Re: Free Commodities Are Abused
From: Gene Cash (gcash_at_cfl.rr.com)
Date: 11/17/05
- Next message: Mike Amling: "Re: reading Public key certificates in Firefox"
- Previous message: Luc The Perverse: "Re: Looking for an encryption program"
- In reply to: Vernon Schryver: "Re: Free Commodities Are Abused"
- Next in thread: Luc The Perverse: "Re: Free Commodities Are Abused"
- Reply:(deleted message) Luc The Perverse: "Re: Free Commodities Are Abused"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 17 Nov 2005 03:24:05 GMT
vjs@calcite.rhyolite.com (Vernon Schryver) writes:
> >If Linux or Mac boxes were as popular, they'd be a problem too, just
> >maybe a smaller one. You'd see 'em running insecure services that didn't
> >need to be there, people running crap from their email, and similar.
> >
> >It's just as hard to secure a UNIX box as it is a Windows box, although
> >you can make it more secure in the end, and it's easier for the distro
> >folks to make it secure out-of-the-box.
>
> That is the standard Microsoft lie. It is a lie (although most of those
> who repeat it don't know it is a lie), because it tries to obscure a
> vital difference. Because many Windows applications do not work unless
> run as Administrator, the de facto default user account on a Windows
> box is equivalent to "root" on a UNIX-like system.
Yes, IE sucks. So does ActiveX. So does Outlook. So does the registry.
So does poorly written software that has to run as Admin. So does the
extremely poor documentation. So does Microsoft's attitude in general.
ALL software sucks. Some just sucks less. In my opinion, UNIX sucks a
whole lot less than MS, but it still sucks. Just differently.
I have about 12 years experience with UNIX, and I'm posting this (and
the original post) from a Linux box. There isn't even a Windows
partition on this box. I use Linux for all the reasons you listed above,
plus the fact that it makes this Pentium-III 450MHz look fast. I bought
my Epson printer specifically because it had good Linux drivers
available.
I also spent 5-1/2 hours this weekend trying to figure out how to make
hotplug and udevd play well together on 2.6 so that I could automount my
USB stick. There's the good and bad.
UNIX just has different problems with regards to security, and you have
to keep on top of your patches and security alerts just like with
Microsoft or anything else. It just takes one hole. People think they
can put up a box, patch it once, and not worry about it.
I'm familiar with a whole university of curious computer-science
students trying out their cracking skills. I'm also familiar with a
disgruntled set of very sharp developers trying out their cracking
skills.
Now I did say "you can make it more secure in the end and it's easier
for the distro folks to make it secure out-of-the-box" because you do
have full control over what services you're running, and usually over
the software all the way back to the source code. You also have nice
things like tcp-wrappers and tripwire if you're extra paranoid.
However, just as with a Windows box, you have to know a little about
what you're doing and have some idea of how the box usually gets
attacked.
A lot of people that are running Linux boxes these days don't.
Red Hat went through a bad period of not paying attention to security,
but they HAVE straightened up their act, and now don't install and
enable every damned possible daemon in /etc/services.
One reason the US Army's main web servers are running on Macs is because
(until recently) Apple is pretty much not on your average skr1pt-
k1dd1e's radar, and when presented with a Mac, he usually simply doesn't
know what to do. However, the Army isn't depending on just that, they've
gone over those boxes with a fine tooth comb and keep an eye on them.
Just don't be smug, dumb, and happy, and feel secure simply because
you're not running a Microsoft product.
Simply spouting "Microsoft is bad, Linux is good" is just as bad as the
other way around.
Personally I feel Microsoft is not going to do so well much longer.
People are getting more sophisticated and realizing that insecure
computers can cost them a lot of money, and DRM-friendly OSes can really
hinder what they want to do. They're beginning to give the finger to
people like Sony. I'm really happy that Sony has been forced to back
down, and I think it shows a basic and important sea-change. People used
to say "oh well, my compooter isn't fast enough to play the CD or I'm
doing something wrong" and now they say "I want to play my goddamn CD I
paid money for, bitch!!" and they forced a very large multi-national
corporation to back off. That's a very positive thing.
-gc
-- What did you do to the cat? It looks half-dead. -- Schroedinger's wife
- Next message: Mike Amling: "Re: reading Public key certificates in Firefox"
- Previous message: Luc The Perverse: "Re: Looking for an encryption program"
- In reply to: Vernon Schryver: "Re: Free Commodities Are Abused"
- Next in thread: Luc The Perverse: "Re: Free Commodities Are Abused"
- Reply:(deleted message) Luc The Perverse: "Re: Free Commodities Are Abused"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
