Debian)
* [Manjaro Linux](https://en.wikipedia.org/wiki/Manjaro_Linux)
* [Antergos](https://en.wikipedia.org/wiki/Antergos)
* [openSUSE](https://en.wikipedia.org/wiki/OpenSUSE)
* [Fedora](https://en.wikipedia.org/wiki/Fedora_(operating_system))

And countless others, that you haven't even heard of. I mean literally who would be so dumb to pay like 200$ for an OS when you get these ones with a gorgeous interface and high security for free. They are also fully packaged with all the tools you need.

If you are totally novice, just get started with Linux Mint, it's the easiest Distro for total newbies. But if you want a total advanced experience then try Debian which has over 51,000 free apps, you’d have to be a big sucker to pay for a software after that.

<br/>

# In fact I made a very quick and easy tutorial to install Linux Mint step-by-step:
* https://steemit.com/technology/@profitgenerator/linux-mint-installation-tutorial-full-install-in-10-minutes

<center>![Mint_18_cinnamon.png](https://steemitimages.com/DQmVjSFGnHzGmKN53mAyRNDVtdM4cYDHWqZkeeAfbpce3nb/Mint_18_cinnamon.png)</center>

You can literally install it in 10 minutes. Just back up all your files, make sure they are backed up, and then the installer will do a clean install, wipe your harddisk, and install Linux Mint in 10 minutes or less.

I guarantee you, you will never look back, whatever shitty proprietary operating system you were using before it. No more viruses, no more anti-viruses (you don’t really need one), no more bugs and application errors. Just free and open source software, and true computer security, mixed with the pleasure to discover and built applications by yourself.

Actually all major closed source softwares run on Linux too, except video games, so if you are a gamer, then tough luck, but any other softwares like Skype, Google Earth, Messenger Apps (through [Pidgin](https://en.wikipedia.org/wiki/Pidgin_(software))) and even Minecraft runs of Linux. So really if you are a casual user you will not miss anything.

In fact you will get exposed to real free and powerful softwares like:
* [Libre Office](https://en.wikipedia.org/wiki/Pidgin_(software)) (a full & free office suite)
* Audacity, a free & powerful sound editor
* Brasero, free CD burner and editor
* GIMP, free and powerful photo editor
* Image, Video and other app players
* Programming tools
* Cryptographic tools (GPG, hash calculator, encryption, RNG)
* Keepass, free and safe password manager
...etc

Most of them come installed by default, certainly on Linux Mint, so you have all the apps you need already preinstalled, and literally after 10 minutes you have the entire operating system preconfigured for you.

So you have all the benefits and almost no drawbacks except maybe it will take time to get used to it:
* Tons of free & powerful apps
* Open source
* Nice design, and easy to learn softwares
* Safe & frequently updated software by voluntary contributors

Plus you will pretty much eliminate most of the malware threat regarding the 0 ring level. If you use the Linux kernel which is constantly being developed by experts and whenever a bug is found it gets fixed immediately, so it’s development and security is lightyears ahead of it’s competitors, despite having a low funding. Open source developers are just more enthusiastic about their work, than corporate people.

<BR/>

<CENTER>![warning-2168379_1280.png](https://steemitimages.com/DQmSWkP6odNAqEbbFdSzdoMzBELF898D5WmAkBu5PSGdE4Z/warning-2168379_1280.png)</CENTER>

# Malware & Ring 0

Now while the malware threat on Linux is severely reduced, it is still not 0, so in the next episodes I will reveal additional things that have to be kept in mind.

There is something called a [privilege escalation](https://en.wikipedia.org/wiki/Privilege_escalation) meaning that if there is a bug in the kernel, then some applications can execute random scripts (possibly malware) in the kernel space, infecting the entire computer.

So there is no defense against this in the kernel side, other than just keeping the kernel updated, always using the latest `stable` kernel. Because the latest release may be too experimental and might break several softwares, so using the latest stable release which has been tested at least is the proper way to ensure you are safe against these threats.

But there are things that you can do in the application space to ensure that the application itself is not malicious, so that will be another episode when I’ll talk about ring 1,2,3 issues.

<BR/>

<CENTER>![board-73496_1280.jpg](https://steemitimages.com/DQmPnpgnJt8jaBGPmTc1dygFik23nLzZZQbvxT15AdC8VhG/board-73496_1280.jpg)</CENTER>

# Recap

Okay so the things you have to keep in mind are the following:

* Only use Linux based operating systems “Linux Distros”, no closed source operating systems are acceptable if we really want to be safe. They could have a backdoor or spyware installed, or just have sloppy developers that can’t keep up with the bugs, so it’s always better if the code is transparent and many people can check it.
* NEVER [DUAL BOOT](https://en.wikipedia.org/wiki/Multi-booting), so you should ONLY have 1 Linux installed on your computer through a clean install, and the hard disk formatted before it. One computer should have 1 operating system, that’s it. Let’s not complicate things and in the process expose ourselves to new attack vectors like [Evil Maid](https://en.wikipedia.org/wiki/Evil_Maid_attack).
* Always keep the Operating System & Kernel up to date, using the `latest stable` release of the kernel. Neither the latest experimental one, nor the old depreciated ones, but the latest stable one. For softwares, currently, for Debian 9 it’s codenamed `Stretch`. Linux Mint for example has an auto-updater that will show you whenever a new version of the Linux Kernel is out, so then make sure you update it!

