Re: Community responsibility and abuse (2): the case of top-

From: Matt (not_at_chance.org)
Date: 04/09/04

  • Next message: Matt: "Re: Community responsibility and abuse: the case of mr. Koehlmann"
    Date: Fri, 09 Apr 2004 03:39:08 GMT
    
    

    Jan Stedehouder wrote:

    > Op Wed, 07 Apr 2004 08:12:42 +0000, schreef Matt:
    >
    >
    >>>>
    >>>> Granted, OE has the worst security reputation. It has perhaps been
    >>> the most challenged piece of software ever. However, this does not say
    >>> anything conclusive about the security of -let us say- KNode or Pan.
    >>> Unchallenged or less-challenged does not imply security. It may simply
    >>> mean: not yet interesting enough to challenge.
    >>
    >> Ahhhhh, true FUD!!! Without ANY evidence of ANY security problems you try
    >> to raise FEAR that there MIGHT be security bugs, Uncertainty that the
    >> might not have been "challenged" enough.
    >>
    >> I can point to SPECIFIC problems with OE. PLEASE PROVIDE EVIDENCE OF ANY
    >> SECURITY ISSUES WITH KNODE OR PAN.
    >>
    >>
    >
    > Yes, I will answer your post, but I don think you will like the answer.

    I rarely like the answers from trolls. I'll bet you don't find any spacific
    evidence that Linux is anywhere near as insecure as windows.

    >
    > To start with: the fact that someone uses OE is insufficient evidence that
    > that specific user is a security risk. The security of programs in general
    > is based on (at least, no doubt there are more):
    > 1. the code: unsecure code makes unsecure programs
    > 2. the user and the way he/she has configured his/her OS and implemented
    > security features.
    >
    > The problem with Windows and OE is, that they hardly challenge users to
    > implement security features or even be aware of them.

    Wrong. Windows is INSECURE, 24 UNPATCHED security holes in Internet Explorer
    ALONE!

    http://www.safecenter.net/UMBRELLAWEBV4/ie_unpatched/

    Obviously you do not understand the extent to which MS has missled you.
    Since MS claims that IE is intergal to the OS, those 24 un pached holes are
    part of the windows OS.

    Still no "spacific evidence that Linux is anywhere near as insecure as
    windows."

    >
    > Linux -in general- does challenge users to learn, which is exactly the
    > reason why I love the OS.

    It is NOT a matter of LEARNING. No amount of LEARNING will FIX the security
    holes left in MS software. No amount of LEARNING will FIX the stupid
    begin bug in OE.

    Still no "spacific evidence that Linux is anywhere near as insecure as
    windows."

    > However, early-adopters will not always be aware
    > of the security issues involved.

    But they will not be plagued with 24 unpapatched security holes. Never mind
    that because Linux comes with superior security settings by DEFAULT the
    early adopters of Linux are far better off that the newbies to Windows with
    its, insecure security settings.

    Still no "spacific evidence that Linux is anywhere near as insecure as
    windows."

    > Sadly, I have heard many a times someone
    > saying/ writing: "I am safe, because I use Linux".

    Not from me. How ever, what I am hearing here is some troll seeming to say
    that they are no safer with Linux than windows. While they are NOT safe
    with Linux, the are a whole lot better off with Linux.

    Still no "spacific evidence that Linux is anywhere near as insecure as
    windows."

    > But think for instance
    > about Mandrake, which allows you to install without a root-account.

    Install WHAT? The OS? So does windows.

    Still no "spacific evidence that Linux is anywhere near as insecure as
    windows."

    > The
    > growth to user-friendliness in order to cater the wants of new migrants
    > from Windows to Linux brings new risks. Xandros and Lindows are
    > beautifully tuned distro's, but they hide a lot of key features when it
    > comes to security issues.

    They are not the whole of Linux. Since you are the one that does not like
    JUDGMENT, it seems strange that YOU are now judging the WHOLE of Linux by
    just a couple of distros. I smell a judgmental hypocrite.

    Still no "spacific evidence that Linux is anywhere near as insecure as
    windows."

    > Distro's like Fedora, Mandrake and SuSE are
    > somewhat better, but are new migrants aware of all the things they can and
    > need to do in order to make their box secure? In sincerely doubt that,
    > therefore the need to educate them.

    You should read up on Mandrake msec. Try installing Mandrake setting the
    security level to "paranoid", then see if you can find any insecurities in
    the settings! This is done quite simply in the Mandrake Control Center.

    You really should learn what you are talking about BEFORE YOU START
    TROLLING.

    Still no "spacific evidence that Linux is anywhere near as insecure as
    windows."

    >
    > As far as specific code is concerned, there is sufficient literature
    > around that states that software written for Linux is not automatically
    > more secure.

    Find me a source where it shows that ANY Linux application has 24
    unpapatched holes, Like Microsoft IE:

    http://www.safecenter.net/UMBRELLAWEBV4/ie_unpatched/

    Many of these holes have been open for quite some time.

    While you have to TROLL your "there is no evidence that Linux is more
    secure" I can show that MS IS indeed insecure. If you want to try to troll
    that Linux is as insecure as MS, SHOW EVEDICE that any Linux distribution
    has any application with 24 UNPATCHED security holes, like MS IE.

    Still no "spacific evidence that Linux is anywhere near as insecure as
    windows."

    > It can be due to the possibility of peer-review and that is
    > being done as well. But here again we come to the weakest link: the user,
    > who has to implement patches and updates. And even with a fully aware and
    > consistent user, you can not rule out security breaches (the security
    > breach of Debian being a case in point).

    I feel confident that the holes in Linux are being patched. The same can not
    be said for Linux. While Linux may not be perfect, it is a whole lot better
    than windows.

    Still no "spacific evidence that Linux is anywhere near as insecure as
    windows."

    >
    > That brings me to my final argument. OE is interesting to be challenged
    > due to a large number of users, many of whom do not implement all security
    > features. A rapid growth of new Linux users (most of whom will think and
    > act the Windows way) will make it more attractive for virus writers and
    > script kiddies to target Linux. And only when that happens we will see
    > whether KNode or Pan are inherently more secure than for instance OE.

    Ah, the old It is challenged so much troll. It is not the fact that it is
    challenged so much, it is the fact that executables come as executables in
    MS software AND the fact that it is so easy for the user to run the virus,
    in many cases it is done automatically. That is the problem with MS.

    With Linux, if I don't want my users executing downloaded applications, I
    don't give them access to chmod, compilers and archive extraction software.
    Nobody on that system would be able to run an Email virus even if they get
    it.

    Still no "spacific evidence that Linux is anywhere near as insecure as
    windows."

    >
    > So, I am not raising fear, but encourage awareness.

    Yes, By allowing to address your FUD, the awareness of the UNPATCHED
    WINDOWS OS security holes has been raised to new levels and the awareness
    of your trolling has been raised. People are more aware that you are
    clueless to the security features in Linux distributions.

    >
    > Jan

    But you are right, I do not like your response because I do not like trolls
    that are trolling and spreading FUD.

    Still, I thought you claimed that you could tell us "spacific evidence that
    Linux is anywhere near as insecure as windows." I see nothing but vauge
    unsupported claims, many of them as false as they come.

    And I guess you were telling a lie when you claimed that you were PLONKING
    me. Guess it was to much to hope that you were capable of telling the
    truth.


  • Next message: Matt: "Re: Community responsibility and abuse: the case of mr. Koehlmann"