Not at all, and please don’t tell me what I prefer, All I prefer is that
people try to be homiest, you are right all software has bugs, but to imply in any way that
open source is better is a misnomer.
I use open source, closed source, whatever tool fits the job, I don’t belong
to any specific church re: software, nor am I a closed/open source zealot.
I know its kinda hard for people to accept someone on a centos mailing list would
use closed source, I am sorry some of you purists are offended.
On Oct 10, 2014, at 1:01 PM, Valeri Galtsev <galtsev@xxxxxxxxxxxxxxxxx> wrote:
>
> On Fri, October 10, 2014 12:33 pm, William Woods wrote:
>> So claim made, nothing to back it up. Got it.
>>
>> all I need to say is…BASH , OpenSSL…..
>>
>
> Nice examples. One-sided though. All software has bugs. You prefer
> security through obscurity (closed source, and you have to _trust_ the
> vendor of it). But there are numerous security issues with closed source
> M$ Windows system. Of course, you would prefer closed source example UNIX.
> Here it goes: SSH (as opposed to openSSH we all have thanks to OpenBSD
> project). There was an awful security hole in it about 13 years ago and as
> sshd daemon runs by user root, we were just waiting if stray root just
> will walk into our Solaris boxes. Waiting for parch from system vendor and
> simultaneously compiling openssh as a replacement. Those of us who had
> majority of boxes under Linux (hence with openssh that wasn't vulnerable)
> had less trouble...
>
> I guess, you go you to your church, and I will go to mine. I do not
> consider "security through obscurity" a security. I prefer not to wreck my
> brain thinking "to what extent can I trust this corporate vendor". I
> prefer the code put out into open so everybody can review it. I doesn't
> mean that open source code will be audited diligently. But the fact that
> it can be gives the best reassurance for me. I do join that clever person
> who said "security only can be in open source".
>
> Valeri
>
>> I am sure there are more.
>>
>> But really, if you are going to claim something, at least be willing to
>> back up what you claim is that asking to much ?
>>
>> On Oct 10, 2014, at 12:21 PM, Valeri Galtsev <galtsev@xxxxxxxxxxxxxxxxx>
>> wrote:
>>
>>>
>>> On Fri, October 10, 2014 12:01 pm, William Woods wrote:
>>>> Really, you have some URL’s to back up the paranoia ?
>>>
>>> Well, that's the problem with closed source systems (Which MS Windows is
>>> and commercial antiviruses for it are). One can claim something and
>>> there
>>> is no way to prove it is right or it is wrong (or left? ;-)
>>>
>>> I remember some clever person said: "security can only be in open
>>> source".
>>> There are systems that are not [quite] open source, even though they are
>>> based on open source. I may be out of date but some time ago (last time
>>> I
>>> cared to check) Android was not (even though it is based on Linux
>>> kernel,
>>> there is fair chunk of closed code in its kernel). Everybody is free to
>>> imagine me with tin foil hat on, or with pointy hat on...
>>>
>>> Valeri
>>>
>>>>
>>>> On Oct 10, 2014, at 12:00 PM, Always Learning <centos@xxxxxxxxxxx>
>>>> wrote:
>>>>
>>>>>
>>>>> On Fri, 2014-10-10 at 12:19 -0400, James B. Byrne wrote:
>>>>>
>>>>>> On Thu, October 9, 2014 21:11, John R Pierce wrote:
>>>>>>> On 10/9/2014 6:07 PM, Valeri Galtsev wrote:
>>>>>>>> BTW, the whole idea of "antivirus" is flawed. It is based on
>>>>>>>> "enumerate
>>>>>>>> bad". You can't, as one never knows what will be invented in a
>>>>>>>> future.
>>>>>>>
>>>>>>> I agree, but I don't know what else you can put in the hands of the
>>>>>>> novice, unless its the iPhone world of corporate approved apps only
>>>>>>> purchased through a monopoly 'app store'.
>>>>>>>
>>>>>>
>>>>>> Which simply means: Only 'Government Approved' viruses allowed.
>>>>>
>>>>> Excellent point. Windows 95 was designed to be accessible by the USA
>>>>> authorities. USA anti-virus software "allows" access from the USA
>>>>> authorities.
>>>>>
>>>
>>>
>>> ++++++++++++++++++++++++++++++++++++++++
>>> Valeri Galtsev
>>> Sr System Administrator
>>> Department of Astronomy and Astrophysics
>>> Kavli Institute for Cosmological Physics
>>> University of Chicago
>>> Phone: 773-702-4247
>>> ++++++++++++++++++++++++++++++++++++++++
>>> _______________________________________________
>>> CentOS mailing list
>>> CentOS@xxxxxxxxxx
>>> http://lists.centos.org/mailman/listinfo/centos
>>
>> _______________________________________________
>> CentOS mailing list
>> CentOS@xxxxxxxxxx
>> http://lists.centos.org/mailman/listinfo/centos
>>
>
>
> ++++++++++++++++++++++++++++++++++++++++
> Valeri Galtsev
> Sr System Administrator
> Department of Astronomy and Astrophysics
> Kavli Institute for Cosmological Physics
> University of Chicago
> Phone: 773-702-4247
> ++++++++++++++++++++++++++++++++++++++++
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
