Page 1 of 2 12 LastLast
Results 1 to 15 of 20

Thread: Linux question

  1. #1
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Pittsford,NY
    Posts
    873
    Thanks
    516
    Thanked 35 Times in 27 Posts

    Linux question

    I wanted to be able to use a Linux-based "live" CD to do online banking etc. When I looked into the various options I chose to install "Puppy Linux" on my Windows 7 SP1 desktop. Then I hit a roadlock which leads to my question.

    I wanted to open a Steganos Locknote that contains my sensitive information. Call it example.exe

    "Puppy Linux" wanted me to enter a command to open example.exe

    I tried different things, but none worked.

    How do you do such a simple thing in Linux?

    Thanks,
    Dick

  2. #2
    Silver Lounger
    Join Date
    Mar 2014
    Location
    Forever West
    Posts
    2,072
    Thanks
    0
    Thanked 259 Times in 248 Posts
    It's not a dumb thing, just that Linux is a different Operating System and just like Macintosh OS X one has to have different programs from what Windows can run. Some software publishers produce programs for all three systems.
    http://linuxexchange.org/questions/1...ganos-locknote

  3. The Following User Says Thank You to Berton For This Useful Post:

    Dick-Y (2014-10-11)

  4. #3
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,172
    Thanks
    47
    Thanked 981 Times in 911 Posts
    You would need to install / run Steganos Locknote, but it is a Windows program and won't run in Linux. There doesn't appear to be any password management program installed in Puppy.

    cheers, Paul

  5. The Following User Says Thank You to Paul T For This Useful Post:

    Dick-Y (2014-10-11)

  6. #4
    New Lounger
    Join Date
    Nov 2014
    Posts
    3
    Thanks
    1
    Thanked 1 Time in 1 Post
    There is a password safe program named "KeePass" available for Linux and Windows. I don't know the Puppy distro much but I do know Mint very well. I would guess that KeePass will work on Puppy also. KeePass is "OpenOurce" and will open just about every vault file type on the market. Hope that helps, SALUTE!

  7. The Following User Says Thank You to Cybertek For This Useful Post:

    Dick-Y (2014-11-01)

  8. #5
    Silver Lounger
    Join Date
    Mar 2014
    Location
    Forever West
    Posts
    2,072
    Thanks
    0
    Thanked 259 Times in 248 Posts
    A thing about looking for software for Linux is knowing whether the distribution/version of Linux is based upon RPM Package Manager or DEB/Debian. I think Puppy is Debian-based like Ubuntu/Kubuntu and my favorite, Linux Mint.

  9. #6
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Pittsford,NY
    Posts
    873
    Thanks
    516
    Thanked 35 Times in 27 Posts
    Thanks Berton.

    Dick
    Last edited by Dick-Y; 2014-11-02 at 07:51. Reason: needed cap letter

  10. #7
    Silver Lounger
    Join Date
    Mar 2014
    Location
    Forever West
    Posts
    2,072
    Thanks
    0
    Thanked 259 Times in 248 Posts
    You're welcome.

  11. The Following User Says Thank You to Berton For This Useful Post:

    Dick-Y (2014-11-02)

  12. #8
    Lounger
    Join Date
    Dec 2009
    Location
    Arizona
    Posts
    25
    Thanks
    0
    Thanked 2 Times in 2 Posts
    In order to run a Windows program in Linux, install WINE. Then, read how to use it. Note that not all Windows programs can be made to run in Linux, but usually, there are several (free) Linux programs that are comparable to the Windows one. I've been a dedicated Linux(Mint) user now for over 5 years.

  13. The Following User Says Thank You to tosim For This Useful Post:

    Dick-Y (2014-11-06)

  14. #9
    New Lounger
    Join Date
    Jul 2014
    Posts
    6
    Thanks
    0
    Thanked 2 Times in 2 Posts
    I have taken a different approach and install windows in Virtualbox. i get the couple of windows programs i can't live without inside the security of Linux. I use Archlinux but this is not for the linux beginner. Ubuntu, Mint, and PCLinuxOS are easier for first timers.

  15. The Following User Says Thank You to YinFu For This Useful Post:

    Dick-Y (2014-11-07)

  16. #10
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    Just a small correction. KeepassX is not the same program as Keepass for Windows. The Open Source version is KeepassX:
    http://www.keepassx.org/
    The Windows version of KeepassX can be run as a portable app. In Linux, the program has to be installed, but the database can be saved to a USB key or to The Cloud.

    FWIW, I also would use a Windows VM inside of a Linux host for running Windows security programs, if there is no acceptable Linux alternative. WINE is fine for most programs, but where security is important, I just don't trust WINE. Best choice is to use a native Linux or cross-platform program for managing passwords.

