lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 21 Nov 2011 12:41:36 +0000
From: Darren Martyn <d.martyn.fulldisclosure@...il.com>
To: Benji <me@...ji.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Ubuntu 11.10 now unsecure by default

If that was aimed at me, I was merely making an example for people like xD.
Seriously. If you want to bitch about an OS, LEARN about it. Look at it
from the INSIDE. Set yourself GOALS.

I know an guy who wanted to know as much as he could about Win32, and even
though I consider him an expert on it he admits he knows next to nothing as
he has not been able to obtain src. I am merely admitting I do NOT
understand the Unix kernel as much as I want to, and stating that I have
set a goal of learning more. And then asking had anyone else set goals like
that. (also, by publicly announcing your goals, you "bind" yourself to them
as something you feel you have to do lest your peers - in this case the
people on FD - see you as less for your failures. Kind of using social
engineering against yourself :P )

On Mon, Nov 21, 2011 at 12:32 PM, Benji <me@...ji.com> wrote:

> Oh thank god, this thread has now become a case of 'look how big my penis
> will be in x amount of months'.
>
>
> On Mon, Nov 21, 2011 at 12:24 PM, Darren Martyn <
> d.martyn.fulldisclosure@...il.com> wrote:
>
>> Jason has a good point. Now to make a simple statement - I am not (nor
>> was I) agreeing with the Ubuntu bashing in this, merely stating a point
>> that it puts user friendliness over security AT TIMES. I only switched
>> distro for I had... Disagreements... with Ubuntu's Wireless stack in
>> installations more recent than 10.04LTS.
>>
>> I still run 10.04 "Netbook Remix" on the occasion that I have access to a
>> netbook (I no longer own even a desktop) and like it, it does the bloody
>> job, is easy to install rapidly, and does not require much fucking about
>> with. Sure, the purists may demand one compiles kernel from source, reads
>> parts (or all) of the src to look for POSSIBLE bugs, etc, and "builds their
>> own Linux", but I find that 8/10 times that is impractical, an unnecessary
>> complication, or merely too time consuming.
>>
>> Just as an aside, my goal once I aquire my own computer (or rather, a
>> replacement for the boxes I no longer have) is to do the following:
>> 1) Read the latest kernels source over a long period of time, looking for
>> bugs and to get a better understanding of how it works on that level
>> 2) Build my own distro
>> 3) Write my own network manager based off the LORCON/MadWiFi drivers
>> (using PyLORCON bindings) for the GNOME interface to replace the
>> not-reliable "network manager" applet.
>>
>> Is there anyone else on the list with similar aspirations to understand
>> the underlying OS on that level or is everyone content with simply bitching
>> about distros?
>>
>> On Mon, Nov 21, 2011 at 10:27 AM, Jason A. Donenfeld <Jason@...c4.com>wrote:
>>
>>> Hello Full Disclosure Hysterics & Friends,
>>>
>>> I have now read through five dozen complaints about how Ubuntu
>>> is fundamentally an "unsecure" operating system, filled with more holes
>>> than Swiss cheese.
>>>
>>> If somebody could direct me toward a local root exploit against a fully
>>> up-to-date Ubuntu 11.04 or 11.10 that attacks a piece of software that is
>>> installed by default, I would be most impressed and persuaded by your
>>> assertions, as well as being very appreciative.
>>>
>>> Thank you,
>>> Management
>>>
>>> _______________________________________________
>>> Full-Disclosure - We believe in it.
>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>> Hosted and sponsored by Secunia - http://secunia.com/
>>>
>>
>>
>>
>> --
>> My Homepage :D <http://compsoc.nuigalway.ie/%7Einfodox>
>>
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>


-- 
My Homepage :D <http://compsoc.nuigalway.ie/%7Einfodox>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