Windows Subsystem for Linux

If it doesn't relate to Debian, but you still want to share it, please do it here
Message
Author
User avatar
Loci.Cantos
Posts: 66
Joined: 2018-08-03 15:39

Windows Subsystem for Linux

#1 Post by Loci.Cantos »

Hi Everyone,

In the spirit of the precautionary principle...

Is anyone familiar with the data security ramifications of using Windows Subsystem for Linux (WSL) to mount ext4 and other linux system drives (e.g., "wsl --mount", etc.)?

Specifically, does this expose those devices to Windows Telemetry, Microsoft Data Collection, or any form of MS Data Scraping? If so, can you refer me to a document detailing the subsystem capabilities (I have searched but am unable to find information on this as of yet, though I am continuing to seek this information and will report back when I find it; also, I'm wondering if Mark Russinovich, et al. (Sysinternals) or others are doing any present work in detailing this area of the WSL layers).

A second part to this: It seems that, even if those capabilities are not presently built-in, they may become part of the WSL at some point in the future. Again, any knowledge or thoughts about this are helpful to everyone.

Thanks.

lc

User avatar
Loci.Cantos
Posts: 66
Joined: 2018-08-03 15:39

Re: Windows Subsystem for Linux

#2 Post by Loci.Cantos »

Below is a link to a fairly comprehensive overview for WSL. As far as I can tell, it doesn't address my specific question about MS, OS data collection function access to mounted Linux resources. I don't see that this question has received much attention within the developer and security communities.

I just want to say, I think as a baseline it would be wise to consider whether Linux ought to have first stage local and network security controls available to administrators, that are capable of superseding all Windows services. If this is not presently a project (I don't know whether it is or not), then I think it should be considered. It might possibly be subsumed into SELinux or even into more conventional Linux security features. Some team will need to address this (again, if it hasn't already been addressed).

https://adamtheautomator.com/windows-su ... for-linux/

LE_746F6D617A7A69
Posts: 517
Joined: 2020-05-03 14:16

Re: Windows Subsystem for Linux

#3 Post by LE_746F6D617A7A69 »

That's why WSL was created:
https://www.youtube.com/watch?v=Vhh_GeBPOhs
... developers are missing :lol:

... better drop the idea of developing code for Microshit - they are not going to pay a single cent for Your code, and they have already proved this after they have bought the GitHub.
Bill Gates: "(...) In my case, I went to the garbage cans at the Computer Science Center and I fished out listings of their operating system."
The_full_story and Nothing_have_changed

trinidad
Posts: 184
Joined: 2016-08-04 14:58
Been thanked: 2 times

Re: Windows Subsystem for Linux

#4 Post by trinidad »

https://www.sciencedirect.com/science/a ... 7618301944

Start here and then the bibliography.

TC
You can't believe your eyes if your imagination is out of focus.

LE_746F6D617A7A69
Posts: 517
Joined: 2020-05-03 14:16

Re: Windows Subsystem for Linux

#5 Post by LE_746F6D617A7A69 »

With all the respect, it looks like You are naive Mr Trinidad.
This topic, for sure, was not created to ask about WSL details - it was created to promote Microshit's WSL.

Today, investors are forced to buy Linux-based systems instead of Winblows - usually it's CentOS-Stream (an average-quality OS, but it is advertised by Oracle as a "wonderful" database OS - only it's impossible to generate a correct system health report for this "wonderful" (and expensive) OS :lol: ).

Anyway, You should understand that this is a cyber battle - a battle of developers - not many of them are left...

Of course, there are lot people who are able write a Calculator application which eats 10 megabytes of RAM on Android 10, instead of 20 kilobytes on Linux - that is fine, unless You'll need a more complex program ... ;)
Bill Gates: "(...) In my case, I went to the garbage cans at the Computer Science Center and I fished out listings of their operating system."
The_full_story and Nothing_have_changed

User avatar
Loci.Cantos
Posts: 66
Joined: 2018-08-03 15:39

Re: Windows Subsystem for Linux

#6 Post by Loci.Cantos »

Just to be clear.

This topic was opened because I am concerned about data scraping capabilities of the Windows operating system, and how it might affect any Linux resources that are mounted using the Windows Subsystem for Linux architecture. I specifically want to know: if I mount any of my Linux resources using the WSL architecture, will those resources remain secure as Linux resources in the Linux security paradigm, or will mounting them in the WSL architecture expose them to the risk of being violated by data scraping operations conducted in the Microsoft operating system?

*As an aside, I am baffled as to how anyone who read my post could interpret my security concern about the Windows operating system and WSL as anything other than a serious critique of that operating system, and a questioning of Linux data integrity if exposed to WSL.

I ask that my post be read thoughtfully, and that we limit ourselves and our responses to serious inquiry about learning the details and processes involved, and that affect this proposition. Thank you.

lc
Last edited by Loci.Cantos on 2021-06-23 15:17, edited 1 time in total.

User avatar
Loci.Cantos
Posts: 66
Joined: 2018-08-03 15:39

Re: Windows Subsystem for Linux

#7 Post by Loci.Cantos »

Trinidad,

Thank you for the overview and the references to the bibliography; I appreciate it. I will spend time with this reading.

lc

User avatar
Loci.Cantos
Posts: 66
Joined: 2018-08-03 15:39

Re: Windows Subsystem for Linux

#8 Post by Loci.Cantos »

Hmm. Looks like a bit of a pig-in-a-poke at the moment. A robust, parallel state analysis tool that can monitor -but also record and output- a broader set of conditions would be useful. Based on this research, as far as I can tell, the answer is: we don't really have a handle on WSL for a number of reasons, 1) Microsoft documentation is "sparse" as reported by the researchers, 2) the minimal and pico processes don't offer useful ephemeral state, execution, or trace data, 3) the process subsequently becomes one of informed but sub-optimal investigation for the researchers.

I think this situation highlights one of the problems with proprietary systems, that is, their opaque nature and closed structure. When considering the commercial model incentive for proprietary secrecy, we see the larger roadblock. It's disappointing. I hope it turns out to be more open (but I don't have high hopes). I'd like to use it, but my concern has been increased, not decreased.

Thank you again Trinidad. This was very helpful as an overview; more importantly, I now have a reference trail to a community where I can track the development as it evolves. Cheers!

lc

CwF
Posts: 1095
Joined: 2018-06-20 15:16
Been thanked: 2 times

Re: Windows Subsystem for Linux

#9 Post by CwF »

Loci.Cantos wrote: Trinidad,
Thank you for the overview and the references to the bibliography; I appreciate it. I will spend time with this reading.
Yes, very informative. Thanks

LE_746F6D617A7A69
Posts: 517
Joined: 2020-05-03 14:16

Re: Windows Subsystem for Linux

#10 Post by LE_746F6D617A7A69 »

Loci.Cantos wrote:This topic was opened because I am concerned about data scraping capabilities of the Windows operating system, and how it might affect any Linux resources that are mounted using the Windows Subsystem for Linux architecture.
Hmm, why don't You just ask the Cortana? It will provide all the answers to all Your questions, just like the Google assistant :?:

WSL is directly comparable to WINE - the rhetorical question is WHY Microshit wants to allow running Linux-based applications directly on Winblows.

Even a very simple analysis leads to a quite obvious observations:
1. No, they don't give a **** about Your EXT4 files - all of those files are already stored in the MS Teams cloud (if You are stupid enough)
2. WSL allows to hijack applications that are Linux-only, by emulating the ABI -> distros like Debian can be ignored, since the ABI is emulated by WSL -> this allows to by-pass a problem with GPL-ed applications.
3. MS have realized that most of software development processes takes a place on Linux - almost every significant business project is now developed on Linux - almost nobody cares about Winblows and about their shitty development tools which are mapping developers locations, like vscode -> MS wants Winblows to become a main development platform again, because otherwise it will become irrelevant very quickly (at least for business).
4. Microshit "loves" Linux - actually they have build their cloud services on Linux (stealing the code - as usual), and they need developers, who are familiar with Linux-based systems, and who have never seen that disaster hidden inside the windows.h header file - every professional programmer who have seen this crap just wants to immediately switch to linux - Microshit is unable even to keep consistent naming convention in the main windows header file, which is simply a mess -> this is a last minute to mask this poorly documented crap and start to use POSIX compatible interfaces.

