Re: Community responsibility and abuse (2): the case of top-

• Previous message: Sonoman: "ndiswrapper looking for ghost kernel"
• In reply to: Jan Stedehouder: "Re: Community responsibility and abuse (2): the case of top-"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Fri, 09 Apr 2004 03:39:08 GMT

Jan Stedehouder wrote:

> Op Wed, 07 Apr 2004 08:12:42 +0000, schreef Matt:
>
>
>>>>
>>>> Granted, OE has the worst security reputation. It has perhaps been
>>> the most challenged piece of software ever. However, this does not say
>>> anything conclusive about the security of -let us say- KNode or Pan.
>>> Unchallenged or less-challenged does not imply security. It may simply
>>> mean: not yet interesting enough to challenge.
>>
>> Ahhhhh, true FUD!!! Without ANY evidence of ANY security problems you try
>> to raise FEAR that there MIGHT be security bugs, Uncertainty that the
>> might not have been "challenged" enough.
>>
>> I can point to SPECIFIC problems with OE. PLEASE PROVIDE EVIDENCE OF ANY
>> SECURITY ISSUES WITH KNODE OR PAN.
>>
>>
>
> Yes, I will answer your post, but I don think you will like the answer.

I rarely like the answers from trolls. I'll bet you don't find any spacific
evidence that Linux is anywhere near as insecure as windows.

>
> To start with: the fact that someone uses OE is insufficient evidence that
> that specific user is a security risk. The security of programs in general
> is based on (at least, no doubt there are more):
> 1. the code: unsecure code makes unsecure programs
> 2. the user and the way he/she has configured his/her OS and implemented
> security features.
>
> The problem with Windows and OE is, that they hardly challenge users to
> implement security features or even be aware of them.

Wrong. Windows is INSECURE, 24 UNPATCHED security holes in Internet Explorer
ALONE!

http://www.safecenter.net/UMBRELLAWEBV4/ie_unpatched/

Obviously you do not understand the extent to which MS has missled you.
Since MS claims that IE is intergal to the OS, those 24 un pached holes are
part of the windows OS.

Still no "spacific evidence that Linux is anywhere near as insecure as
windows."

>
> Linux -in general- does challenge users to learn, which is exactly the
> reason why I love the OS.

It is NOT a matter of LEARNING. No amount of LEARNING will FIX the security
holes left in MS software. No amount of LEARNING will FIX the stupid
begin bug in OE.

Still no "spacific evidence that Linux is anywhere near as insecure as
windows."

> However, early-adopters will not always be aware
> of the security issues involved.

But they will not be plagued with 24 unpapatched security holes. Never mind
that because Linux comes with superior security settings by DEFAULT the
early adopters of Linux are far better off that the newbies to Windows with
its, insecure security settings.

Still no "spacific evidence that Linux is anywhere near as insecure as
windows."

> Sadly, I have heard many a times someone
> saying/ writing: "I am safe, because I use Linux".

Not from me. How ever, what I am hearing here is some troll seeming to say
that they are no safer with Linux than windows. While they are NOT safe
with Linux, the are a whole lot better off with Linux.

Still no "spacific evidence that Linux is anywhere near as insecure as
windows."

> But think for instance
> about Mandrake, which allows you to install without a root-account.

Install WHAT? The OS? So does windows.

Still no "spacific evidence that Linux is anywhere near as insecure as
windows."

> The
> growth to user-friendliness in order to cater the wants of new migrants
> from Windows to Linux brings new risks. Xandros and Lindows are
> beautifully tuned distro's, but they hide a lot of key features when it
> comes to security issues.

They are not the whole of Linux. Since you are the one that does not like
JUDGMENT, it seems strange that YOU are now judging the WHOLE of Linux by
just a couple of distros. I smell a judgmental hypocrite.

Still no "spacific evidence that Linux is anywhere near as insecure as
windows."

> Distro's like Fedora, Mandrake and SuSE are
> somewhat better, but are new migrants aware of all the things they can and
> need to do in order to make their box secure? In sincerely doubt that,
> therefore the need to educate them.

You should read up on Mandrake msec. Try installing Mandrake setting the
security level to "paranoid", then see if you can find any insecurities in
the settings! This is done quite simply in the Mandrake Control Center.

You really should learn what you are talking about BEFORE YOU START
TROLLING.

Still no "spacific evidence that Linux is anywhere near as insecure as
windows."

>
> As far as specific code is concerned, there is sufficient literature
> around that states that software written for Linux is not automatically
> more secure.

Find me a source where it shows that ANY Linux application has 24
unpapatched holes, Like Microsoft IE:

http://www.safecenter.net/UMBRELLAWEBV4/ie_unpatched/

Many of these holes have been open for quite some time.

While you have to TROLL your "there is no evidence that Linux is more
secure" I can show that MS IS indeed insecure. If you want to try to troll
that Linux is as insecure as MS, SHOW EVEDICE that any Linux distribution
has any application with 24 UNPATCHED security holes, like MS IE.

Still no "spacific evidence that Linux is anywhere near as insecure as
windows."

> It can be due to the possibility of peer-review and that is
> being done as well. But here again we come to the weakest link: the user,
> who has to implement patches and updates. And even with a fully aware and
> consistent user, you can not rule out security breaches (the security
> breach of Debian being a case in point).

I feel confident that the holes in Linux are being patched. The same can not
be said for Linux. While Linux may not be perfect, it is a whole lot better
than windows.

Still no "spacific evidence that Linux is anywhere near as insecure as
windows."

>
> That brings me to my final argument. OE is interesting to be challenged
> due to a large number of users, many of whom do not implement all security
> features. A rapid growth of new Linux users (most of whom will think and
> act the Windows way) will make it more attractive for virus writers and
> script kiddies to target Linux. And only when that happens we will see
> whether KNode or Pan are inherently more secure than for instance OE.

Ah, the old It is challenged so much troll. It is not the fact that it is
challenged so much, it is the fact that executables come as executables in
MS software AND the fact that it is so easy for the user to run the virus,
in many cases it is done automatically. That is the problem with MS.

With Linux, if I don't want my users executing downloaded applications, I
don't give them access to chmod, compilers and archive extraction software.
Nobody on that system would be able to run an Email virus even if they get
it.

Still no "spacific evidence that Linux is anywhere near as insecure as
windows."

>
> So, I am not raising fear, but encourage awareness.

Yes, By allowing to address your FUD, the awareness of the UNPATCHED
WINDOWS OS security holes has been raised to new levels and the awareness
of your trolling has been raised. People are more aware that you are
clueless to the security features in Linux distributions.

>
> Jan

But you are right, I do not like your response because I do not like trolls
that are trolling and spreading FUD.

Still, I thought you claimed that you could tell us "spacific evidence that
Linux is anywhere near as insecure as windows." I see nothing but vauge
unsupported claims, many of them as false as they come.

And I guess you were telling a lie when you claimed that you were PLONKING
me. Guess it was to much to hope that you were capable of telling the
truth.

• Previous message: Sonoman: "ndiswrapper looking for ghost kernel"
• In reply to: Jan Stedehouder: "Re: Community responsibility and abuse (2): the case of top-"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]