General and specific questions

Hi all,

As there’s no security devoted sub-forum, I’m going to put this here.
I’m looking into openSUSE as a replacement for Ubuntu. So far, I like it a lot.
I have one general question that I can guess the answer to, but will ask anyway for good measure:

In Windows world, it’s standard for the OS to “phone home” on multiple occasions, for multiple reasons and to send all sorts of info during those “calls”.
Are there any occasions when openSUSE would initiate a connection anywhere, for any reason? User initiated/scheduled (update) activities excluded, of course.
For example, Firefox has a great list detailing what connections might be initiated by the software at Firefox makes unrequested connections | Troubleshooting | Firefox Help

Is there a similar list for openSUSE? If that seems paranoid to some, keep in mind that the OS with a market share of over 75% does that all the time. To me, this is unacceptable in principle. The owner of the computer must retain full control of their system and no OS maker should feel free to do whatever they want.

Another smaller question is has Security Announcement been fixed for knetworkmanager? Or are there no issues to be expected when using nm-applet in KDE?

By default openSUSE runs a program to detect updates which checks the repositories you have enabled but you can disable this and use YaST>Online update at a time of your choosing. Not being a Firefox user, I cannot answer for Firefox.

I have not encountered any issues with knetworkmanager but then my use of it is fairly limited.

And to add to John mentioning update checking. Even when you have this on (which many people haven’t, being it only because they do not like apper), it will only check information available on the repos against information on the system. It will not send information from the system to the repos.

On 01/09/2012 07:36 AM, MypDi wrote:
>
> Are there any occasions when openSUSE would initiate a connection
> anywhere, for any reason? . . .

when you say “openSUSE” i assume you mean a released version default
install; fully updated with all security patches; properly administered;
without any added applications, scripts, executables or
compiled/installed source which didn’t come crypto-signed, trusted
source, and were checked as genuine and untampered with prior to
install/use; and no local customizations or configuration changes which
denude standard security configurations and practices in any way…

so, that openSUSE can be trusted…

of course, it should be behind a NATing hardware router/firewall, have
routine security aids like (for example) Rootkit Hunter and/or Tripwire,
and have strong passwords for root and each user…

> keep in mind that the OS with a market share of over 75% does that all
> the time.

keep in mind that this is neither that software nor anything like it.

and, the greatest threat to my system security is currently typing.


DD http://tinyurl.com/DD-Caveat
openSUSE®, the “German Engineered Automobiles” of operating systems!

Thank you for the answers. Yes, I was asking about the OS itself, user errors excluded. As I mentioned in my first post, I could suspect this much, but it’s good to get some verification.

Generally speaking, what is the appropriate place on the forum to post about security related issues?

depends a bit on the under;ying subject. When it si about network security, I would go to Networking. Install/Boot/Login coul;d be the place becaus much security depends on how and waht you iinstall. But I guess that you have enough sound ideas when it comes to such a case.

On 01/11/2012 11:56 PM, MypDi wrote:
> Generally speaking, what is the appropriate place on the forum to post
> about security related issues?
>

a great philosophical question almost perfectly suited for this forum
(but probably most correctly asked and answered in the forum named “How
to use the forums?” and described as “Questions on using forum software
and/or requesting information about the forums” here
http://tinyurl.com/5ta27yb

but, i’ll give you my philosophical answer here, and if you want an
authorative answer you can begin a thread over there (or and i highly
recommend this: you might search the forum for previous threads on the
subject of (like) “Lets have a security forum?”)

so, you asked “generally speaking” and first i will answer
“specificially speaking”:

if you have a security question like: How do i use YaST to tune Novell’s
AppArmor for maximum effect? then, AppArmor is an application and the
question goes to ‘applications’ forum…

but, if you have a security question like “HELP, I’m getting strange
messages in my firewall log (/var/log/firewall) saying some IP inside
UnTrustedLand keeps trying to log into my system, what do i do?” then,
that is (imo) a networking question and goes to http://tinyurl.com/4nk8692

but if it is “What can i do in YaST or Network Manager to keep my
neighbor from breaking into my wi-fi stream and downloading kiddieporn?”
then that security question goes to the wireless networking forum here
http://tinyurl.com/4lq2s9z

or, if you have a question like: “I see that a spanking new Kernel said
to be filled improved security measures has just shown up in the
Tumbleweed repo, should i close my eyes and just go for it?” that one
should go to http://tinyurl.com/3ljwanm

and, if it is “What security enhancements do we expect from 12.2?” or,
is AppArmor any better in the 12.3 Milestone 2 release?" that goes to
the beta forum http://tinyurl.com/2du7r4s

but, if it is a general question like any of the following, they are not
openSUSE specific questions, and the answers are probably best found in
more general text books, blogs, security discussion groups and etc…

Which is innately more secure secure Mac, Windows or Linux?

What does “strong password” mean, and how do i make one?

This is my machine! Why do I need to have both a root password and my
password?

How can i keep people from reading my emails?

Why is it not a good idea to run my browser as root?

What is the best way to have a secure computer?

Which is the most secure: Firefox, Opera, Seamonkey or Chrome?

Should i use telnet or SSH?

but, all of the are my opinion–you will find folks with different ideas…


DD http://tinyurl.com/DD-Caveat http://tinyurl.com/DD-Hardware
http://tinyurl.com/DD-Software
openSUSE®, the “German Engineered Automobiles” of operating systems!

On 2012-01-09 07:36, MypDi wrote:
>
> Hi all,
>
> As there’s no security devoted sub-forum, I’m going to put this here.
> I’m looking into openSUSE as a replacement for Ubuntu. So far, I like
> it a lot.

There is a security mail list, though.

> Are there any occasions when openSUSE would initiate a connection
> anywhere, for any reason? User initiated/scheduled (update) activities
> excluded, of course.

Updates. It checks daily to see if there are updates. It does not send
data, requests it.

Smolt. If you have it installed, it has a cronjob to update the profile.
Some versions ago smolt was installed by default, and smolt does send data
about your machine (after asking you).

> Is there a similar list for openSUSE? If that seems paranoid to some,

Not that I know. But there are applications that may do that, I mean,
connect somewhere. Let me see… for example, if you install the google
talk plugin, it installs a cron job to make sure that you have the google
repo activated, and check the version, probably. I consider this cronjob
intrusive, so I have another cronjob to delete it.

If you do ripping of CDs, the application may query an online database to
get data such as the author, genre, tittle… or upload such data.

After an application crashes in gnome or kde, a bug collector can send data
to the developers, but it asks first.

Many applications can do that (connect), but at least in Linux most things
are opensource and anybody can check what they do.

> Another smaller question is has ‘Security Announcement’
> (http://tinyurl.com/7l3t8xx) been fixed for knetworkmanager? Or are
> there no issues to be expected when using nm-applet in KDE?

That’s a very different question, which you should ask in the networking
forum. I understand it is a technical question.


Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 “Celadon” at Telcontar)