Topics like this are helping in advertising WSL and in implementing Microshit's EEE strategy - nothing more.

Good luck.
Bill Gates: "(...) In my case, I went to the garbage cans at the Computer Science Center and I fished out listings of their operating system."
The_full_story and Nothing_have_changed

User avatar
Loci.Cantos
Posts: 66
Joined: 2018-08-03 15:39

Re: Windows Subsystem for Linux

#11 Post by Loci.Cantos »

There is an awful lot of question begging in your post LE_746... So much so that I am beginning to suspect you may actually harbor a misgiving or two where Microsoft is concerned. Say it ain't so.
Hmm, why don't You just ask the Cortana? It will provide all the answers to all Your questions, just like the Google assistant
First, I operate in Linux about 95% of the time I spend interacting with computers. Second, I don't use such promiscuous features as you suggest; I don't care for the layers of privacy violations such features instantiate. You are certainly welcome to use them as you recommend, I simply choose not to.
Even a very simple analysis leads to a quite obvious observations
Yes. Well many of us here are probably not as bright as you, friend. You will have to excuse our inability to reach you. But consider the following: the answers I seek may be neither simple nor obvious, as evinced by your own non sequitur answers, and as demonstrated by the research document referenced above -as well as many others. Q.E.D.
Topics like this are helping in advertising WSL and in implementing Microshit's EEE strategy - nothing more.
First: Microsoft owns about 76% of the desktop market; all flavors of Linux combined occupy about 2%. It is hard to comprehend an argument that claims a discussion on a narrowly subscribed technical discussion bulletin board (apologies to the excellent admins and maintainers here) -excellent though it is- is going to change that.
Second: Failing to discuss relevant technical issues removes the ability to highlight Linux's strengths, and to intelligently and productively question Microsoft's choices. It would be an absurd conclusion indeed if we were to avoid discussing important technical issues on the theory that doing so is somehow helping the Borg to assimilate everything. Frankly, it strikes me as a bit paranoid.

Finally, as far as I can tell we have no material disagreement. Let's work together to keep it that way, okay? Cheers.

LE_746F6D617A7A69
Posts: 517
Joined: 2020-05-03 14:16

Re: Windows Subsystem for Linux

#12 Post by LE_746F6D617A7A69 »

Loci.Cantos wrote:I am beginning to suspect you may actually harbor a misgiving or two where Microsoft is concerned.
It's not My "harbor a misgiving" - Microshit have clearly expressed their intentions in the CLA: they are hijacking non-GPL-ed open source projects by changing the licensing terms (stealing is slightly to strong term, because it can't be used in a court - with some exceptions).
Loci.Cantos wrote:First: Microsoft owns about 76% of the desktop market; all flavors of Linux combined occupy about 2%.
Ahh, so thats the point! ...unfortunately You don't get what is this all about:
Big Money are in BigData and in Servers - Microshit is nearly non existing on this market - that's why they have suddenly started to "love" Linux. Unfortunately (or fortunately - depending on the point of view) they don't have the developers - WSL has been created for this single reason.
Loci.Cantos wrote:First, I operate in Linux about 95% of the time
Yeah... ;)
WSL is a Microshit products which can be used only on Microshit Windows, and its main components have closed source (so nobody besides Microshit can tell what is this software doing...)

It's rather obvoius that Debian Users don't need WSL, just like Windows users don't need WINE.
Microshit's WSL deficiences should be discussed on a Winblows forums, just like WINE topics are discussed on Linux forums.

By definition Linux User don't use Winblows to run Linux applications trough the ABI emulator and vice versa.

IMO this thread should be locked after Your 1st post - just like other threads related to Microshit products and the Windows OS.

Regards
Bill Gates: "(...) In my case, I went to the garbage cans at the Computer Science Center and I fished out listings of their operating system."
The_full_story and Nothing_have_changed

User avatar
Bloom
Posts: 363
Joined: 2017-11-11 12:23

Re: Windows Subsystem for Linux

#13 Post by Bloom »

It's wat MS does best. Stealing code and claiming it as their own, and Embracing, Extending and then Extinguishing everything that may actually compete with them.

User avatar
Loci.Cantos
Posts: 66
Joined: 2018-08-03 15:39

Re: Windows Subsystem for Linux

#14 Post by Loci.Cantos »

LE_746F6D617A7A69

We're not here to solve issues about your childhood psychic injuries or your personal emotional entanglements regarding Microsoft. Rather, we're trying to define a technical matter. Please try to separate your personal feelings from the technical question at hand. Your personal misgivings regarding the Microsoft Corporation not withstanding, we're trying to productively -you know, professionally- solve a problem about Linux security when Linux resources are exposed to the Windows operating system through WSL. The question is will they become vulnerable, and if so to what degree, and what is the roadmap of vulnerability going forward? Can you see how these questions have nothing to do with your personal emotional state or how you relate to Microsoft? If you want to explore personal emotional issues of that nature, you should note that most of us here are not qualified to help you with them; though, there are other professionals whose job it is to help you work through such issues. For this, I wish you the best of luck!

Meanwhile, here on this thread, we're attempting to get answers to the first step of a question: the specific operating parameters and the ramifications of the act of mounting any Linux resource using the WSL architecture: Will those resources remain secure as Linux resources in the Linux security paradigm, or will mounting them in the WSL architecture expose them to the risk of being violated by data scraping operations conducted in the Microsoft operating system?

I have not seen you offer a productive contribution to these questions. If you have productive contributions they are welcome, if not your comments here only serve to make this thread unnecessarily cumbersome to navigate.

lc

User avatar
oswaldkelso
Posts: 1306
Joined: 2005-07-26 23:20
Location: UK
Been thanked: 1 time

Re: Windows Subsystem for Linux

#15 Post by oswaldkelso »

Hi Everyone,

In the spirit of the precautionary principle...

Is anyone familiar with the data security ramifications of using Windows Subsystem for Linux (WSL) to mount ext4 and other linux system drives (e.g., "wsl --mount", etc.)?
I'd have thought it pretty obvious that "In the spirit of the precautionary principle" if you can't see the source code you can't trust it. Surely the data security ramifications of using Windows Subsystem for Linux is the "Windows" bit. If you can't see that words fail me. Your horse is dead stop flogging it, better still get a new horse. You will never be able to trust closed source software or closed source hardware because of their very nature.

IMHO you've fallen at the first step, a step that can't be fixed so everything else is pissing in the wind whilst facing it.
Free Software Matters
Ash init durbatulûk, ash init gimbatul,
Ash init thrakatulûk agh burzum-ishi krimpatul.

LE_746F6D617A7A69
Posts: 517
Joined: 2020-05-03 14:16

Re: Windows Subsystem for Linux

#16 Post by LE_746F6D617A7A69 »

Loci.Cantos wrote:we're trying to productively -you know, professionally- solve a problem about Linux security when Linux resources are exposed to the Windows operating system through WSL
We? - that's interresting.. Who is "We" ?
Your "professionalism" is apparently a fake - You couldn't find the existing answers using Google - but maybe this is because You have tried to use the Cortana ...

I've already provided an answer to all Your questions regarding WSL in my previous post: WSL is mostly a closed source product, so nobody besides Microshit can tell what is this software doing. -You should try Microshit support forums ... but on the other hand, how can You trust them without having the source code?

WSL has nothing to do with Linux security
WSL is emulating the Linux kernel, just like WINE is emulating the windows kernel - WSL just can't expose any linux vulnerabilities, because it does not use the Linux kernel - it's obvious that You don't understand what the word "Linux"means.
(A Linux user for 95% of time - nice try, Mr Troll)

Debian Users (or the Linux Users in general) don't use WSL - You're spamming this forums with a thread related to a Microshit product, which has nothing to do with Debian or the Linux kernel.

It's a wrong forum for Microshit trolls.

