lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 1 Aug 2006 12:38:17 -0400
From: "Eliah Kagan" <degeneracypressure@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: 70 million computers are using Windows 98 right
	now

On 7/27/06, wac wrote:
> > >  Now, Linux is definitely not a natural migration pathway. That theory
> of
> > > adapting server oriented operating systems to the desktop, and believe
> if
> > > was going to be a succes has proven to be wrong.
> >
> > Really? Windows 2000, Windows XP, and Mac OS X seem to work pretty
> > well for novice users...
>
>
> Sorry I don't get the point here.
>
> > Or are you belaboring the misguided claim that Linux is fundamentally
> > a server-based system but that Windows NT is not?
>
>
> There was Windows NT workstation ;). With windows was the other way. From
> desktop to server. Of course you can change Linux so much that it won't be
> Linux anymore. Definitely putting an X server on top of unix won't make it
> ready for desktop, that's a fact.

Are you honestly claiming that Windows NT Server has a nonintuitive
user interface and yet Windows NT Workstation has an intuitive user
interface? (Or was that a joke?) They are the same operating system
except for additional executables and registry tweaks. When you said,
"server-based" I thought you meant "designed for enterprise
client-server situations." If you mean "designed to be used
exclusively on a dedicated server box operated by a technically
learned network administrator" then (by definition) no general purpose
operating system (be it Windows, Linux, FreeBSD, OpenBSD, NetBSD, or
any other) is server-based. Saying that noobs can't use Linux doesn't
make it so. FreeBSD is a particular general purpose operating system
that is perhaps almost exclusively used by people who know well what
they are doing (or are willing to put in the time and effort to
learn)--and Mac OS X is based on FreeBSD. (To be fair, some elements
are based on NeXTstep, which is another operating system used almost
exclusvely by the technically inclined.) This notion that you can't
take an operating system that has been traditionally hard to use and
make it easier is senslessly defeatist and unsupported by evidence,
though it may be partially self-fulfilling.

As an aside, if you're saying that Windows NT is even based on Windows
9x, I would take argument with this. Would you say that OS/2 is based
on Windows 9x? Windows 9x is based on, and essentially the same
operating system as, Windows 3.x, but Windows NT is wholly different
(and wholly superior).

> > Have them install ReactOS without assistance, and get back to me.
> > (Hopefully their machine doesn't have fake parity RAM.)
>
>
> Is the same way as windows 2000 and they have done that already.

It is the same way as Windows 2000 when it works...but if they have
installed it successfully, and they are technically clueless, then
that does speak well of ReactOS--it says that its installer can
compete with the installer in Ubuntu, or Fedora, or Mandriva...all
stable systems compared with ReactOS.

> > Or you could use NDISwrapper in Linux (or FreeBSD) and run your
> > Windows drivers, without rewriting any driver code. Sure, it doesn't
> > work for everything. Neither does ReactOS.
>
> Why try to put patches to linux when you can have a non patched system ready
> to go? And with 0 lerning time too ;). From the security point of view
> that's important since it starts right at the user. Remember how many
> security problems we see today with incorrectly configured systems.  Observe
> also that you have to patch the thing from 2 sides, putting an emulation
> layer on top of it and down in the kernel.

If your purpose is to run Windows programs in a Windows environment,
only, then ideally ReactOS is better than Linux--when ReactOS becomes
stable enough to be suitable for production environments, this will
really be the case.

It is worth mentioning that NDISwrapper is not a "patch" for Linux in
the sense that has all the connotations--it is a part of the kernel.
You don't have to be running a forked-off kernel to use
NDISwrapper--you just have to enable the module.

Many of the incorrectly configured systems are Windows systems, and
many are Linux or other *nix systems as well. These days, most are due
to network administrators going and turning services on that were off
by default without securing them. Almost all popular Linux
distributions today ship with services turned off by default or with
their ports firewalled by default.

> Yes there is sense. I'm making a critic to those that make things hard
> without need. Also why adapt a server oriented OS when you don't have to?

The operating systems you are referring to as "server oriented" seem
to be the ones that would be better-labeled "stable and powerful
enough to be used in big enterprise environments." Desktop
environments deserve to not crash and not suck too. 'Nuff said.

> What is more effective, that some people develop something situable or
> millions have to learn something without need? Definitely less resources
> will be wasted. And we are talking about a big difference.

Would you care to tell me about all the arcane skills that Mac OS X
users have had to learn to run their UNIX variant?

-Eliah

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