    For online banking, there are said to be security advantages in using a fully-Linux environment. Browser security and OS security seem to interact favorably in Linux, compared with Windows.

    However, recent revelations show that Linux is not invulnerable. All current patches to Linux, browsers and plugins must be applied to get any security advantage over Windows. Further measures, like AppArmor are also recommended. Linux Live CDs just don't cut it anymore.
    Last edited by bobprimak; 2014-11-10 at 13:38.
    -- Bob Primak --

  17. The Following User Says Thank You to bobprimak For This Useful Post:

    Dick-Y (2014-11-10)

  18. #11
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,746
    Thanks
    171
    Thanked 649 Times in 572 Posts
    Quote Originally Posted by bobprimak View Post
    Just a small correction. KeepassX is not the same program as Keepass for Windows. The Open Source version is KeepassX:
    http://www.keepassx.org/
    KeePassX is a port of KeePass which is also Open Source (and their databases are compatible):

    http://en.wikipedia.org/wiki/KeePass

    Bruce
    Last edited by BruceR; 2014-11-10 at 23:43.

  19. #12
    New Lounger
    Join Date
    Jul 2014
    Posts
    6
    Thanks
    0
    Thanked 2 Times in 2 Posts
    >However, recent revelations show that Linux is not invulnerable. All current patches to Linux, browsers and plugins must be applied to get any security advantage over Windows. Further measures, like AppArmor are also recommended. Linux Live CDs just don't cut it anymore.[/QUOTE]


    if you are referring to the bash shell bug...this was a potential problem for web servers, not your typical desktop user. And this was fixed much faster than any Windows bug ever has. That is the strength of open-source. Users respond immediately, no corporate bureaucracy in the way.

    Although a good idea for web servers AppArmor is only necessary for the most paranoid home user because modern distros will insist on user level accounts for daily use. Root access is usually only through terminal access on most desktop distros.

    If you really believe that linux live cd's "don't cut it anymore" you have not tried the Tails iso. Even the NSA had to work very hard and over a long time to compromise TOR.

  20. #13
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    Quote Originally Posted by YinFu View Post
    >However, recent revelations show that Linux is not invulnerable. All current patches to Linux, browsers and plugins must be applied to get any security advantage over Windows. Further measures, like AppArmor are also recommended. Linux Live CDs just don't cut it anymore.

    if you are referring to the bash shell bug...this was a potential problem for web servers, not your typical desktop user. And this was fixed much faster than any Windows bug ever has. That is the strength of open-source. Users respond immediately, no corporate bureaucracy in the way.

    Although a good idea for web servers AppArmor is only necessary for the most paranoid home user because modern distros will insist on user level accounts for daily use. Root access is usually only through terminal access on most desktop distros.

    If you really believe that linux live cd's "don't cut it anymore" you have not tried the Tails iso. Even the NSA had to work very hard and over a long time to compromise TOR.
    BASH is not the only long-unpatched vulnerability found in desktop Linux lately. It isn't called BASH in some distros, but rest assured, the Shell Scripting Language in most desktop Linux distros is BASH by a diffferent name. Another recent example -- POODLE attacks in Linux Firefox and Chromium browsers were identical to POODLE attacks in Windows IE browsers. (Or, Apple Safari browsers, for that matter.)

    TOR does not stop hackers. It does not filter malware at all.

    Many or most of the same cautions which apply to their Windows counterparts apply to Java, Flash Player, and javascript vulnerabilities in Linux, plus a few extra twists. The Adobe Flash Player plugin for Linux Firefox has not even had a version upgrade since version 11.2.x, in 2012. Like Windows XP, there is only so much security patching which can be done for the older Flash Player plugin. This sampling is only a partial listing of non-kernel security issues which make older or unpatched versions of desktop Linux vulnerable.

    Beyond BASH and POODLE, there have been at least four other major and long-standing desktop Linux vulnerabilities which have made headlines in the past few months. The headlines emphasize servers, since this is a way to alarm people and attract the eyes of folks who do not run Linux on their desktops. Desktop Linux is in essence a subset of Server Editions, within the same distro families. And hence, many of the same security issues apply, regardless of scale.

    Here's a listing of Linux kernel CVE issues, some major, which seems pretty reliable, though not comprehensive.
    http://www.cvedetails.com/vulnerabil...ux-Kernel.html
    Just the ones for 2014 run on for over 25 report references.

    Live CDs and DVDs can't incorporate the latest security patches for any distro of Linux (unless your distro publishes and you download and burn a new disk every few days). My Ubuntu Linux every week gets a few parches which are listed as security patches. Some seem to have seriously important severity levels, based on their brief descriptions.

    I am not sure when or whether a recent full-scale security audit of the Linux Kernel has ever been done. Without the results of such an Audit, we are all talking about Linux security without hard evidence one way or the other. Even with a general Audit, there can still be undetected security bugs.

