| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: madduck at madduck.net (martin f krafft) Subject: Re: Full-Disclosure] Anti-MS drivel [flame-bait ahead] also sprach Helmut Hauser <helmut_hauser@...mail.com> [2004.01.23.2154 +0100]: > Sometimes it?s to blame us administrators for not installing patches - > slammer and blaster patches were released way BEFORE the outbreak(s) occured > but most admins did not patch, > simply they dont?t even know that there is a patch available ! Could you > blame Microsoft on that ? Simply no, cause as admin I have to know about > patches/releases, I have to be on the MS security mailinglist and so on. when i patch a windows system, i encounter downtime and possibly a whole set of new problems. been there many times. when there is a security hazard in linux, i can fix it over ssh from a beach in malibu in 98% of the cases, requiring a restart of a single service. > e.g. I had to help out one large organisation (the famous infected notebook > thingy) to patch the whole IT, what a nightshift ... > > *nix admins patch regulary but some (so called) windows admins) don?t - > cause they did not realize that there is something to patch ... the source of this difference is deeper: (a) UNIX admins know computers and networks; windows admins know where the control panel is. (b) unix is modular; windoze is monolithic. flames -> /dev/null > I recommend the MS SUS server, it?s free, you can test patches > before approving them and it is inexpensive compared to SMS i recommend linux. it's free and it works. > - Change the behavior of XP Home (everyone is admin) - create an > own install account with warning background - SuSE like with bombs windows won't properly operate in all cases without admin rights, unless you spend hours tweaking it. remember: NT's help and print system did not work if you made c:\winnt read-only to everyone. > - Software vendors - change your installers - most games run only > as admin in WinXP ... little they can do with a flawed operating system. while in unix, security is being worked into the core, in the windoze world, security is a band aid you shuff on top of the other 100 you already stuck on. -- martin; (greetings from the heart of the sun.) \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@...duck invalid/expired pgp subkeys? use subkeys.pgp.net as keyserver! i'm currently out trying to find myself. If I should get back before i return, please keep me here. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: Digital signature Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040125/3e153707/attachment.bin
Powered by blists - more mailing lists