|
Here are the most popular ideas ever about Ubuntu. |
|
|
|
|
|
|
|
Ubuntu system online encryption and management key.
|
|
Written by cracken226 the 18 May 09 at 19:06.
Global category: System.
New
|
|
Online stored system key for use by system, so every Ubuntu installed system, going online, will be unique, user as well, so better experience for Ubuntu community will bring more informations about system usage, if possible and secure, by system keys, user interactivity. Firewall, emails, documents, files, can be signed automatically.
|
|
|
Software center asks for password too often
|
|
Written by snostorm the 27 Oct 09 at 15:01.
Related project: Ubuntu Software Center.
New
|
|
If you go to install something via the software center, it installs it system-wide, which of course requires a password.
Now this is obviously annoying, but would also seem to also cause a security risk; if the user gets used to entering his password at any point, he may enter it when he has no idea why the dialog is there, allowing malware to get root access.
Of course, the password dialogs are a necessary part of security. But everything in the default repositories is known to be safe, and a password is required to add non-standard repos.
|
|
|
Forbid control characters in file names
|
|
Written by John Wiersba the 9 Dec 10 at 18:46.
Global category: Security.
New
|
The possibility of bad file names makes writing bulletproof scripts very hard and is the cause of many security holes.
See http://www.dwheeler.com/essays/fixing-unix-linux-filenames.html for David Wheeler's long description of why/how to do this. Section 11 talks about some strategies for implementing this.
This is an idea that really needs to gain a toehold somewhere - no better place to start than in Ubuntu. Make Ubuntu a testbed for fixing the things wrong with unix/linux! Fixing file names is one very important place to start.
|
|
Vino (Gnome VNC) Needs better security than 8 character passwords
|
|
Written by mikedep333 the 23 Sep 09 at 22:18.
Related project: Vinagre Remote Desktop Viewer.
New
|
|
The ancient protocol behind the VNC remote desktop system, RFB, only supports passwords 8 characters long. This means that any password is easily brute forced unless you use other criteria to make it secure (eg a mix of special characters, upper/lowercase letters and numbers.) This is the way that Vino, the GNOME VNC Server (System > Preferences > Remote Desktop,) and Vinagre, the GNOME VNC client, work for password authentication. (Vino also lets the local users manually approve connections.)
|
|
|
Provide assurance to new users that Linux has a good anti-malware system
|
|
Written by shane.halloran the 20 Feb 09 at 23:21.
Global category: Security.
New
|
|
This is a mareting idea as much as a security one, but nonetheless is worth considering. I know that Linux doesn't need an AV system, but the option of having one would assure new users. It would also be useful to other users to have a mature, easy-to-use and reliable scanning system available if viruses ever become a problem on Linux. We must not be too complacent!
|
|
|
Portable network connections
|
|
Written by timnwells the 28 Apr 09 at 05:51.
Related project: Network Manager.
New
|
|
It is often handy to be able to connect to remote computers / networks via vpn or wifi such as work or home. Network manager can handle this easily, but what happens if you want to give someone temporary access to your wifi, or connect to your home vpn from someone else's computer.
If a vpn or wifi connection could be saved to a file then when run on another machine could make use of the defined connection until it was disconnected (or the session ended). No details about the connection or its security settings are retained by the host machine.
|
|
|
|
|
|
