
// Development
Pros and Cons of Subgraph Solutions (Subgraph Developers)
// Development
Here we will describe the operating system and other Subgraph products. Furthermore, we will discuss the pros and cons of Subgraph solutions for development.
Subgraph is an operating system that focuses on enhanced security and privacy. It exploits sandbox containers and other technologies to limit the access permissions to programs and protect the user data from hackers and harmful software. We will tell you the way the Subgraph security system works, its safety characteristics. Moreover, we will take a look at the disadvantages and disadvantages of Subgraph solutions.
More information: | |
OS Type | Linux |
Based on | Debian |
Origin | USA |
Architecture | x86_64 |
Desktop | GNOME |
Category | Desktop, Live Medium, Privacy, Security |
Status | Active |
Subgraph developers emphasize that their project is the very first solution that provides instruments for privacy and security and maintains a high level of comfort. The desktop environment is powered by GNOME, a general distribution Debian by Linux is responsible for security. It offers a range of functions, like private web sessions, and enhanced protection.
The core of Subgraph functions on grsecurity / PaX (a patch for protection against exploits and elevated privileges) and RAP (an instrument designed to prevent attacks on the core and to fight modern methods of exploitation). The key feature is the Oz sandboxes that strongly limit the rights of these applications.
The other significant security functions of Subgraph are:
Subgraph uses Oz, which is quite similar to Firejail. It uses a remarkable service to receive inquiries to run or create the sandboxes, Xpra’s X-server, and other noteworthy instruments. To isolate the applications on Oz, the service itself applies the namespaces. In addition, it introduces other limitations to the software by the mechanism of core security — seccomp-bpf.
The application communicates within the sandbox with a graphic subsystem on a virtual Xpra’s X-server. The server is run in each sandbox: Subgraph X-server connects to the Xpra and broadcasts the application on the screen. This is important since the graphic applications in sandboxes are usually run through an X-server /tmp/.X11-unix/X0 directly into the sandbox, which allows the hackers and viruses to broadcast their own image on the screen. Moreover, it allows them to take control over the mouse and keyboard, to get access to any window of other applications that are working. And finally, they can trace the input devices. Subgraph does not have this issue.
Generally, the application boot in a Subgraph environment goes the next way:
Launching process scheme in Subgraph environment. Source
If an application that uses the sandbox to function is hacked (to wit, the system found out that the application interacts with files, processes, and devices without permission), it will not be able to leave the sandbox and harm the main system. The information is safe, too, since the hacker can only get access to the application configs and cache. For example, if you use PDF Evince to view the file, the application will get access only to the very document and nothing else.The security architecture design of a Subgraph operating system. Source
Tor proxying. The second significant feature of the Subgraph security system is proxying the outgoing traffic through Tor (The Onion Router).By default, Tor does not support this configuration, it simply works as a SOCKS proxy, so to say it requires the software to be compatible with SOCKS, the users set the application proxying through Tor on their own.
However, the Subgraph team applied Metaproxy to overcome this limitation. Metaproxy redirects the traffic to the needed HTTP address or SOCKS-proxy (in our case to Tor), another simple firewall algorithm receives the traffic at the Metaproxy port. The only exception goes for websites that complete the authentication of public Wi-Fi networks.
A window with Subgraph firewall settings
As the main internet browser, the platform uses a regular Tor Browser. This is the only Subgraph application that uses Tor proxying directly, the rest just transfer the traffic to Metaproxy. ICMP (Internet Control Message Protocol) transfers are forbidden, so Subgraph is not responding to pings and does not allow to ping another host.System and core security. Subgraph operating system is also enhanced by PaX and Grsecurity. PaX is a set of OS updates that fix the gaps in the Linux security core. These gaps were usually related to buffer overflow and memory corruption flaws in applications and the core, namely. Grsecurity is a set of patches, which fixes the gaps in memory corruption. Furthermore, Grsecurity introduces the following security measures:
Safe mailing services. The operating system uses the Subgraph Mail application. It is integrated with the system’s encryption instrument OpenPGP. The other Subgraph Mail feature is that even if a part of an application is hacked, the hacker still will not have access to other mails and encryption keys. Moreover, Subgraph Mail has consciously not support web browsers so that the possibility of web exploits from emails is impossible.
Trusted boot. Subgraph OS also offers alternative technologies of the trusted boot. Normally, an encrypted uploading section with a digital key, a RAM disk, and file systems are used for this purpose. The Subgraph has the technology, where packers should be compared to binary files in the list of OS packets. As a result, the platform is safe from fake and harmful uploading packets.
Subgraph operating system is usually used when enhanced security and privacy are vital. For example, in server systems, retail sales, logistics, financial services, etc. Subgraph OS is simply the basement, where necessary solutions are added. It may be a common safe messenger or a CRM-, ERM-, POS-system.
Other advantages of Subgraph, as a platform for application launch, are:
These are the disadvantages of Subgraph products: