How secure?

Crippled · October 14, 2015, 6:28pm

I hope this is the correct place to post this. I am curious about how secure is openSUSE13.2 with the firewall left in it’s stock configuration and print file sharing disabled not using it as a server, just for regular desktop use? What information can be had or things can happen surfing the Internet?

oldcpu · October 14, 2015, 7:00pm

You are nominally safe - but not perfectly safe.

Your PC can be hacked if someone is specifically out to get you. They can do such by obtaining specific physical access to your PC, or they can do such by tricking you via email, via website redirection … If you do not use the stock repositories, but rather get your apps from another location (such as compiling source code from another unknown site) you are at risk wrt the reliability of that source. You can be tricked to giving up passwords to various sites, and indeed your surfing habits can be observed by those who have the resources to want to observe your surfing.

If you have not blocked ssh access, and if you enabled it at install, and if your root password poor, your PC can be hacked by someone coming in via ssh (assuming your router does not block such, which it may very well block).

When surfing, cookies will be deposited on your browser that can be accessed by those with the right software.

Even if you obscure your IP address using a VPN with your openSUSE, those with large resources can eventually figure out who is who in surfing. But I suspect it does take them time - and they need to decide if it worth their effort.

It really depends on what you are doing. If you are just a regular user and not doing anything out of the ordinary, then you should be nominally safe. Hackers spend more time going after Windows users than GNU/Linux users. But don’t delude yourself to think you are immune.

In summary I would say as long as you are ‘under the radar’ of the nefarious folk on the web - one is nominally ok. But garner the attention of an organization with the right capabilities - then there likely is very little defense - and this is true for all PCs/Macs OS and not just openSUSE.
.

Crippled · October 14, 2015, 7:08pm

Thank you for the through detail response. I am sure others have been curious about this and this answers this question.

hendersj · October 14, 2015, 8:15pm

On Wed, 14 Oct 2015 17:06:02 +0000, oldcpu wrote:

> If you have not blocked ssh access, and if you enabled it at install,
> and if your root password poor, your PC can be hacked by someone coming
> in via ssh (assuming your router does not block such, which it may very
> well block).

Something else worth mentioning - never, ever, ever expose remote desktop
(VNC in particular) on the Internet. There are trivial ways of breaking
the password.

Tunnel it over ssh, and only allow connections from localhost.

Jim

–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C