On Sat, 2010-05-15 at 14:52 -0700, Antonio Olivares wrote: > this is not windows, we can be safer and we can rest assured that we > will be careful not to shoot ourselves in the foot :) The philosophy behind Linux, generally, makes things a lot better for us. With Linux, when a fault is found, it's generally fixed up. So that some vulnerability from two years ago is water off a duck's back to us, by now. Linux isn't afraid to break other applications to fix up a fault, since those other applications can always be fixed, too. The mentality is that is what you'll have to do, so it happens. And this is a much better approach that trying to hide the target behind a flimsy shield. The concept of not running as root because you DO NOT NEED to run as root, certainly helps, too. I don't ever recall seeing Windows get patched to fix up a virus vulnerability, and I doubt it's possible, considering the HUGE number of exploits (how many thousands of viruses by now?). If it were compromiseable last year, it still is now. And I've seen that sort of thing with other people's Windows boxes which get stung by old viruses (even while running anti-virus software!). They won't change things to fix a fault if it'll break other things, and that leaves you in the lurch. Sure, you see some patches about closing some exploits in some software, such as the web browser, but the underlying OS remains the same. And so do many of the vulnerable applications. With all of them relying on (far less effective than it really needs to be) protective software to try and deflect the onslaught. Though all the protective software in the world isn't going to work against damn fool users. Who install completely unknown software on someone else's computer, ignore warnings, who even turn off protective software under the instructions of the malware author, and practice no common sense against social engineering exploits. The attitudes of the computer illiterate, even some of the computer literate, about the malware seems to be divided between not really caring, and simply relying on the anti-malware (despite witnessing it fail, time and time again). The concept of actually fixing the problem sounds like heresy to them. The main exploit was always the buffer overflow, and you think more effort would be put into not letting that happen, but I see no evidence of that. It's still the main exploit. -- [tim@localhost ~]$ uname -r 2.6.27.25-78.2.56.fc9.i686 Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists. -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
