[TriLUG] Privileges and Social Engineering
Jeff Tickle
jtickle at jtsoft.net
Fri Jun 11 18:47:46 EDT 2004
Howdy...
I was sitting here dreaming once again of a world where there is no
Windows and everyone runs Linux and lives happily ever after, and a
friend of mine sent me an interesting thread about why Linux isn't a
popular virus target.
One of the messages in this thread was pretty scary. It pointed out
that one of the main reasons Windows viruses are effective even though
Windows now has some administrator/user separation is that very few
people utilize this; either they just use administrator, or all their
users have admin privs... and even if they were set up right, it's not
hard to get past an underprivileged user account.
This is scary because if Linux ever became mainstream, viruses could be
a real problem. Imagine this: A user buys a computer and installs
Linux. He puts in a password for the root user. It says "You should
create a normal user for day-to-day tasks." He doesn't care... its just
more to deal with when installing things and whatnot like that.
All of the installers I've seen are worded similar to this. There's a
root user for admin purposes, and then you can create a user if you want
to, but most people are too lazy.
So I got to thinking: would a simple change in the wording be enough to
convince users that they need a separate account from just root? What
if it were worded like this:
"Linux is designed at the core to thwart viral intrusions. As virii
usually are able to infect computers by gaining access to critical
system configuration, Linux requires a password in order to configure
certain system options, as well as install software. Please choose a
configuration password:"
And then, simply,
"Please specify the username and password you would like to use to log
on to this computer. You may specify as many as you like; it's a good
idea to have one login for each person who will be using this computer."
The "configuration password" is just the root password. Linux geeks
know this and know how to utilize it. Other people don't, and therefore
it's just something they have to type whenever they run some system
configuration.
And if Linux were ever sold pre-installed on computers in a store, this
could be a first-boot kind of thing. Nothing functionally changes; just
the wording, and if the user doesn't know they can log in as the
"configuration" (root) user, they won't. It's about wording, and how
that affects people's ideas.
Just a thought *shrug*
--
Jeff Tickle <jtickle at jtsoft.net>
JTSoft.net
More information about the TriLUG
mailing list