Posted on 06/06/2006 6:37:10 AM PDT by ShadowAce
Linux is insecure. Open source is insecure. Windows is insecure. All software is insecure.
Deal with it.
People keep having this delusion that security is a product. That, if you just buy some magic box, you'll have a program or an operating system that's as secure as Fort Knox.
It doesn't work that way. Security is a process, not a product.
Some systems are more secure than others. Linux, as anyone who pays any attention to security news knows, is a lot more secure than Windows. If we were talking cars, Linux would be a Volvo S80 and Windows would be a Ford "Hit here to blow up" Pinto.
But, any car can be hit, and any car can be hit hard enough to destroy it. It's all about the odds and driving safely.
Driving safely on a computer or a network means knowing, and using, their available security features. For example, any machine that's exposed on the Internet should have an enabled firewall.
Even OpenBSD -- in my humble opinion, the safest operating system on the planet -- is crackable, if you allow anyone to come and pound away at its network interface.
In the case of Linux, if your system doesn't come with an enabled firewall, you can use netfilter and iptables to set up either a simple or sophisticated network defense system. If you're new to firewalls, LinuxGuruz has a helpful listing of netfilter and iptables resources.
You also need to keep an eye on Linux and open-source security patches and repairs.
So, for example, when Red Hat announced last week a major security patch that fixed 16 individual flaws present in its Red Hat Desktop and RHEL (Red Hat Enterprise Linux) 4.0, you'd be well advised to install that patch sooner rather than later.
It also means that you need to know where your operating system comes from. So, if you're running CentOS, Lineox, or White Box Linux, you'd better be pestering them for their version of the Red Hat patch because all of these Linuxes are based on RHEL 4 code.
The same is true for applications. Are Firefox and Thunderbird safer than Internet Explorer and Outlook? Of course, they are. Does that mean you're safe using them without their latest patches? I don't think so!
Again, you can't drive and not eventually have a near-miss, and you can't run a networked computer without having someone seriously try to take your machine down. Security is all about weighing the threat level and doing the best you can to make sure that you're safe.
That also means taking a long, hard look at some "threats."
Last week, for instance, anti-virus software maker Kaspersky Lab claimed to have isolated a new virus, Stardust, aimed at Sun's StarOffice office suite and the open-source version of the programs, OpenOffice.
But, was this so-called macro virus a real worry? According to a NewsForge report, the "general agreement is that the Kaspersky Lab claim is an exaggeration."
I'd agree with that. Yes, if you open a strange document and enable it to run macros, something bad could happen to you. Unlike similar problems in the past with Microsoft Office macro viruses, though, any such "virus" can't attack the underlying operating system because neither StarOffice nor OpenOffice have the deep hooks into the operating system that enabled Office macros to be a real problem a few years back.
So, is there a potential problem here? Yes, potentially someone could use the macro language to cause trouble. Of course, they could also use Perl, Visual BASIC, Python, Java, etc., etc. to cause trouble.
Have I mentioned, yet, that almost any use of software has some security danger?
There are two morals to this story. The first is that while you're safer using Linux or open-source software, you're never perfectly safe. The second is, as much as you might not want to, you really must work on security with any operating system or program, or face the possibility of having a real accident on the old information superhighway.
Not much to disagree with here..
Hopefully, we'll get decent discussion on this topic as our resident troll is not currently posting.
Let me start it off...
Linux sucks.
Windows sucks.
Apple sucks.
Linux is the best thing since sliced bread.
Windows is the best thing since sliced bread.
Apple is the best thing since sliced bread.
Only acutal Unix is worthy.
Does that pretty much cover it?
LOL! Almost. Don't forget which OS the commies use...
Everybody knows that the Vic20 is still the best computer. Commodore rocks!
***************************************
About m0n0wall |
---|
m0n0wall is a project aimed at creating a complete, embedded firewall software package that, when used together with an embedded PC, provides all the important features of commercial firewall boxes (including ease of use) at a fraction of the price (free software). m0n0wall is based on a bare-bones version of FreeBSD, along with a web server (thttpd), PHP and a few other utilities. The entire system configuration is stored in one single XML text file to keep things transparent. m0n0wall is probably the first UNIX system that has its boot-time configuration done with PHP, rather than the usual shell scripts, and that has the entire system configuration stored in XML format. |
One of our network guys brought that to my attention, I have not had a chance to impliment it at home yet but from the looks of it its a nice tool..
That WOULD explain all the bragging about penis size.
And the vette!
And the run, and all the mini-OS fluffies. Oh, the humanity!
Truer words were never spoken.
Not a darn thing you can do about some incredibly stoooopid users.
Best you can do is make as sure as you can that their stupidity is limited to damaging just that user's data rather than anything else.
you got something against freeBSD?
Not much to disagree with here..
This goes along with what we've been saying for a while--no system is perfectly safe, but market share alone is not the reason why Linux is safer than windows.
You mean the Commodore 64. The C64 was vastly superior to the VIC-20 in almost every way. Even at $595, you got a lot of bang for your buck with the C64...just a shame they had flaky power supplies which overheated all the time...oh yeah, and the Commodore 1541 floppy drive was probably the slowest floppy drive on the face of the earth (unless the Mattel Aquarius had a floppy drive...but thankfully it didn't have one).
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.