Old 28th November 2002, 11:48   #1
binary hero
Banned
 
Join Date: Jun 2001
Posts: 7,004
Send a message via ICQ to binary hero
HAH! that's what i say to linux users

"aaw yeah, i don't want to use that copyrighted, overpriced, insecure microshaft bullshat!!!"
binary hero is offline   Reply With Quote
Old 28th November 2002, 11:50   #2
Bilbo Baggins
Wind Chime of the Apocalypse
 
Bilbo Baggins's Avatar
 
Join Date: May 2000
Location: The Forest
Posts: 17,229
COOL
Bilbo Baggins is offline   Reply With Quote
Old 28th November 2002, 11:56   #3
Atmo
The Freak
(Forum King)
 
Atmo's Avatar
 
Join Date: Feb 2002
Location: Australia
Posts: 9,400
Really doesnt prove much, but if all things were equal, i'd say theyre both fairly insecure. Ms just does a better (and faster) job of fixing it.
Atmo is offline   Reply With Quote
Old 28th November 2002, 12:02   #4
Xerxes
Capitalist Alumni
 
Xerxes's Avatar
 
Join Date: May 2000
Location: my 4 Houses on Park Place
Posts: 8,687
Send a message via ICQ to Xerxes
Anything that ruins those digital anarcho-nerds day makes me happy.
Xerxes is offline   Reply With Quote
Old 28th November 2002, 12:45   #5
zootm
Forum King
 
zootm's Avatar
 
Join Date: Jan 2002
Location: the nether reaches of bonnie scotland
Posts: 13,375
the thing is, that "hackers" will tend to concentrate on hacking windows machines, which is what leads to the perception that windows is insecure in the long term. i'm gonna go post this in that long-running linux/windows thread, hope nobody minds

zootm is offline   Reply With Quote
Old 28th November 2002, 20:08   #6
Nofx Guy
Major Dude
 
Nofx Guy's Avatar
 
Join Date: Jul 2001
Location: under a rock
Posts: 998
Send a message via ICQ to Nofx Guy
yeah but you guys dont see is this ...

Quote:
In a study provided by the Aberdeen Group they cited some very interesting factoids that seem relevantat first glance. As reported in eWeek, the Aberdeen Group chose the following facts to reach their conclusion: "Of the 29 advisories issued through October by the CERT Coordination Center at Carnegie Mellon University in Pittsburgh, 16 of them addressed vulnerabilities in open-source or Linux products. Seven of the advisories were related to Microsoft products."

www.audioflo.ath.cx
All music, All the Time
Nofx Guy is offline   Reply With Quote
Old 28th November 2002, 20:13   #7
RanDom_ErrOr
Banned
 
RanDom_ErrOr's Avatar
 
Join Date: Jul 2001
Location: The loony bin, just outside of nutsville,USA. I would visit you, but my room is padded and i cant get out...
Posts: 947
Send a message via ICQ to RanDom_ErrOr Send a message via AIM to RanDom_ErrOr
Linux == god.
M$ == shit.

just because some people, who are making the OSes for free, and sharing the source code, commonly called OPEN SOURCE, this means that bugs will be found, and squashed. if M$hit can do it a little faster, thats because they PAY alot of people to do it for them.

open source will one day rule the planet.
RanDom_ErrOr is offline   Reply With Quote
Old 28th November 2002, 20:19   #8
I am Jesus
Major Dude
 
Join Date: Aug 2002
Location: Your mom
Posts: 1,555
Send a message via AIM to I am Jesus
whatever
I am Jesus is offline   Reply With Quote
Old 28th November 2002, 20:25   #9
eleet-2k2
Forum King
 
eleet-2k2's Avatar
 
Join Date: Aug 2001
Location: Mobil Ave.
Posts: 5,381
Quote:
Originally posted by RanDom_ErrOr
Linux == god.
M$ == shit.

just because some people, who are making the OSes for free, and sharing the source code, commonly called OPEN SOURCE, this means that bugs will be found, and squashed. if M$hit can do it a little faster, thats because they PAY alot of people to do it for them.

open source will one day rule the planet.
Is it true it's something like 50,000 programmers all hyped up on Coke?

"Welcome to the Island of people who know too much."..."Did you really think balloons would stop him?!"
See what I'm listening too.
eleet-2k2 is offline   Reply With Quote
Old 28th November 2002, 20:33   #10
fwgx
Rudolf the Red.
(Forum King)
 
fwgx's Avatar
 
Join Date: Nov 2000
Posts: 9,314
I work with someone who has put back stuff into both Redhat and Suse, a few network drivers and an few other bits. You may like to joke that Linux is developed by nerds and communist hippies but in reality they are some of the brightest people you'll ever meet. You won't meet anyone as bright as this guy easily, being as he is pretty much the brightest person I work with, which is saying quite a lot.

.: fwgx.co.uk.:.My art:.

"We think science is interesting and if you disagree, you can fuck off."
fwgx is offline   Reply With Quote
Old 28th November 2002, 21:15   #11
griffinn
Court Jester
(Forum King)
 
griffinn's Avatar
 
Join Date: May 2000
Location: Your local toystore
Posts: 3,501
Send a message via ICQ to griffinn
Quote:
Originally posted by Phily Baby
he is pretty much the brightest person I work with, which is saying quite a lot.
Are you praising the guy, or praising yourself?

Besides, nobody said Linux is developed by a bunch of morons. No matter how smart a developer is, he can only write programs that are secure under his own context. When a program is executed out of the expected context a programmer has planned for, security problems are bound to be discovered.

The smiley slot machine! | Quotable Blog
griffinn is offline   Reply With Quote
Old 28th November 2002, 22:29   #12
fwgx
Rudolf the Red.
(Forum King)
 
fwgx's Avatar
 
Join Date: Nov 2000
Posts: 9,314
Quote:
Originally posted by griffinn
Are you praising the guy, or praising yourself?
The guy and the people I work with. I'm as thick as shit.

.: fwgx.co.uk.:.My art:.

"We think science is interesting and if you disagree, you can fuck off."
fwgx is offline   Reply With Quote
Old 29th November 2002, 03:00   #13
RanDom_ErrOr
Banned
 
RanDom_ErrOr's Avatar
 
Join Date: Jul 2001
Location: The loony bin, just outside of nutsville,USA. I would visit you, but my room is padded and i cant get out...
Posts: 947
Send a message via ICQ to RanDom_ErrOr Send a message via AIM to RanDom_ErrOr
dont underestimate nerds in a large group. they run this country. if they quit, the world would stop. god im glad im a nerd
RanDom_ErrOr is offline   Reply With Quote
Old 29th November 2002, 03:20   #14
Anacific
Major Dude
 
Anacific's Avatar
 
Join Date: Nov 2000
Location: Toronto, Canada
Posts: 1,744
Send a message via AIM to Anacific
Quote:
Originally posted by zootm
the thing is, that "hackers" will tend to concentrate on hacking windows machines
As Linux gets more popular hax0rs will move to hax0ring linux obviously. Obviously both families of OSs have flaws. What makes Linux appealing [to me] is that now it's almost as user friendly as windows and it's FREE and if you know a bit more about puters, it's a lot more customizable too.

"He who desires but acts not, breeds pestilence." - William Blake
WSPA | WWF | RSPCA | AAPA | Green Peace - Know and help...
The Rainforest Site | The Animal Rescue Site - Click and help...
Anacific is offline   Reply With Quote
Old 29th November 2002, 04:14   #15
RanDom_ErrOr
Banned
 
RanDom_ErrOr's Avatar
 
Join Date: Jul 2001
Location: The loony bin, just outside of nutsville,USA. I would visit you, but my room is padded and i cant get out...
Posts: 947
Send a message via ICQ to RanDom_ErrOr Send a message via AIM to RanDom_ErrOr
kde and gnome make things easier for windows users. enlightenment and a few others make things easier for mac users. Linux is the way of the future.
RanDom_ErrOr is offline   Reply With Quote
Old 29th November 2002, 05:55   #16
dirkdeftly
Forum King
 
dirkdeftly's Avatar
 
Join Date: Jun 2001
Location: Cydonia, Mars
Posts: 2,651
Send a message via AIM to dirkdeftly
I'll say here what I said there:

"WOW, WINDOWZ IZ DA SECOND MOST VULNERABLE OS ON DA PLANET!!!1"

This only proves that Linux is the 'worst.' We seem to have forgotten Unix, MacOS, BeOS, Lindows, etc.... Also, who the hell would want to hack Linux? Ever notice how there's never any anti-hacker Linux software out there? That's cos there's no need for it. People don't hack Linux because there aren't enough systems to hack. If you're going to hack, you may as well learn the backdoors in a really popular system, so that your evil little skills can go to some use....

"guilt is the cause of more disauders
than history's most obscene marorders" --E. E. Cummings
dirkdeftly is offline   Reply With Quote
Old 29th November 2002, 06:21   #17
fwgx
Rudolf the Red.
(Forum King)
 
fwgx's Avatar
 
Join Date: Nov 2000
Posts: 9,314
That'll explain the tens of thousands of Linux webservers and a few supercomputers then.

.: fwgx.co.uk.:.My art:.

"We think science is interesting and if you disagree, you can fuck off."
fwgx is offline   Reply With Quote
Old 29th November 2002, 06:29   #18
InvisableMan
Ninja Master!
(Forum King)
 
InvisableMan's Avatar
 
Join Date: Mar 2001
Location: Hotel California
Posts: 4,332
pity that windows and mac osx are BASED ON UNIX


although osx is shit because it is based on freebsd
InvisableMan is offline   Reply With Quote
Old 29th November 2002, 06:32   #19
fwgx
Rudolf the Red.
(Forum King)
 
fwgx's Avatar
 
Join Date: Nov 2000
Posts: 9,314
windows is based on DOS not Unix
edit: and nt/2k/xp are built on the NT kernel

.: fwgx.co.uk.:.My art:.

"We think science is interesting and if you disagree, you can fuck off."
fwgx is offline   Reply With Quote
Old 29th November 2002, 12:58   #20
Anacific
Major Dude
 
Anacific's Avatar
 
Join Date: Nov 2000
Location: Toronto, Canada
Posts: 1,744
Send a message via AIM to Anacific
Quote:
Originally posted by Phily Baby
windows is based on DOS not Unix
edit: and nt/2k/xp are built on the NT kernel
Yes, and who uses win9x these days anyway

"He who desires but acts not, breeds pestilence." - William Blake
WSPA | WWF | RSPCA | AAPA | Green Peace - Know and help...
The Rainforest Site | The Animal Rescue Site - Click and help...
Anacific is offline   Reply With Quote
Old 29th November 2002, 13:19   #21
fwgx
Rudolf the Red.
(Forum King)
 
fwgx's Avatar
 
Join Date: Nov 2000
Posts: 9,314
My mum does and a lot of other peple do, my dad did until last week when his laptop broke and he got a new one. 9x is surprisingly good if you want to just type and have very little hardware installed- it can be extreamly stable. My mums machine with 95 on was one of the most stable windows machine i've ever seen and that got cluttered with loads of crap but never crashed.

.: fwgx.co.uk.:.My art:.

"We think science is interesting and if you disagree, you can fuck off."
fwgx is offline   Reply With Quote
Old 29th November 2002, 13:40   #22
zootm
Forum King
 
zootm's Avatar
 
Join Date: Jan 2002
Location: the nether reaches of bonnie scotland
Posts: 13,375
Quote:
Originally posted by RanDom_ErrOr
Linux == god.
M$ == shit.

just because some people, who are making the OSes for free, and sharing the source code, commonly called OPEN SOURCE, this means that bugs will be found, and squashed. if M$hit can do it a little faster, thats because they PAY alot of people to do it for them.

open source will one day rule the planet.
right! you! to the corner!

please don't say "M$" - it makes you look like the proverbial "lamer".

linux needs rewritten - there's too much old code in it now, it's becoming bloated. they need to totally rewrite the kernel. then it'd be slick.

but yeah, we've pretty much gone over all the arguments in the thread in breaking news ("why linux is better!" - despite the conclusion that neither's better absolutely).

but, as i've said before, with the same amount of effort it takes to secure linux, you can secure windows. it's just that it's relatively more effort in windows because it takes so little effort to set most things up already.

linux is a better OS though, particularly when palladium/longhorn are on the horizon with waaaaaaaaaay too many embedded things that reduce control over the OS.

but anyway, as i've said many times, i'll be dual boot as and when i have money for a new hard drive. until then, my (pretty much unhackable) win2k install stays.

zootm is offline   Reply With Quote
Old 1st December 2002, 10:56   #23
dopey
Senior Member
 
dopey's Avatar
 
Join Date: Jan 2002
Location: london,UK
Posts: 148
Send a message via ICQ to dopey
that article is bollox

right first off looking at the site and conclusions made it seems like complete and utter FUD.

A long time ago i read this

how can you make your system totally secure ?

the answer was:

disconnect it from the net and power. and bury it in concrete,

Now thats extreme but thats the only way no matter what os.

The fact of the matter is with xp patch 1 how many things did it break ?

the only reason why windows security alerts may have calmed down is cos microsoft hides this shit until it can work on it. Infact it buries certain security vulnerablilties till it has released its new os which fixes the problems. but usually introduces a host of new security vulnerabilities.

Its quite simple any system can be hacked with a skilled enough cracker working on it.


but as to linux being more insecure thats bollox.. you can tweak windows 2000 to your hearts content and make it as secure as you like then i dare you to run iis on that machine and make it a web server. and secure a linux box and run apache or zeus. Hmm wonder which ones gonna get screwed first.

Thats reality.

as for the fact that linux aint widely used some one else trying to say. Well about 90 % of sites u visit are running on linux based distributions. why ? because of the secuirity.

Yes there is security vulnerabilities in linux but unlike windows nothing is hidden, its made public and quickly fixed.. Thats where my friends open source software strength lies.

Its not a bunch of hippies high on coke weed whatever siting there and doing this and there not communists or whatever you will find lead government agencies in USA and other countries working on linux and securing it for their own needs then sending through what they have to the open source developers to software drivers for hardware manufacturers working on linux drivers, in their spare time. Just because some one is talented doesnt mean they will be guaranteed to be working for a company like microsoft. A lot of people in the computing industry despise what microsoft has done to the computer market to how its been stagnating and killing new technology so that it could make maximum profits from what it has dished out.


And i can prove that this article is bullshit:

"This statement is particularly problematic because many Linux distributions lack the sophisticated automatic-update technologies modern Windows versions contain."

that sentence says it all ?

any one here used debian ?

microsoft can dream of creating an update system that comes close to debians. Windows update is completely destroyed by apt-get and dselect.

then theres redhat 8 that is much like windows update, but even updates the kernel oh does ms update its kernel nope. You need to run out there and buy a new copy of windows. or wait for a service pack which may fix the problem.


and on to the next matter yes windows is based on nix believe it or not. The NT kernel is based on a bsd varient infact without *nix none of the windows users would be on the net.

THe whole of windows ip stack has been thiefied from bsd. Whats unfortuante is the bsd licence allows microsoft to get away with this. THe reason why they will never start on bsd cos they can steal any new technology under bsd licence. And why they will fud any gnu/gpl based project because they cant touch a line of code without making the whole of windows open source the true beauty of gnu/gpl free to use it. Free to use the libraries. BUt if you then decide to take code and stick it in your project then your whole project becomes gpl'ed.
dopey is offline   Reply With Quote
Old 1st December 2002, 12:29   #24
zootm
Forum King
 
zootm's Avatar
 
Join Date: Jan 2002
Location: the nether reaches of bonnie scotland
Posts: 13,375
Re: that article is bollox

Quote:
Originally posted by vslick22
but as to linux being more insecure thats bollox.. you can tweak windows 2000 to your hearts content and make it as secure as you like then i dare you to run iis on that machine and make it a web server. and secure a linux box and run apache or zeus. Hmm wonder which ones gonna get screwed first.
that sounds like a challenge. a win2k box set up like mine running a webserver is exactly as insecure as a linux box running apache. why? because i'd be running apache too... no other ports would be open, so where's the additional risk? if there is some, i'd be interested to know.

Quote:
Originally posted by vslick22
any one here used debian ?
read the part that you quoted again - it doesn't say "all" linux distros lack autoupdates - it says "most". that don't mean all where i come from.

i've got nothing against linux (as i've said, i'll use it when i get more HDD space - don't think i'll use debian though...), but i'm fed up having people being so one-sided in these arguments as not to even acknowledge their system has disadvantages.

zootm is offline   Reply With Quote
Old 1st December 2002, 14:18   #25
dopey
Senior Member
 
dopey's Avatar
 
Join Date: Jan 2002
Location: london,UK
Posts: 148
Send a message via ICQ to dopey
ey ?

why? because i'd be running apache too


I said run iis.. Apache is open source remember, us commie bastards running linux and all that open source software are fools cos its so insecure. so the challenge was u run your security concious win2k box running iis. Which is made by microsoft and closed source, and me running my debian box with apache. which is open source. Give them both a load of 10,000 sites lets see which one stands. Make the hardware identical 2 intel p3 1ghz processors 1 gig of ram. See which one bucks under the load first and which one stays up the longest without contracting something.

Apache is designed for nix not windows to begin with anyway. half the proper shit you cant do on windows..

as to my quote it still is factually incorrect i did read the "most" part but that still is bollox, "most" linux distributions have an update feature some.. some of which ie debian based distro's exeed microsofts update feature... considering most big businesses use debian or redhat.. that makes that statement in the article bollox.


if M$hit can do it a little faster, thats because they PAY alot of people to do it for them.

random error thats the whole thing microsoft developers can never beat linux developers time to fix the bugs because in most cases in linux the people who find the bug submit the patch for it. Think how many developers globally there are for linux and how many developers there ae working at microsoft. Microsoft cant compete every jump it makes from windows 2000 to windows xp lets say. linux has gone through an evolution. Linux has not stopped evolving building new technology from day 1. Thats the way it is.

The linux kernel is still rock solid. It has had a couple of bugs introduced and then promptly fixed nothing new, but every one using linux is in effect a tester, that can if they know enough jump in and fix the bug.

Also as to the reason why hackers/crackers dont go after linux.. well gues what the operating system of choice for them is supposed to be ? yep youve guessed it linux, More than likely the hackers exposing vulnerabilities in windows are doing it for a reason. So that microsoft is forced to do something about the exploit. Thats the fact of the matter and these same hackers are probably working double hard on linux but when they expose the problem they can then sit down and fix it because they have the source. If they cant then will make it public and the developers will fix it. Which is why i find that article such a joke. Linux will never be able to get virus' like windows its just too hard. cos of the user level. nothing is run by root unless it has permission you cant just click on an attachment which you get in your email and destroy your whole system.. Unless you run yourself as root. The attachment will be absolutely dead because all it will have access too is what the user has access to.. Thats a true multi user operating system something windows still hasnt managed to do even though they claimed windows 95 was the first
"true multitasking multi user 32 bit operating system"
*cough* bollox *cough*.. wasnt even true 32 bit. they didnt achive that till win98

if windows was a true multi user operating system it wouldnt have as many problems with viruses that it has today.

what some 4 thousand odd viruses for windows a handfull for linux.. that same hand full for unix and how long has unix been around ?.. doesnt add up security in windows was originally an afterthought.. thats why it will never be a good server os. THats why *nix has been the dogs bollox in server os for the past 20 odd years. Theres no denying it.

and that article was prime FUD.

Infact do a test for me.. Call up your isp ask them what servers they use and which platform gives em the most headache. Which one has been hacked into the most, Which one cant handle loads..
dopey is offline   Reply With Quote
Old 1st December 2002, 14:42   #26
zootm
Forum King
 
zootm's Avatar
 
Join Date: Jan 2002
Location: the nether reaches of bonnie scotland
Posts: 13,375
Re: ey ?

Quote:
Originally posted by vslick22
I said run iis.. Apache is open source remember, us commie bastards running linux and all that open source software are fools cos its so insecure. so the challenge was u run your security concious win2k box running iis. Which is made by microsoft and closed source, and me running my debian box with apache. which is open source. Give them both a load of 10,000 sites lets see which one stands. Make the hardware identical 2 intel p3 1ghz processors 1 gig of ram. See which one bucks under the load first and which one stays up the longest without contracting something.
that's silly. apache's the best webserver. most of the software i use is open source, i don't know why i shouldn't use an open-source webserver just because the OS isn't - it's not like it cost me any money (being an 'academic' is great )... as for your (now changed) challenge, you said win2k was insecure, not resource-conserving. the security, as i said before, is equivalent. the linux box would use less resources, however. don't worry, i'm not biased. you are.

(also - "...us commies..." - what makes you think i'm not an open source coder? the only thing stopping me currently is lack of time)

Quote:
Originally posted by vslick22
The linux kernel is still rock solid. It has had a couple of bugs introduced and then promptly fixed nothing new, but every one using linux is in effect a tester, that can if they know enough jump in and fix the bug.
the linux kernel needs a full rewrite, or at least a good going over, in my opinion. it was slick once, now it's hacky and archaic. it works, yes, but the whole linux community would benefit from it being recoded in a more methodical manner. it would, at the very least, immeasurably speed kernel development. whether there's time/resources for this is another matter. you also bring up the biggest point against linux there - the point that you make about everyone being a tester, being able to fix it, is exactly why linux isn't being taken up in the public sector. people don't wanna test. they want to use something that work. coders want something they can change. when linux meets the happy medium between the two, it'll become a mainstream OS choice.

Quote:
Originally posted by vslick22
Infact do a test for me.. Call up your isp ask them what servers they use and which platform gives em the most headache. Which one has been hacked into the most, Which one cant handle loads..
i don't have a proper ISP, i have a connection to the internet through a proxy through my university (which is why i don't bother running a webserver - it'd be proxy blocked, and ssh port forwarding is waaaaaaay too much bother). but i do know that their unix proxys go down quite a lot. their windows servers go down a lot less. i know that's not how it should be, i guess it's because the unix ones provide the link to the UK joint academic network (JANET).

oh, and the reason that there's more virii for windows is that it's the prime OS for home users (who don't know about security - business servers will be more clued up ) - a larger susceptible user base => larger possible infection => more credit for author.

but yeah, don't think i'm unduly biased towards windows. i'm just not unduly biased towards linux

zootm is offline   Reply With Quote
Old 2nd December 2002, 06:27   #27
MixMatch
Junior Member
 
Join Date: Dec 2002
Posts: 2
Sorry, I might agree with the finding if the author didn't have such faulty logic
Quote:
First, the Aberdeen Group says that Windows-based Trojan horse attacks peaked in 2001, when CERT released six such advisories, then bottomed out this year, when CERT didn't issue any alerts. However, Trojan horse-based attacks on Linux, UNIX, and open-source projects jumped from one in 2001 to two in 2002.
2001:
Windows:6 Trojan advisories
Linux: 1 Trojan advisories

hmmmmm...Linux is evidently super insecure because windows didn't have any Trojan advisories this year... the logical thing would be to take a running average over, maybe the past 5 years, but they didn't give enough information, so we must settle for two years:
Total:
Windows:6 Trojan advisories
Linux: 3 Trojan advisories
Average/year:
Windows:3 Trojan advisories
Linux: 1.5 Trojan advisories

Now check this guy's math:
Quote:
Proprietary UNIX solutions were responsible for just as many security advisories as Linux in the same time period....Security advisories for open-source and Linux software accounted for 16 out of the 29 security advisories--about one of every two advisories--published for the first 10 months of 2002. During this same time, vulnerabilities affecting Microsoft products numbered seven, or about one in four of all advisories.
If linux takes 16, unix takes just as many, and Microsoft takes 7, that totals 39, but there were only 29 security advisories...Either they are counting open-source software that can be run on both Unix and Linux as a security advisory for both, or its just plain out wrong.

Here he shows just how much he know about multi-user systems:
Quote:
Even more troubling, perhaps, is the use of open-source software in routers, Web servers, firewalls, and other Internet-connected solutions. The Aberdeen Group says that this situation sets up these devices and software products to be "infectious carriers" that intruders can easily usurp.
There is no way that a linux/Unix machine can become an 'infectious carrier' unless an admin is very stupid or deliberately runs these 'infections' as root to populate them.

Quote:
Open-source software, commonly used in many versions of Linux, UNIX, and network routing equipment, is now the major source of elevated security vulnerabilities for IT buyers.
Well... considering that a large part of the linux community is not based on 'IT buyers', as we get our stuff for free... Then again, he obviously doesn't include the costs of the anti-virus, and the costs of bringing in a tech every time the worms start spreading all throughout the Microsoft network...

Quote:
This statement is particularly problematic because many Linux distributions lack the sophisticated automatic-update technologies modern Windows versions contain.
If we count RedHat, Mandrake, and Debian distributions that are actually in use versus, distributions that don't have this automatic updates... well lets just say that 'many' is one leg short of a chair. Find something real to complain about! between the time XP came out and sp 1 was released... I've fixed all the security patches in my system, upgraded from RedHat 7.3 to 8.0, and fixed all the new security patches, downloaded an updated kernel, never worried about an xml vulnerability in Internet Explorer... the list goes on. Additionally, the only update that required a reboot was the kernel update, and it wasn't mandatory as long as I wanted to run the current kernel. Its funny that the "sophisticated automatic-update technologies modern Windows versions contain" is screwed up. I would go to the windows update site, download my updates, and then the windows updater program would start up a few days/weeks later and re-download them!

Quote:
But despite the fact that Linux isn't as prevalent as Windows, we're still seeing a dramatic increase in Linux security advisories today. I think the conclusion is obvious.
Well actually the only hard evidence of an increase in security advisories was that we went from 1 trojan advisory to 2 this year. The conclusion might be obvious if we had a little more information... until then, I'll stick to RedHat 8, remaining an "infectious carriers"
MixMatch is offline   Reply With Quote
Old 2nd December 2002, 06:46   #28
MixMatch
Junior Member
 
Join Date: Dec 2002
Posts: 2
Using their own site as a test of their merit, here are the search results on the word 'virus':
http://63.88.172.128/wininfo/query.h...=110&lk=1&rf=0

108 that they considered important enought to talk about...
MixMatch is offline   Reply With Quote
Old 2nd December 2002, 08:12   #29
dopey
Senior Member
 
dopey's Avatar
 
Join Date: Jan 2002
Location: london,UK
Posts: 148
Send a message via ICQ to dopey
FUD anyone ?

well put mixmatch.. my phrasing of stuff aint good.
dopey is offline   Reply With Quote
Old 2nd December 2002, 14:02   #30
zootm
Forum King
 
zootm's Avatar
 
Join Date: Jan 2002
Location: the nether reaches of bonnie scotland
Posts: 13,375
i'd appreciate if you'd stop saying "fud". it is a silly word, and i don't know what the connotations are where you come from, but they ain't great here. in short, it's like running around saying "cunt".

but, as i've been saying, the more widespread linux becomes with users who are not computer literate (which, if linux developers continue their current trend of pulling their heads out of their arses, should hopefully be pretty soon...), the more security holes will appear. why? because no matter what the system, people who don't know what they're doing can be made to jeapordise their security.

zootm is offline   Reply With Quote
Old 2nd December 2002, 14:27   #31
fwgx
Rudolf the Red.
(Forum King)
 
fwgx's Avatar
 
Join Date: Nov 2000
Posts: 9,314
Admitedly that is true zootm, but also Linux can be made very secure if you know what your doing, whereas Windows cannot without disconnecting the network cable.



It's like buying a Ferrari, you can do 210MPH if you want but then most people don't want to or not in a position to. Just because you don't drive it that fast doesn't mean it can't go that fast and doesn't make it any less good.

.: fwgx.co.uk.:.My art:.

"We think science is interesting and if you disagree, you can fuck off."
fwgx is offline   Reply With Quote
Old 2nd December 2002, 14:32   #32
zootm
Forum King
 
zootm's Avatar
 
Join Date: Jan 2002
Location: the nether reaches of bonnie scotland
Posts: 13,375
Quote:
Originally posted by Phily Baby
Admitedly that is true zootm, but also Linux can be made very secure if you know what your doing, whereas Windows cannot without disconnecting the network cable.
as i've said before, if you can find a viable security vulnerability in my win2k box (that isn't present in linux), i'll believe you.

zootm is offline   Reply With Quote
Old 2nd December 2002, 14:56   #33
dopey
Senior Member
 
dopey's Avatar
 
Join Date: Jan 2002
Location: london,UK
Posts: 148
Send a message via ICQ to dopey
fud == fear uncertainty doubt.

old ibm trick that microsoft is well known for using such as its recent attacks on gnu/gpl.. such as the crap about it being like a virus. and the host of other shit they have been spreading to make customers think twice before switching to linux..

basically sly attacks usually completely bollox, but put out to scare companies from switching.

Its nothing rude check up about microsoft fud its getting pretty messed up actually they throw anything they can at linux.. you will see loadsa of exmaple of microsoft doing this shit over the past 2 years when the threat has become a reality.

Last edited by dopey; 2nd December 2002 at 16:19.
dopey is offline   Reply With Quote
Old 2nd December 2002, 15:39   #34
dopey
Senior Member
 
dopey's Avatar
 
Join Date: Jan 2002
Location: london,UK
Posts: 148
Send a message via ICQ to dopey
" as i've said before, if you can find a viable security vulnerability in my win2k box (that isn't present in linux), i'll believe you."

there probably are loads you just dont know about it yet, Just waiting for a hacker to exploit. which microsoft probably already knows about but wont do anything about until the exploit gets exploited its how microsoft works. if it cant be seen yet then its not a problem the usual fix is well pretty simple upgrade to our latest and greates which doesnt contain exploit xyz.. but contains hiddens exploits abc, def, ghi etc.. which service packs and several revisions will fix.. a few will be kept back to insure you upgrade to our next latest and greatest.. Thats how microsoft used to work.. I may be completely wrong and they have given up that practice for more honest business aproaches but knowing microsoft probably not this is just pure speculation by me,

linux its all out on the open.

oh yeah fud is fear uncertainty doubt not denial doh!!

check : http://www.geocities.com/SiliconVall...67/fuddef.html

linux specific: (pretty dated in linux terms)
http://www.geocities.com/SiliconVall...9267/fud2.html

the exact definition:
http://www.tuxedo.org/~esr/jargon/html/entry/FUD.html

linux specific: (dont know how out of date)
http://fud-counter.nl.linux.org/fud-faq.html

but as i said that whole document gets placed as fud.. microsoft based site writing a document that makes no sense, but is designed to make people who know no better jump out and say HAH Linux is buggy and insecure.. but as mixmatch pointed out properly the whole of that link makes no sence at all.. If then no one lashes back and points out how bullshit the document is its taken as fact.

Im not getting at you zootm you are pretty level headed.. but posters like the original poster that know no better aint and just blindly believe. How many people do you know that read tabloids and believe the shit they write, believe me i know quite a few.. Thats why i dont read tabloids dont mind sun page 3 but thats about it the rest of the newspaper is usually complete speculation and half truths.

the last link i recommend any one who doesnt know anything about linux to read.. It is very informative, and provides the facts ive glanced through it its not new though its still pretty old.
dopey is offline   Reply With Quote
Old 2nd December 2002, 16:34   #35
zootm
Forum King
 
zootm's Avatar
 
Join Date: Jan 2002
Location: the nether reaches of bonnie scotland
Posts: 13,375
thank you - it appears i wasn't fully versed in geekspeak. which is a bit of a let-down, for me

as i've said (not in this thread, though) i've gotten every person i know with any hacking/network experience to try and find security faults in my system. no-one, as yet, has. and as i've also said, that linux disk is on my desk, ready to install - i just need the HDD space.

zootm is offline   Reply With Quote
Old 2nd December 2002, 19:55   #36
xzxzzx
Forum King
 
xzxzzx's Avatar
 
Join Date: Aug 2002
Posts: 7,254
Internet Exploder!

Quote:
Originally posted by zootm
thank you - it appears i wasn't fully versed in geekspeak. which is a bit of a let-down, for me

as i've said (not in this thread, though) i've gotten every person i know with any hacking/network experience to try and find security faults in my system. no-one, as yet, has. and as i've also said, that linux disk is on my desk, ready to install - i just need the HDD space.
Hmmmmmm..... Time for me to rear my ugly head in the new linux vs windows stomping grounds.

Ok, you're running windows 2000. Better than 9x - I assume, for now, we are going to ignore 9x, as that's just a joke. First of all, do we count physical access to your machine? If so, give me an internet connection, CD burner, and a blank CD, and I'll be in your system in under 1 hour. But, assuming we are talking over the network, that becomes more difficult. Even 98 is somewhat difficult over the network. However, it's not impossible. Also depends what you are running. IIS? I'll just wait until the next hole comes out, assuming you patch frequently.

Properly secured Linux box? You got physical access? Does not matter!

And by the way, what's this BS about Microsoft patching faster than Linux guys? Excuse me? MS? Quick patches? HUH? It takes months to get MS to *acknowlage* a security hole sometimes! There's a REASON why "white-hats" release security information "before MS has a patch for it" - becuase that's the only way they can get MS to *DO* something!

As for the article, pure BS/FUD (not that I like that term) all the way. Did you know 77% of statistics are made up on the spot? If you look at things the right way, ANYTHING is secure or unsecure. If you test a 98 machine the "right" way, it'll give you 100% uptime! And just becuase it's written, or part of an article from a "respected" source, doesn't mean it's true. If I recall correctly, the only setup to have survived OpenHack was a secured Linux box. Does that mean Linux is more secure than anything in the entire universe? No. Perhaps I'm wrong (I don't feel like looking it up right now, someone correct me if I'm wrong).

"Microsoft security: not even YOU can get access to your system!" :P

Anyway, I'll be back later to spew forth some more... uh... stuff.

So anyway, zootm, your machine is probably fairly secure, if you don't count physical access, and you don't use any other MS products with it (such as Internet Explorer, Outlook Express, etc). If you *do*, then I can show you just how insecure your machine is.

And yes, I know I've given people hell for using a derogitory term like "Microshaft", "M$", etc. But I couldn't help it this one time. If you have no idea what I'm talking about... that's your problem. Read harder.

Freedom of speech is the basic freedom of humanity. When you've lost that, you've lost everything.
1\/\/4y 34|<$p4y 1gp4y 33714y, 0d4y 0uy4y? | Roses are #FF0000; Violets are #0000FF; chown -R ${YOU} ~/base
The DMCA. It really is that bad. : Count for your life.
xzxzzx is offline   Reply With Quote
Old 2nd December 2002, 20:33   #37
hestermofet
Major Dude
 
hestermofet's Avatar
 
Join Date: Nov 2002
Posts: 1,763
Re: Internet Exploder!

Quote:
Originally posted by xzxzzx
"Microsoft security: not even YOU can get access to your system!" :P
Um, isn't that Linux? The dumbest thing I've ever heard of is requiring a password simply to change the screen resolution

For the freedom to express myself in my own way without fear of being censored or banned.
hestermofet is offline   Reply With Quote
Old 2nd December 2002, 21:37   #38
zootm
Forum King
 
zootm's Avatar
 
Join Date: Jan 2002
Location: the nether reaches of bonnie scotland
Posts: 13,375
Re: Internet Exploder!

Quote:
Originally posted by xzxzzx
So anyway, zootm, your machine is probably fairly secure, if you don't count physical access, and you don't use any other MS products with it (such as Internet Explorer, Outlook Express, etc). If you *do*, then I can show you just how insecure your machine is.
the only microsoft products i use are windows 2000 and messenger (gotta have messenger, what can i say?).

when i was running a webserver, i was using apache... to be honest i'd never actually heard of IIS until fairly recently. apache was just the way it was done.

as for physical access, i have a big combat knife, and a locked door. plus i barely ever leave

zootm is offline   Reply With Quote
Old 2nd December 2002, 21:49   #39
xzxzzx
Forum King
 
xzxzzx's Avatar
 
Join Date: Aug 2002
Posts: 7,254
Re: Re: Internet Exploder!

Quote:
Originally posted by hestermofet


Um, isn't that Linux? The dumbest thing I've ever heard of is requiring a password simply to change the screen resolution

Uhhh... no. Linux: "So secure, ONLY YOU can get to your system".

Actually, Microsoft is more like: "So easy to use security, ANYONE can get access!"

Besides, maybe you don't like people changing your resolution. Or maybe, you realize that setting such things incorrectly can damage monitors (well, not most modern ones, but still). Ever think of that? OR, the fact that if your monitor doesn't get damaged, it'll turn off, preventing you from fixing it! (though, due to the power of Linux, you can still go to a command line, or use a networked shell, or .. etc)

The dumbest thing I'VE ever heard of is an O/S where the ultimate hacking skill is pressing "cancel". (9x)

Or maybe how the hashing algorithm is so weak it takes under a minute to crack any password? (95)

Or where a password gets stored in such an obvious place that anyone that can press F8 at the right time and type in "Del c:\windows\*.pwl" gets full access to a system. (9x)

Or maybe an O/S with such a flagarent hole, that you can delete everything in the \windows directory by getting someone to read an E-mail, or visit a website (XP).

Or where you can get access to someone's shares in about 5 minutes, because of a stupid 3.1 backwards compatability "feature". (9x)

Or where having physical access plus a certain CD gives you ultimate access (Windows, all released versions, perhaps not 2000, XP, havn't tried)

Or maybe where you have to reboot if you reconfigure a DNS address (9x, NT, maybe 2000)

Or reboot to change resolution or screen depth (95 (I think!))

Or how about how IIS's security can be bypassed because Microsoft programmers couldn't seem to consistantly code a proper Unicode decoder (long since fixed, I think)

BTW, 9x includes "ME" (minimal enhancement, as I like to think of it)

I can go on, but I think you get the point. Having to type in your root password to change the screen resolution is a little annoying, but reinstalling XP, or not being able to access your favorate website (why, forums.winamp.com, of course) for the 3rd time that week (because of a hacker, or a virus (anyone hear of that little guy, Code Red?)) is a little more annoying, don't you think?

Windows is generally built upon "Of course he has access, unless someone says no" (at least, 9x is). Linux is built on "Of course he doesn't have access, unless someone says yes".

Freedom of speech is the basic freedom of humanity. When you've lost that, you've lost everything.
1\/\/4y 34|<$p4y 1gp4y 33714y, 0d4y 0uy4y? | Roses are #FF0000; Violets are #0000FF; chown -R ${YOU} ~/base
The DMCA. It really is that bad. : Count for your life.
xzxzzx is offline   Reply With Quote
Old 2nd December 2002, 21:55   #40
xzxzzx
Forum King
 
xzxzzx's Avatar
 
Join Date: Aug 2002
Posts: 7,254
Ha! a new page, all mine, mine, mine! BWAHAHAH! Yes, it's mine, my own, my prrreccciousssssss!

Freedom of speech is the basic freedom of humanity. When you've lost that, you've lost everything.
1\/\/4y 34|<$p4y 1gp4y 33714y, 0d4y 0uy4y? | Roses are #FF0000; Violets are #0000FF; chown -R ${YOU} ~/base
The DMCA. It really is that bad. : Count for your life.
xzxzzx is offline   Reply With Quote
Reply
Go Back   Winamp & Shoutcast Forums > Community Center > General Discussions

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump