search

Kicksecure / security-misc

Kernel Hardening; Protect Linux User Accounts against Brute Force Attacks; Improve Entropy Collection; Strong Linux User Account Separation; Enhances Misc Security Settings - https://www.kicksecure.com/wiki/Security-misc
https://www.kicksecure.com/wiki/Impressum
Other
479 stars 52 forks source link

fix Bluetooth readme #180

Closed adrelanos closed 6 months ago

adrelanos commented 6 months ago

Bluetooth is left enabled but users are highly discouraged from ever turning it on, due to its history of numerous security vulnerabilities. Unlike the default settings, we start the system with bluetooth turned off. We also enforce private addresses and strict timeout settings for discoverability and visibility.

Sounds like a contradiction.

monsieuremre commented 6 months ago

I do not see the contradiction. Is it the fact that we do not completely kill bluetooth but recommend not usinng it? I take that it is more likely than not that the user will need to use bluetooth at some point. But given the option, the choice should be not using it. Killing bluetooth would strip the usre of the freedom of turning it on with a button.

Maybe we can change the wording to something like:

Bluetooth is 'enabled' for the system. Unlike the usual default behavior, we start bluetooth turned off on system start and it stays that way unless the user explicitly chooses to turn bluetooth on. The user is left with the freedom to easily switch bluetooth on and off the usual way with his own discretion. We set significantly more private defaults for bluetooth connections by enforcing private addresses and strict timeout settings for discoverability and visibility. That being said, the most secure and private bluetooth connection might inherently come with risks by its nature and may be prone to exploits, as it has a history of having new security vulnurabilities often. So users are recommended to choose not to use bluetooth when given the option.

adrelanos commented 6 months ago

Bluetooth is left enabled but users are highly discouraged from ever turning it on, due to its history of numerous security vulnerabilities.

So it's enabled.

Unlike the default settings, we start the system with bluetooth turned off.

So it's turned off, aka disabled.

That seems like a contradiction?

Is it the fact that we do not completely kill bluetooth but recommend not usinng it?

That's alright.

I take that it is more likely than not that the user will need to use bluetooth at some point. But given the option, the choice should be not using it.

For sure.

Killing bluetooth would strip the usre of the freedom of turning it on with a button.

Yes. Not my goal to disable things to a level so the user cannot undo the configuration. Actually the opposite. I like the changes being documented with users having freedom and documentation available to do whatever they want despite any warnings in the documentation.

Maybe we can change the wording to something like:

Bluetooth is 'enabled' for the system. Unlike the usual default behavior, we start bluetooth turned off on system start and it stays that way unless the user explicitly chooses to turn bluetooth on. The user is left with the freedom to easily switch bluetooth on and off the usual way with his own discretion. We set significantly more private defaults for bluetooth connections by enforcing private addresses and strict timeout settings for discoverability and visibility. That being said, the most secure and private bluetooth connection might inherently come with risks by its nature and may be prone to exploits, as it has a history of having new security vulnurabilities often. So users are recommended to choose not to use bluetooth when given the option.

That sounds much better. No contradictions. Can take this one.

easily switch bluetooth on and off the usual way

How?

monsieuremre commented 6 months ago

It seems it isn't quite clear what I mean by enabled, disabled or turned on/off. Disabling bluetooth means, there is no kernel module for bluetooth. Bluetooth is something that does not exist on the system. You can't see it, set it, configure it, do anything.

Having bluetooth turned on or off means a software toggle. Literally the bluetooth turn on/off button in your GUI settings application. Normally bluetooth is 'on' when system boots up on debian. That means, it looks around and when a known device shows up, it auto connects and it is in some circumstances discoverable and/or visible and so on. Our default makes sure bluetooth is off on start. It can be turned 'on' the usual way. How? Click the bluetooth button in the settings app or on the tray and switch the toggle. It is just that. Bluetooth is turned off by default, so no vulnurability or explotation possible. It is off. But it can be turned on with one line of command or with a gui settings application in less than a second. So it is still enabled in the kernel. As in, kernel is able to use the protocol, it has the necessary modules.

adrelanos commented 6 months ago

Much more clear now. Thank you!