Ubuntu 16.04 has potentially serious privacy flaw !

Chat about Linux in general
User avatar
richyrich
Level 19
Level 19
Posts: 9059
Joined: Mon May 04, 2009 8:31 pm

Ubuntu 16.04 has potentially serious privacy flaw !

Post by richyrich »

If you plan on using 16.04 with the X11 Windowing Environment, don't use Snap ! (I don't know if it can be un-installed?)
The issue is that applications running in X can simply ask to receive keystrokes from other applications, Garrett wrote.

“An application that has no access to any of your private data can wait until your session is idle, open an unconfined terminal and then use curl to send your data to a remote site,” he said.

Garrett stipulates that snaps don’t appear to pose any security risks running on Canonical’s Mir windowing system...
http://www.networkworld.com/article/306 ... -flaw.html
Neil Edmond
Level 6
Level 6
Posts: 1139
Joined: Thu Dec 26, 2013 10:19 am
Location: N.E. AR USA

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by Neil Edmond »

Pardon my ignorance, but under what circumstance might someone be running Ubuntu under X instead of Mir?
User avatar
richyrich
Level 19
Level 19
Posts: 9059
Joined: Mon May 04, 2009 8:31 pm

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by richyrich »

Mate, Xfce, KDE, Cinnamon, etc. . . Mir is only used in the Unity desktop environment. (so far as I know)
User avatar
Fred Barclay
Level 12
Level 12
Posts: 4221
Joined: Sat Sep 13, 2014 11:12 am
Location: USA primarily

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by Fred Barclay »

It looks to me as if the problem is with X11, not snap. :? So .debs could cause the same flaws? :?:
Image
"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy."
- Albert Einstein
Pentarctagon
Level 1
Level 1
Posts: 31
Joined: Mon Aug 24, 2015 2:57 am

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by Pentarctagon »

Since Ubuntu uses Mir, it seems like as far as Canonical is claiming with regards to standard Ubuntu that their statements are accurate. This doesn't even seem particularly newsworthy, to be honest - a guy used a new format with older/less secure software, and found a security problem. The sky is blue, and the sun is also bright.
Cosmo.
Level 23
Level 23
Posts: 17817
Joined: Sat Dec 06, 2014 7:34 am

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by Cosmo. »

richyrich wrote:Mir is only used in the Unity desktop environment. (so far as I know)
Not in Unity, but in Unity 8. 16.04 comes by default with Unity 7 and therefor with X. So the answer for the question of Neil Edmond is: Under default circumstances.
JosephM
Level 6
Level 6
Posts: 1169
Joined: Sun May 26, 2013 6:25 pm

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by JosephM »

Fred Barclay wrote:It looks to me as if the problem is with X11, not snap. :? So .debs could cause the same flaws? :?:
Yeah, I'm not exactly sure how this is different from the current situation. That's why you should use software from sources you trust. One of the main benefits of open source is that people can see exactly what an application is doing by looking through the source code.
richyrich wrote:Mate, Xfce, KDE, Cinnamon, etc. . . Mir is only used in the Unity desktop environment. (so far as I know)
Unity 8 will use MIr. In 16.04 I believe you might be able to install and test it but it is not the default version of Unity.
When I give opinions, they are my own. Not necessarily those of any other Linux Mint developer or the Linux Mint project as a whole.
Cosmo.
Level 23
Level 23
Posts: 17817
Joined: Sat Dec 06, 2014 7:34 am

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by Cosmo. »

What richyrich reported in the starting post has been confirmed here.
Me thinks, that the problem is related to the fact, that Mir has been delayed over and over again, so that even in 16.04 there will be X11 / Unity 7 installed by default, leaving Mir / Unity 8 only as an option, as JosephM already wrote. If have the suspicion, that the different parts of the development team have lost the communication between them, so that Snap found its way into the release, whereas Mir didn't.

When Ubuntu claims
Users can install a snap without having to worry whether it will have an impact on their other apps or their system.
than they tell only the half truth. This is only correct - as far as I can say - for the mobile version of Ubuntu, where Mir comes pre-installed, but not for the desktop version.

In any case this is not correct for all of the official and unofficial variants of 16.04, not only, but of course of special interest for Mint.
That leads to the consequence, that Snap should not get used in Mint. Better: It should get removed in Mint before the release of LM 18!
The Old Timer

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by The Old Timer »

Ok so what is snap and is it something that comes installed with installation of Ubuntu or is it something an end-user would have to install.
From what I understand Mir has to do with Unity is that correct.
Cosmo.
Level 23
Level 23
Posts: 17817
Joined: Sat Dec 06, 2014 7:34 am

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by Cosmo. »

Mir is display server.
Snap(py) is a package manager.
The Old Timer

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by The Old Timer »

Thanks will have to do some reading on these.
Last edited by The Old Timer on Mon Apr 25, 2016 6:11 pm, edited 1 time in total.
User avatar
Flemur
Level 18
Level 18
Posts: 8485
Joined: Mon Aug 20, 2012 9:41 pm
Location: Potemkin Village

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by Flemur »

I'm posting this from Ubuntu 16.04.

Code: Select all

dpkg -l *snap*
un  libsnappy1          <none>        (no description available)
ii  libsnappy1v5:amd64  1.1.3-2     fast compression/decompression library
Edit: libsnappy1v5 apparently doesn't have anything to do with software installation.

