lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: rodrigob at suespammers.org (Rodrigo Barbosa)
Subject: [inbox] Re: CyberInsecurity: The cost of Monopoly

On Mon, Sep 29, 2003 at 07:27:51PM -0500, Frank Knobbe wrote:
> Don't shift blame to the admins. There are good admins on Windows, and

"Shift blame" ? I'm not doing such a thing. Also, I'm not here
shift blaming from admin. I'm just saying the OS A_L_O_N_E should not
be blammed. There are bugs on OS, true. But one should not blame the
OSes alone. Work has to be done on the software, the admins, and on
users.

> In both cases, Windows and Unix, the role of the admin is important. But
> take the admin out of picture for the moment and just compare Unix to
> Windows from an architectural point of view.

You won't get an argument from me on that point. As I stated earlier,
I DO think Unix is much more secure then Windows. I don't have a single
Windows machine at home or at my company, for that matter.

So, before anyone else misinterpret what I said before, lemme try
to say it one more (and for the last) time:

1) I DO think Unices are more secure then Windows
2) I DO think Netware is more secure then Windows
3) I DO think MacOS and MacOS/X are more secure then Windows

ok ? Now, for the part I was stating earlier:

4) Some (most?) people try to lay all the fault on Windows (pick your OS
   here). But the OS is not at fault alone. Many, perhaps even most,
   vulnerable system (Unix, Windows etc) are so because of bad admins, who
   don't configure it correctly, don't install patches and so on
5) Users are, in many cases, also the most dangerous security related link
   do the chain

As some may recall, my original statement was an answer to someone that
was points that Unix is more secure then Windows (I agree up to this point),
and gave and example telling that there are still several codered vulnerable
machine around. This is the point I was commenting about. And you do
have to agree that is a machine, today, is still vulnerable to Codered,
it is mostly due to a fault of the administrator.

[]s



-- 
Rodrigo Barbosa <rodrigob@...spammers.org>
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030929/0847d02b/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