root user is not the absolute power any more, please dont forget SELINUX and the MLS "Multi Level Seurity"
you can read more on
http://en.wikipedia.org/wiki/Selinux
On Thu, Mar 12, 2009 at 6:15 PM, Mark <wolfmane@xxxxxxxxx> wrote:
On Wed, Mar 11, 2009 at 11:24 PM, Farrell J. McGovernYeah, tell that to celebrities. I'm sure they just *love* the stalkers
<farrell.mcgovern@xxxxxxxxx> wrote:
> ScottW wrote:
>> The Mac and *nix world needs to stop gloating about their clean record so far and keep an eye out for what is to come. Dues to the learning curve of the OS, the users were more "enlightened" than the common computer user, but now these are more wide spread and the common user will be using them. The conspiracy theory people say that Antivirus companies are the ones making most of the viruses so that they have a product to sell, well there is a market out there just waiting to be tapped. Norton AV for Mac is on the shelves even though there is only really 1 documented virus, and people buy it.
>>
>> The good ole saying: "The devil's greatest accomplishment was to convince everyone he does not exist"... well the Linux virus does not exist.
>>
> You are, of course, making the classic mistake of not understanding
> security on computer operating systems. Popularity has little to do with
> how vulnerable a system is.
and paparazzi. When's the last time *you* were surrounded by dozens of
photographers documenting the worst moments of your life?
Anyway, it's not about "popularity", it's about payoff. Any time
there's something to gain (Windows boxes), people will keep trying.
When there's nothing to gain (Linux boxes), there's no motivation.
More attacks=more vulnerability. The law of averages says that the
more attacks there are, the more likely that sooner or later one will
be successful.
Someone who has their home Windows machine set to autologin and no
firewall or antivirus software but uses a gateway, never uses Outlook
or IE and never opens messages (never mind attachments) from someone
they don't know is much less vulnerable than someone who has every
possible security aspect in place on their laptop (any OS) that is
exposed to open networks and/or leaves their computer unattended for a
few moments. Everything is relative.
*You* are the one who clearly does not understand computer security.
Fact: Windows is 30+ years old, and what you're calling Unix is every
>
> Fact: Windows XP is about 12 years old, Vista/Windows 7 maybe 5. Unix
> is 40+ years old.
>
bit as much a progression/assortment of different OSs/kernels as
Windows. Your assertion is totally invalid.
> environment, it has had multi-user and multi-processing added on to it.
> Face: Unix was designed for a mult-user, multi-processing environment,
> Windows was designed for a single user, single application at a time
>
Once again, your assertions are totally incorrect. Unix started with
single-user mainframes, long before the Internet or any kind of remote
networking or simultaneous multi-user environment. Even once they went
mult-user, local multi-user setups with tightly controlled physical
access are a very different thing from the worldwide network of today
(~1995 and on, only the last 15 years). As for multi-user and
multi-processing, the former is only incidentally related to network
security, and the latter not at all.
Totally untrue. The issues of concern are mostly related to network
> Thus, most everything that can affect Windows today was probably seen
> and corrected on the architectural level decades ago in Unix.
access, not multiple logins. See above.
Unix was not designed for personal computers, it was designed for
> Even the
> simplest thing of making the user work in a non-privileged workspace is
> one of the basic things that Unix has done for decades, while it is a
> relatively new idea in Windows. Thus, if you compromise the workspace,
> you don't compromise the system.
>
room- and building-filling mainframes and minicomputers for
governments, universities and large security-minded businesses. You
are comparing apples to oranges. While Linux is "Unix-like", it is NOT
Unix and has to be much more user-friendly, which Unix is very much
not. The owner of a Linux box has to also be the administrator, while
a Unix user seldom has to deal with the administration side of it. Any
time you design an OS for the masses, there is no escaping the
necessity of compromising security for usability and flexibility.
You're talking theory, and making it sound much easier than it
>
> Next, you have the fact that to make things really fast in Windows, you
> have graphics primitives in the kernel. This means that to compromise
> the entire system, all you need to do is compromise a graphics
> routine...and as almost everything is graphical in Windows...compromise
> the Browser, you can own the system...compromise the mail reader, you
> can own the system...compromise an editor you can own the
> system...compromise an ERROR MESSAGE, and you can own the system.
actually is. In reality, such attacks seldom actually work, and they
require far more preparation and work than you are willing to admit.
Again, Linux is *NOT* Unix. Regardless, since no one is putting
>
> With Unix, very few things can access the kernel. If you compromise the
> Browser, you may compromise the user's workspace, but the system remains
> compromised.
>
serious effort into developing viruses and such for it (there's
exactly zero payoff), you're comparing apples to oranges. I think you
left the "un" off the last word there, but again that's theory, not
reality. According to the fanboys, Linux doesn't crash, but I see it
happen all the time. Not just applications; the whole machine crashes
and has to be rebooted.
...and you make it sound so easy to compromise Windows, and so hard to
> Generally, in Windows it's a single set to compromise the entire
> system...on Unix, it takes usually two more more steps, first you must
> compromise the userspace, then you must compromise the kernel.
>
compromise *Linux* (you keep saying Unix when what you really mean is
Linux...). The reality is somewhat different, and the ease of security
breach is directly related to the operator/owner's actions and
settings rather than the OS. I've been running Windows without
firewall or antivirus software for many years (the cure is worse than
the disease) and no one has successfully attacked me yet. In spite of
some empty threats and futile attempts...
Only because of all the freely available software out there that
> Ultimately, it takes a lot more work to compromise a Unix system than a
> Windows system.
specifically targets Windows, as opposed to practically nothing for
*nix. The "security tools" for *nix don't count, since the same people
who are writing those are also patching the holes. That's about as
trustworthy as those Windoze firewall apps that fake attacks ("we just
intecepted xxx attacks"... yeah, right!) to dupe gullible consumers
into buying the pay version.
Unix, and Linux as well, come from a very different place than
> And that makes Unix and systems derived from Unix
> inherently more secure than Windows.
Windows. *nix comes from a scientific, high-security background, while
Windows (and DOS before it) from the start was aimed at usability for
consumers and the less technically savvy. Bearing that in mind, the
difference in inherent security is remarkably small.
Mark
_______________________________________________
maemo-users mailing list
maemo-users@xxxxxxxxx
https://lists.maemo.org/mailman/listinfo/maemo-users
--
______________________________
http://geek2live.blogspot.com/
http://www.siteheed.com
- You pick the level of your suffering yourself - Budha-
- There is nothing noble in being superior to some other man. The true nobility is in being superior to your previous self.-- Hindu proverb
- "Nearly all men can stand adversity, but if you want to test a man's character, give him power."-Abraham Lincoln
- Live Free or Die-Kernel The Canine-
- Without music, life would be a mistake.- Nietzsche
- He who reigns within himself and rules his passions, desires, and fears is more than a king.-- John Milton
- The best portion of a good man's life is the little, nameless,unremembered acts of kindness and love.-- William Wordsworth (1770-1850) English poet --
- The higher type of man clings to virtue, the lower type of man clings to material comfort. The higher type of man cherishes justice, the lower type of man cherishes the hope of favors to be received.-- Confucius (551-479 BC) Chinese Philosopher
_______________________________________________ maemo-users mailing list maemo-users@xxxxxxxxx https://lists.maemo.org/mailman/listinfo/maemo-users