    Linux used to be protected (a little) by its obscurity (small user base and little attention by hackers). But the recent revelations of long-standing unpatched Linux security bugs have pointed towards increased attention to Linux by hackers. These revelations do not specify Server Editions vs. Desktop Editions, and as with BASH, desktop components in Linux tend to be the same or similar to many Server Edition components. In any event, it's the same kernel, and the same shell languages, and the same browsers and plugins, within each of the main Linux distro families.

    I am not saying I believe as do some of the moderators here in The Lounge, that Linux is less secure than Windows. Only that using an out of date Live Linux CD or DVD for banking is like using an unpatched OEM Windows installation for the same purpose. Linux Live is maybe a bit more secure, but certainly not secure enough. At least not for me. (And by out of date, I mean any time more than a few days after the official release of the CD or DVD image.)

    I use installed Ubuntu Linux for sensitive transactions, fully patched and with AppArmor and the standard AppArmor Settings download, with only a few Firefox enhancements manually tweaked into it. Brain-dead simple to set up. No issues at most web sites with AppArmor interfering too much. This is no longer paranoia for Desktop Linux users -- it is due diligence.

    "It isn't paranoia if they really are out to get you."
    Last edited by bobprimak; 2014-11-15 at 15:14.
    -- Bob Primak --

  21. #14
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,746
    Thanks
    171
    Thanked 649 Times in 572 Posts
    Quote Originally Posted by bobprimak View Post
    I am not saying I believe as do some of the moderators here in The Lounge, that Linux is less secure than Windows.
    I only said that Linux is not more secure by design. I.E. It's not fundamentally more secure than Windows (although we always used to be told that it was, by you and others).

    Bruce
    Last edited by BruceR; 2014-11-15 at 17:43.

  22. #15
    Lounge VIP bobprimak's Avatar
    Join Date
    Feb 2009
    Location
    Hinsdale, IL, USA
    Posts
    2,482
    Thanks
    176
    Thanked 152 Times in 129 Posts
    Quote Originally Posted by BruceR View Post
    I only said that Linux is not more secure by design. I.E. It's not fundamentally more secure than Windows (although we always used to be told that it was, by you and others).

    Bruce
    Yes, I used to drink the KoolAid about Linux being essentially invulnerable. Recent developments in the Tech Press have shown clearly that this was over-confidence.

    I am not singling out any one or even several Lounge members for pointing out that Linux invulnerability is a myth. This fact has been backed up by recent tech headlines well enough for my satisfaction.

    I just do not buy into remarks like those of Ruirib
    (http://windowssecrets.com/forums/sho...l=1#post971940)
    I don't think Linux is inherently safer than Microsoft's OSes. I actually think it is the opposite...
    without references or additional expert opinions that Linux is less secure than Windows.

    It's OK with me if people have experiences and training which lead them to conclude one way or another. But with divided expert opinions about which OS is safer, I conclude that it all really depends on how the OS is maintained and used. Whichever OS is used, it can be safer or less safe, depending on these factors and user behavior. When vulnerabilities are found, they should be addressed, not denied.

    I tend to side with Susan Bradley when she has repeatedly recommended Linux as one way to stay safer when doing online banking and other sensitive activities. Since her last recommendation which included this option was recent (earlier this year) I think the advice is still in place.

    My original cautionary advice here is about using an out of date Linux version, which all CDs and DVDs become over time. As with Windows, unpatched versions are inherently less safe than patched versions. The only way to be up to date, patched, and have all browsers and plugins patched and up to date is to install Linux, just as with Windows, and run the updater (or the Command Line equivalent) every week or two at the minimum.

    App Armor for Linux and EMET for Windows add another layer of security. The Windows Firewall, or the Ubuntu Linux Firewall, also add more security. And so on.

    The post by YinFu (#12 above) states that such precautions are for desktop Linux users "paranoid". Recent evidence seems to me to indicate otherwise.

    Linux can be used in a reasonably safe and secure way. As can Windows.

    We are only truly insecure when we become complacent about remaining vigilant. When others discuss with me about security for any OS, I do read and I do make necessary adjustments. That seems to me to be the reasonable approach. Switching back and forth between OSes based on the latest published threats does not seem to me to be reasonable.

    As for why I still use Linux, I have repeatedly posted in The Lounge that I am waiting for Windows 10 general release before returning to using Windows as my primary OS. (Yes, I still think that poorly of Windows 8.) And I still use Windows 7 when that seems to be the more convenient way to get a little work done. Or Linux when it offers for me a more convenient or quicker option (which does happen, BTW). All of which is based on my preferences, not a security analysis.
    Last edited by bobprimak; 2015-01-02 at 14:33.
    -- Bob Primak --

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •