Ubuntu 16.04 just dropped, and with it, a new security feature known as Snaps, which is supposed to simplify the secure development process. Canonical touts Snaps as the best way to keep desktop applications from stealing data, but according to Linux expert Matthew Garret, that’s simply not the case.
Linux users have always touted the security of their endpoints as being more robust than their Windows equivalents. This claim makes a certain amount of sense, on the face of it. As Linux is a minority platform, garden-variety attackers will tend to go after the larger Windows install base. Even if there’s malware targeted at Linux users, the operating system is quite diverse—what works on Gentoo might not work on Debian, for example. Linux security architecture is also somewhat better: users aren’t given default admin privileges, which means that viruses aren’t either. Lastly, a large open-source community makes for fast patches, in theory.
In practice, the idea of Linux security has taken some hard hits in recent years. In late 2014, researchers discovered that malware known as Turla, distributed by an APT group linked to the Russian government, had been infecting Linux systems. This malicious software relied on an open-source backdoor and allowed attackers to input commands and snoop on network traffic. Importantly, no root access was required for the virus to function.
Earlier that same year, a nearly twenty-year-old vulnerability was discovered in a Linux subsystem known as bash. This bug, known as “Shellshock,” specifically affected Linux Ubuntu systems, potentially allowing attackers to execute arbitrary code on users’ devices. Although patches were quickly released, these fixes did not propagate quickly through the Linux ecosystem—four months after it was uncovered, almost 150,000 attempted breaches were linked to the exploitation of the Shellshock bug.
In order to address these issues, Canonical, the makers of Ubuntu, have responded by incorporating a security feature known as Snaps into the latest release of their operating system. Snaps represent a new kind of package format—basically a miniature sandbox in which an application runs itself. These sandboxes are kept separate from other parts of your phone, tablet, or server, and prevent applications from leaking data in unexpected ways. Desktop users may encounter problems.
Unlike servers and mobile devices, which run on newer versions of Ubuntu’s window system, the Ubuntu desktop package runs on an older system known as X11. X11 doesn’t limit the permissions of other applications in the way that newer systems do—and that’s what Linux expert Matthew Garret says is problematic.
Using Snap, Garret was easily able to assemble malware that contained a keystroke logger designed to steal Facebook passwords. An attacker could easily build similar malicious apps designed steal SSH keys, for example, which would allow them to spoof websites or initiate a man-in-the-middle attack.
This goes to show that even operating systems that are thought of as being secure by their very nature still contain inherent vulnerabilities. Moreover, although the secure development process aims to fix flaws that are baked into applications, every new and improved app still has dependencies on older apps that may remain vulnerable. Even if it’s developed with the best intentions, every piece of software ever written has a vulnerability with your name on it.
In order to truly protect your endpoints, security professionals need to invest in software that can detect threats based on how a piece of software behaves. Even apparently invulnerable software can still leak data to attackers, and the process of identifying bugs and applying patches is too slow to be practical. Sentinel One offers a behavioral detection platform that promises to catch vulnerable software as soon as an attacker tries to exploit it—to learn more, schedule a demo today.