Good Luck
Bill Gates: "(...) In my case, I went to the garbage cans at the Computer Science Center and I fished out listings of their operating system."
The_full_story and Nothing_have_changed

User avatar
Loci.Cantos
Posts: 66
Joined: 2018-08-03 15:39

Re: Windows Subsystem for Linux

#17 Post by Loci.Cantos »

I find the lack of technical curiosity on this thread disturbing. It strikes me as a deeply impoverished view of what is necessary for development and communications architectures in modern distributed systems computing environments. I am disappointed.

User avatar
Bloom
Posts: 363
Joined: 2017-11-11 12:23

Re: Windows Subsystem for Linux

#18 Post by Bloom »

We want technical innovation, but not when it's done "for Linux" by Microsoft with closed source. That's typical Microsoft EEE (Embrace, Extend, Extinguish).

WSL cannot be secure. If you're running Linux code inside Windows, it is as secure as Windows is. So not at all.

CwF
Posts: 1095
Joined: 2018-06-20 15:16
Been thanked: 2 times

Re: Windows Subsystem for Linux

#19 Post by CwF »

Forums in general are more informative to the sociologist than on the subject of the forum.

It's interesting to me how effective MS can be in a short period of time. Unrelated to this topic but relevant to the point - Apple is going through yet another architecture change. Unthinkable decades ago, the new reality is an entirely new eco system (hard and soft) could be established in the blink of an eye. Linux's on the other hand evolves in an organic way (undirected) at a geological pace. Interesting to this point is a geological debate about the nature of change - is it slow and steady or is it catastrophic.

Overall, the ability for WSL (host) to scarf data on a subsystem (guest) is not a nefarious goal of some kind but a simple technical reality. Flip it, the windows guest can be scraped running under a linux host. Any guest is vulnerable under any host. It's the other direction that is the point - the host is safe from the guest.

So obviously, my host are Debian.
...and it just occurred to me - I suppose it is possible to nest a windows guest and then run linux there, and scrape the scraper?

User avatar
Loci.Cantos
Posts: 66
Joined: 2018-08-03 15:39

Re: Windows Subsystem for Linux

#20 Post by Loci.Cantos »

Hi CwF,

Thank you for your post. I agree with your assessment of forums in general.

I'm presently running one Debian build, one Ubuntu Build, and one W10 build. I was back in school for 10 years ('08-'18) and the 'nix (Solaris, AIX, RHat, SuSE) rust was thick on me. Over the past few years ('17-present), I have used the ease of Ubuntu as a segue platform to rebuild my rusty old 'nix skills and to get more familiar with Debian specifically. Since these are nearly identical platforms, it's worked out well.

The only reasons I still have the W10 is because there are still some apps. I am using. But I can make this break easily once I get my webdev app ducks (Linux webdev chops) in a row (mostly, I need to find Linux replacements for the CS/CC suites, CS6 and Cloud, especially a dw replacement).

However, it's also true that my wife and I sometimes collaborate and she's a W10 person. She's not worked in the computer field and there is a learning curve I'm not sure she's willing to overcome (it's a "the devil you know..." kind of thing for her). I'm working to get her to appreciate Ubuntu which I think would be a good build for her, and she is definitely warming to it. When I showed her the layers of what MS did with W10 to violate user privacy, then explained that W11 will be far worse, she didn't expect that and it made Ubuntu more appealing to her; time will tell if she's able to overcome her reservations. When we work together in my office on my machines though, we work in mostly W10. Sometimes we work in Ubuntu because she's beginning to like it which I take to be a good sign.

So, we're in the process of migrating to Linux. I have only those few app. replacement issues to resolve to complete my migration; her migration will likely happen but it will take a bit longer.

My question was mostly intended to address whether I can -or should- use WSL to access my Linux resources from W10. This would give me the ability to seamlessly use ext4 or Btrfs on all of the drives instead of using ntfs for some of them. But there are other convenience reasons as well. Based on the documentation I've read (Trinidad's drop on this thread was particularly useful), I'm quickly concluding that this is not a good idea.

Post Reply