Otherwise just enter the following 2 commands in the terminal periodically for manual update & upgrade (only for Mint, Ubuntu & Debian distros):
`sudo apt-get update`
`sudo apt-get upgrade`


<br/>

------------------------------------------

**Sources:**
* https://pixabay.com
* Screenshot by Linux Mint team: [GPL](http://www.gnu.org/licenses/gpl.html), via Wikimedia Commons

-------------------------------------------


<CENTER><H1>Upvote, ReSteem & <a href="https://steemit.com/@profitgenerator" target='_blank'><img src='https://s4.postimg.org/cfz9b1mnh/bluebutton.png' border='0' alt='bluebutton'/></a></H1>
</CENTER>
👍  , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
properties (23)
post_id15,261,599
authorprofitgenerator
permlinktutorial-basic-computer-security-3
categorytechnology
json_metadata"{"app": "steemit/0.1", "format": "markdown", "links": ["https://en.wikipedia.org/wiki/Protection_ring", "https://steemit.com/technology/@profitgenerator/tutorial-basic-computer-security-1", "https://steemit.com/technology/@profitgenerator/tutorial-basic-computer-security-2", "https://en.wikipedia.org/wiki/Kernel_(operating_system)", "https://en.wikipedia.org/wiki/Booting#Second-stage_boot_loader", "https://en.wikipedia.org/wiki/GNU_GRUB", "https://security.stackexchange.com/a/129099", "https://en.wikipedia.org/wiki/Multi-booting", "https://en.wikipedia.org/wiki/Rootkit#bootkit", "https://en.wikipedia.org/wiki/Linux_kernel", "https://en.wikipedia.org/wiki/Ubuntu_(operating_system)", "https://en.wikipedia.org/wiki/Linux_Mint", "https://en.wikipedia.org/wiki/Debian", "https://en.wikipedia.org/wiki/Manjaro_Linux", "https://en.wikipedia.org/wiki/Antergos", "https://en.wikipedia.org/wiki/OpenSUSE", "https://en.wikipedia.org/wiki/Fedora_(operating_system)", "https://steemit.com/technology/@profitgenerator/linux-mint-installation-tutorial-full-install-in-10-minutes", "https://en.wikipedia.org/wiki/Pidgin_(software)", "https://en.wikipedia.org/wiki/Privilege_escalation", "https://en.wikipedia.org/wiki/Evil_Maid_attack", "https://pixabay.com", "http://www.gnu.org/licenses/gpl.html", "https://steemit.com/@profitgenerator"], "image": ["https://steemitimages.com/DQmTirrUa1A6Dq7GzmeQRPRHTojGaZXJQJMgvgvajXJYiZZ/PC.png"], "tags": ["technology", "security", "privacy", "howto", "tutorial"]}"
created2017-10-14 01:43:03
last_update2017-10-14 01:46:21
depth0
children7
net_rshares1,359,138,660,617
last_payout2017-10-21 01:43:03
cashout_time1969-12-31 23:59:59
total_payout_value2.642 SBD
curator_payout_value0.629 SBD
pending_payout_value0.000 SBD
promoted0.000 SBD
body_length10,304
author_reputation68,478,707,640,592
root_title"[TUTORIAL] Basic Computer Security [3]"
beneficiaries[]
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars0
author_curate_reward""
vote details (36)
@jahtech ·
Super post
👍  
properties (23)
post_id15,262,669
authorjahtech
permlinkre-profitgenerator-tutorial-basic-computer-security-3-20171014t021029733z
categorytechnology
json_metadata"{"app": "steemit/0.1", "tags": ["technology"]}"
created2017-10-14 02:10:36
last_update2017-10-14 02:10:36
depth1
children1
net_rshares7,509,096,875
last_payout2017-10-21 02:10:36
cashout_time1969-12-31 23:59:59
total_payout_value0.000 SBD
curator_payout_value0.000 SBD
pending_payout_value0.000 SBD
promoted0.000 SBD
body_length10
author_reputation335,394,205,800
root_title"[TUTORIAL] Basic Computer Security [3]"
beneficiaries[]
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
author_curate_reward""
vote details (1)
@profitgenerator ·
thanks
properties (22)
post_id15,266,813
authorprofitgenerator
permlinkre-jahtech-re-profitgenerator-tutorial-basic-computer-security-3-20171014t034436900z
categorytechnology
json_metadata"{"app": "steemit/0.1", "tags": ["technology"]}"
created2017-10-14 03:44:45
last_update2017-10-14 03:44:45
depth2
children0
net_rshares0
last_payout2017-10-21 03:44:45
cashout_time1969-12-31 23:59:59
total_payout_value0.000 SBD
curator_payout_value0.000 SBD
pending_payout_value0.000 SBD
promoted0.000 SBD
body_length6
author_reputation68,478,707,640,592
root_title"[TUTORIAL] Basic Computer Security [3]"
beneficiaries[]
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
@masterthematrix ·
$0.34
Very nice read now I understand more why Linux is a great product, thanks for sharing!!!
👍  
properties (23)
post_id15,264,759
authormasterthematrix
permlinkre-profitgenerator-tutorial-basic-computer-security-3-20171014t030111522z
categorytechnology
json_metadata"{"app": "steemit/0.1", "tags": ["technology"]}"
created2017-10-14 03:01:12
last_update2017-10-14 03:01:12
depth1
children1
net_rshares140,259,371,332
last_payout2017-10-21 03:01:12
cashout_time1969-12-31 23:59:59
total_payout_value0.337 SBD
curator_payout_value0.000 SBD
pending_payout_value0.000 SBD
promoted0.000 SBD
body_length88
author_reputation9,476,908,045,141
root_title"[TUTORIAL] Basic Computer Security [3]"
beneficiaries[]
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
author_curate_reward""
vote details (1)
@profitgenerator ·
it is very cool
properties (22)
post_id15,266,842
authorprofitgenerator
permlinkre-masterthematrix-re-profitgenerator-tutorial-basic-computer-security-3-20171014t034507700z
categorytechnology
json_metadata"{"app": "steemit/0.1", "tags": ["technology"]}"
created2017-10-14 03:45:24
last_update2017-10-14 03:45:24
depth2
children0
net_rshares0
last_payout2017-10-21 03:45:24
cashout_time1969-12-31 23:59:59
total_payout_value0.000 SBD
curator_payout_value0.000 SBD
pending_payout_value0.000 SBD
promoted0.000 SBD
body_length15
author_reputation68,478,707,640,592
root_title"[TUTORIAL] Basic Computer Security [3]"
beneficiaries[]
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
@terenceplizga ·
It's obvious that you spent a lot of time organizing this material.  Nice job.
properties (22)
post_id15,416,637
authorterenceplizga
permlinkre-profitgenerator-tutorial-basic-computer-security-3-20171016t054151458z
categorytechnology
json_metadata"{"app": "steemit/0.1", "tags": ["technology"]}"
created2017-10-16 05:43:33
last_update2017-10-16 05:43:33
depth1
children0
net_rshares0
last_payout2017-10-23 05:43:33
cashout_time1969-12-31 23:59:59
total_payout_value0.000 SBD
curator_payout_value0.000 SBD
pending_payout_value0.000 SBD
promoted0.000 SBD
body_length78
author_reputation393,046,962,576
root_title"[TUTORIAL] Basic Computer Security [3]"
beneficiaries[]
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
@pierlave ·
If you really want windows you can run in as a virtual machine inside virtual box in linux. I use it for testing purposes!
👍  
properties (23)
post_id16,361,652
authorpierlave
permlinkre-profitgenerator-tutorial-basic-computer-security-3-20171029t133859033z
categorytechnology
json_metadata"{"app": "steemit/0.1", "tags": ["technology"]}"
created2017-10-29 13:38:57
last_update2017-10-29 13:38:57
depth1
children1
net_rshares5,641,514,762
last_payout2017-11-05 13:38:57
cashout_time1969-12-31 23:59:59
total_payout_value0.000 SBD
curator_payout_value0.000 SBD
pending_payout_value0.000 SBD
promoted0.000 SBD
body_length122
author_reputation30,354,439,797
root_title"[TUTORIAL] Basic Computer Security [3]"
beneficiaries[]
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
author_curate_reward""
vote details (1)
@profitgenerator · (edited)
That is if the VM can contain the vulnerabilities inside, and since even the best hypervisors have bugs in them, it's still risky for a sohpisticated malware or vulnerability inside which Windows is very prone too.
👍  
properties (23)
post_id16,370,578
authorprofitgenerator
permlinkre-pierlave-re-profitgenerator-tutorial-basic-computer-security-3-20171029t153415200z
categorytechnology
json_metadata"{"app": "steemit/0.1", "tags": ["technology"]}"
created2017-10-29 15:34:33
last_update2017-10-29 15:34:57
depth2
children0
net_rshares5,494,344,812
last_payout2017-11-05 15:34:33
cashout_time1969-12-31 23:59:59
total_payout_value0.000 SBD
curator_payout_value0.000 SBD
pending_payout_value0.000 SBD
promoted0.000 SBD
body_length214
author_reputation68,478,707,640,592
root_title"[TUTORIAL] Basic Computer Security [3]"
beneficiaries[]
max_accepted_payout1,000,000.000 SBD
percent_steem_dollars10,000
author_curate_reward""
vote details (1)