An easy-to-use security-center in ubuntu

Registered by tbds on 2010-06-14

A centralizing, easy-to-use security-center for ubuntu, that breaks with the todays patchwork of security software under ubuntu for the benefit of security enhancement of technically less skilled users, as an ethical responsibility of technically skilled hackers towards them.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
None
Direction:
Needs approval
Assignee:
None
Definition:
Approved
Series goal:
None
Implementation:
Not started
Milestone target:
None

Related branches

Sprints

Whiteboard

Here is some outcome of the discussion on the ubuntu-hardened list, which took place a few weeks ago (should be understood as an open list):
________________________________________________________________
1) Summarized insights & conclusions on the issue of a security center in Ubuntu:
________________________________________________________________

1. Trust SELinux despite its NSA history, because Linus audits the code (Sir Conquer)
2. Documentation / Wiki is important before a GUI, that also goes beyond the already implemented default security features in ubuntu, because a little technically understanding of functionalities is needed prior to recognizing security problems and taking action (Kees Cook and Christopher Warner)
3. Technically less skilled users could benefit from an easy to use GUI of a „security-center“, combined with an excellent, eye-catching documentation → Psychology!
4. Existing security oriented distributions are no appropriate alternatives, because for example BackTrack Linux runs as root permanently, etc.
________________________________________________________________
2) What information should a documentation provide?:
________________________________________________________________

1. LVM encryption
2. Creation, alternation and usage of secure passwords with different security levels
3. Risks of monopolists services (email, social networks, search engines, etc.)
4. Installation, usage, risks of tor, privoxy, ntp
________________________________________________________________
3) What features should a security-center provide?:
________________________________________________________________

1. Password strength tester (maybe with an updatable online database to check password-lists and international dictionaries → blackhats already have those lists for bruteforce attacks)
2. Starting a popup, telling the user the risks of running as root at the moment
3. moblock for ip-list blocking (maybe also for blocking known insecure tor exitnodes)
4. tripwire for integrity
5. aide for file changes
6. logcheck
7. checksecurity
 8. denyhosts
9. Email aencryption like Enigmail or Seahorse
10. Bleachbit for deleting log, temp and chache files, etc.
11. Deborphan for deleting obsolete
12. Wipe to delete files safely (maybe implemented by default in the context menu)
13. User-agent and language switcher for Webbrowsers (Firefox, Epiphany)
14. Permission check, using information provided by apt to identify changes to system files
15. Check whether a keylogger is running (like lkl)
16. rkhunter / chkrootkit for rootkits, backdoor, exploits
17. John and rainbow tables
18. ClamAV / clamtk
19. Truecrypt for easy encryption of containers
20. GUFW Firewall (sudo gufw status) / iptables / port management
________________________________________________________________
4) References:
________________________________________________________________

1. https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened <email address hidden>
2. http://www.debian.org/doc/manuals/securing-debian-howto/
3. https://wiki.ubuntu.com/Security/Features#Matrix
4. http://packages.ubuntu.com/de/karmic/denyhosts
5. http://www.debuntu.org/intrusion-detection-with-aide
6. https://help.ubuntu.com/community/MoBlock
7. http://brainstorm.ubuntu.com/idea/1282/
8. http://brainstorm.ubuntu.com/idea/19648/
9. http://www.nongnu.org/tiger/
10. http://savannah.nongnu.org/project/memberlist.php?group=tiger
11. http://savannah.nongnu.org/projects/tiger
12. https://lists.ubuntu.com/archives/ubuntu-hardened/2010-April/date.html
13. http://brainstorm.ubuntu.com/idea/25135/

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.