Code: Select all

dpkg -l *mir* | grep ii
ii  libmirclient9:amd64   0.21.0+... Display server for Ubuntu - client library
ii  libmircommon5:amd64   0.21.0+... Display server for Ubuntu - shared library
ii  libmirprotobuf3:amd64 0.21.0+1... Display server for Ubuntu - RPC defs
Please edit your original post title to include [SOLVED] if/when it is solved!
Your data and OS are backed up....right?
JosephM
Level 6
Level 6
Posts: 1169
Joined: Sun May 26, 2013 6:25 pm

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by JosephM »

I do wish people would read a bit more carefully before jumping to dramatic conclusions. Having the backend libraries installed that allow you to run snappy packages doesn't hurt anything. I haven't checked or tried yet but it seems like Mint18 would inherit the ability to use snap packages.

What's in question here is the sandboxing capability of snappy under X11. It is supposed to make things more secure by limiting the interaction with other things on your system. Under X11 it's apparently easier to circumvent in some cases then it would be in Mir. I don't see how running a snappy package in this case would be any less secure than running any other application that you installed on your system. Those applications already have the ability to do the exact same thing.
When I give opinions, they are my own. Not necessarily those of any other Linux Mint developer or the Linux Mint project as a whole.
User avatar
d00med
Level 4
Level 4
Posts: 374
Joined: Fri Nov 26, 2010 9:55 am

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by d00med »

It may not be less secure than .deb packages in X11, but it doesn't seem to be more secure, which is often claimed.
User avatar
richyrich
Level 19
Level 19
Posts: 9059
Joined: Mon May 04, 2009 8:31 pm

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by richyrich »

Cosmo wrote:..but of course of special interest for Mint.
That leads to the consequence, that Snap should not get used in Mint. Better: It should get removed in Mint before the release of LM 18!
+1 , thumbs up !
Cosmo.
Level 23
Level 23
Posts: 17817
Joined: Sat Dec 06, 2014 7:34 am

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by Cosmo. »

JosephM wrote:I don't see how running a snappy package in this case would be any less secure than running any other application that you installed on your system.
That is not the point. The point is, that Ubuntu says, that snap applications are isolated from the rest of the system (link in a previous post). That this is only true for Mir is nowhere mentioned there; the word Mir does not appear at all in the article.
But fact is, that mir / unity8 has to be installed by the user, it is not installed by default. And to make it worse: If you do install it, you can forget about the 5 years support period, both come from the universe repository. :x
Ark987
Level 4
Level 4
Posts: 352
Joined: Tue Apr 07, 2015 4:20 am

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by Ark987 »

richyrich wrote:
Cosmo wrote:..but of course of special interest for Mint.
That leads to the consequence, that Snap should not get used in Mint. Better: It should get removed in Mint before the release of LM 18!
+1 , thumbs up !
Let me fix it for you:

That leads to the consequence, that X11 should not get used in Mint.

X11 is the problem and all Linux distros are affected since many many years ago, that's why Mir and Wayland are being baked. Snappy packages are not the real problem.

Read again https://mjg59.dreamwidth.org/42320.html
The problem here is the X11 windowing system. X has no real concept of different levels of application trust. Any application can register to receive keystrokes from any other application. Any application can inject fake key events into the input stream. An application that is otherwise confined by strong security policies can simply type into another window. An application that has no access to any of your private data can wait until your session is idle, open an unconfined terminal and then use curl to send your data to a remote site. As long as Ubuntu desktop still uses X11, the Snap format provides you with very little meaningful security.
User avatar
richyrich
Level 19
Level 19
Posts: 9059
Joined: Mon May 04, 2009 8:31 pm

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by richyrich »

Soo, what do you suggest to replace X11 in Mint 18 ?
Cosmo.
Level 23
Level 23
Posts: 17817
Joined: Sat Dec 06, 2014 7:34 am

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by Cosmo. »

Ark987 wrote:X11 is the problem and all Linux distros are affected
So far so good. But you cannot replace a display server as you exchange your Goodyear tires with others from Pirelli. It has a reason, why Mir has another time being dropped as default for 16.04 and that it is in the universe repository with only limited support time. (Leaving open, that it would not help us with non-Unity DEs.)
User avatar
xenopeek
Level 24
Level 24
Posts: 24775
Joined: Wed Jul 06, 2011 3:58 am
Location: The Netherlands

Re: Ubuntu 16.04 has potentially serious privacy flaw !

Post by xenopeek »

The privacy flaw discussed is a problem with X11 and has been present since the dawn of time on Linux. Whether you use a snap package or have snap libraries installed is irrelevant to this issue. All that matters is whether you use X11 or not. Mir and Wayland are intended to supersede X11 and both solve this issue. Ubuntu 16.04 and Linux Mint 18 both use X11 as Mir and Wayland aren't considered ready for prime-time on the desktop by them (others disagree).

snap packages on Ubuntu 16.04 or Linux Mint 18 are an alternative package format, with some additional isolation and security features, that makes it much easier to ship newer versions of software that also needs newer versions of system libraries than are available on your system. Until they switch to Mir or Wayland, snap packages won't offer perfect isolation (because of the X11 privacy flaw issue) but certainly improved isolation and security over using .deb packages (that don't provide any level of isolation or security, and don't provide for easy and clean installation of software that needs newer system libraries).

Take a look at the description of snap packages isolation and security features summary here: https://developer.ubuntu.com/en/desktop ... into-snaps. Anybody familiar with for example firejail will recognize lots of things. Again, it won't offer perfect isolation as long as you use X11. That's a—long standing—issue of X11 and not a new issue from using snap packages or libraries...
Image
Post Reply

Return to “Chat about Linux”