LinkBack URL
About LinkBacksyour usual "HAL cures cancer" argument? not sure how it's relevant
your usual "HAL cures cancer" argument? not sure how it's relevant
because why should all drivers be allowed to perform certain actions?
not all should be allowed to CLI should they?
the HAL not only provides most of the functionality you need, promots code reuse etc but also improves security because each HAL type can have different rules put on it.
In this case its not so much the cureing cancer by good code practices that improve stability, reduce developement time, and indevidual driver complexity. But instead the abstraction also has plenty of security features built in, boundry overwriting etc.
throw new ArgumentException (String, String, Exception)
That is very true, although the argument runs that because of te open source code, it is subject to peer review, and so vulnerabilities are identified and patched generally before they are exploited. the counter argument is that because the code is open, those with bad intent can search for any potential vulnerabilities. While Linux is predominantly used corporately in a server environment, the former view is probably more accurate - writers of malware don't see a 'return on investment' in searching for and exploiting Linux/Unix vulnerabilities. (Although for a good read, I commend "The cuckoos Egg" by Cliff Stoll) The counter argument is that Windows is backed by a an organisation with huge resources dedicated to keeping the OS up to date (as a commercial product, it is not in their interests to court bad publicity by failing to identify and patch vulnerabilities as they are detected.Originally Posted by TheAnimus
I did sy in an earlier post that home users who try Linux are probably more computer literate - however most Linux distros (AFIK) do try to enforce basic Sy procedures - if only by encouraging the use of a non-root account. This (for reasons I gave earlier) is something that Windows (NTFS versions) has not done. (I'm discounting 95/98/ME and DOS based systems as they are inherently insecure)
I had a quick look into this issue - and there is a body of opinion that regards both Linux and NT kernels as macro kernels, although there is some acknowledgement taht NT started life with micro kernel concepts. While microkernels may be more stable, I am not sure in my own mind if that makes a kernel better from a security point of view, although there may be other advantages/disadvantages. But it does reinforce that point that a secure computer system has to be designed as a secure system, having a secure kernel does not automatically ensure a secure system.
You haven't defined what is 'better'! Its a bit like saying oranges are better than lemons. Oranges are more colourful and sweeter, lemons go better with a Gin and Tonic!
I would agree with that. If/when the linux home user base grows, then miisconfigured systems will be vulnerable to attack and we may see a rise in malware written for *nix systems - because there will be more misconfigured systems.
(\__/)
(='.'=)
(")_(")
Been helped or just 'Like' a post? Use the Thanks button!
My broadband speed - 750 Meganibbles/minute
the people who put in the work take things in directions that make most sense to them. some things go into the kernel, some things come out. there's a move to pull filesystems out, for example (modern ntfs support happens in userspace, via a common kernel layer called FUSE). and whilst you're right that putting in some kind of safety net is a good idea, that's largely from a background where a company writes a windows driver once, throws it to the wild, and never looks at it again. despite the supposed cancer-curing abilities of a HAL, i've had a hell of a lot more survivable kernel oopses than i have STOP errors, in similar subsystems like graphics and networking. and there are no "write once & forget" benefits to it when drivers live in the same place rather than in ancient .zip files on taiwanese ftp servers
Right I think ill go through this thread and pick out what people suggest.
To mycarsavw, I had two laptops (uni one and one i bought myself) The one from Uni was getting abit sluggish and that kind of thing under XP and I really couldnt be bothered to sit there and install Windows, so while at Uni I chucked Ubuntu on it and am pretty happy with it.
One thing, I can't get wireless working. When I go into the network options, then select Wireless Network its picking up the wireless router, I enter the WEP (Hex) key and set it all the way it was when the laptop was Windows based but it just wont connect it seems, is there something I have missed, something really simple?
is that a wireless connection set via the old hard-coding window:
or the modern "roaming" network-manager in the system tray:
?
Ah, think I may have got you confused with someone else. Someone PMd me a while ago to discuss Ubuntu going on a spare box but they didn't have the space for it.
The first way, to be honest i didnt even notice "roaming" thing
to be honest, don't try and use the old UI - it's not needed anymore, and is useless for wireless. it's the norm on most modern distros (e.g. ubuntu 8.04) to push network-manager everywhere. just click the network icon in the system tray to see available networks (and do things like connect to a vpn)
Ok thanks mate
After Debian's epic SSL blunder, a world of hurt for security pros | The Register
Bit of a revival for this, this is the reason why people have to take security on ALL operating systems seriously, just because yours might not have the highest user base, so few people target, dosen't mean that incredibly serious flaws aren't going to be present.
I would say that regardless of it you think open source makes it easyer to find exploits (which i've yet to ever find anyone who's black or white hat say) why proper security is important. Think of every attack vector, be it someone bumping off your connection upstream and userping, or just installing a virus scanner on all platforms, with defs for all platforms. If someone gives you a stick for for a win box, you read it on urs its 'nice' to be able to know that its infected. Given the cost of antivirus in overheads, its well worth it.
throw new ArgumentException (String, String, Exception)
mycar, i am that person mate, I just decided not to go for a new box and used the laptop.
Oh for **** sake. Lets not overblow the flaw and call it 'epic', the register are world renowned for being retarded at writing accurate articles, and this particular article is by far no exception. The flaw is linked to how Debian provides inadequate random entropy, it merely makes the keys 'more predictable' (read: a bit easier to brute force attack).The flaw has been identified, patches fixing the problem have been tested and pushed, along with a list of blacklisted keys, all in the matter of days. It's now only a problem for people who had their keys signed by public CAs, using one particular crypto-algo. and that's about it.
AND IN NO WAY WHAT SO EVER WOULD A ****ING ANTIVIRUS DEFEND AGAINST IT!.. THE VIRUS SCANNERS DONT EVEN LOOK FOR MYTHICAL AND LONG SINCE EXTINCT LINUX VIRUSES, THEY ONLY LOOK FOR WINDOWS VIRUSES WHICH CANT RUN, DO YOU UNDERSTAND?
And you had the nerve to call me a moron.
epic is fair, purely because of the seriousness of the problem even thou the reasons behind it where nice and complex. Reducing the searchspace for cyrptographic attacks by such a factor is serious, given how long the floor was in the wild, who's to say it was descovered by the white hats first? No one could possibly know.
And if you'll notice i never said that a virus scanner would prevent a spoofing attack.
Also why do you think they only look for windows viruses? Yes the Vast, Vast, Vast majority of the database will be windows ones that don't affect it (in the same way plenty of the dos,win9x,nt5 ones can't possibly infect vista). There are linux viruses out there, why wouldn't there be? Yes they're nothing like as common, and odds are most people will never have a problem with one (in the same way i've never actually needed a virus scanner since 1994 (which was on an Acorn ADFS format floppy!)) but its stupid to say its immune. Why? What do they have that stops them dead? Ps, check out the offering from Sophis, for a complete multiplatform commercial solution thats easy to manage, v good).
So, please stop saying their mythical and extinct. Their not. Hell i've been playing with m0n0 a lot lately, and have next week off, would you be less stupid about it if i wrote a simple virus?
My point is that flaws will happen in ALL code, be it kernel, kernel modules, or even user mode (yes there are plenty of user mode viruses out there!).
throw new ArgumentException (String, String, Exception)
DirectHex i dont see the roaming manager thing, is there something ive missed?
You're still thinking like a Windows user, Anti-Viruses are of ZERO value to *nix machines, I've yet to see a single paper which shows an anti-virus catching a virus that effects other users/processes, moreover, running an anti-virus which is able to read other processes memory would require kernel space escalation, moving more potentially bad and unsafe code into somewhere where it isn't wanted or needed. The significantly better solution is to use hardened toolchains and hardened kernel subsystems. BTW, the vunrability isn't 'spoofing' related, its a man-in-the-middle/crypto attack vunrability, not easy to pull off, thus 'epic' is a gross exhaduration, at best.
It is, and be my guest, a pointless execise considering you fatally require mono installed for it to run, try using C instead, at least that way you stand a chance of penitrating an infestable hole. And no 1996 distros, has to be an up to date distro with current patches applied. Knock yourself out.
I have yet to see anyone claim that *NIX platforms are flaw free and perfect, if that were the case, nobody would ever need source code acess to fix things. They just happen to be significantly saner and safer than Windows. And has a track record to prove as such.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote
