lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1066843063.25918.8.camel@linus.calgary.chartwelltechnology.com>
From: ksmith at chartwelltechnology.com (Kenton Smith)
Subject: RE: Linux (in)security

What I find interesting about this is that the survey was done by a
company that sells security services. And of course I'm sure the news
release was put out by them as well.
Why not show in-house IT staff as being just as stupid as any other
user.
Sales pitch; "You need our services because your administrator was
tricked into giving his password in an online survey."

On Wed, 2003-10-22 at 08:12, Schmehl, Paul L wrote:
> > -----Original Message-----
> > From: Peter Busser [mailto:peter@...mantix.org] 
> > Sent: Wednesday, October 22, 2003 3:10 AM
> > To: full-disclosure@...ts.netsys.com
> > Subject: Linux (in)security (Was: Re: [Full-Disclosure] Re: 
> > No Subject)
> > 
> > In general people seem to believe that Linux is either secure 
> > or can be made secure by removing packages and unused 
> > services. This believe that Linus is already secure makes 
> > people uninterested in security. Why improve something that 
> > is already sufficient? Besides that, it is more rewarding to 
> > write a new window manager providing more and faster flashy 
> > eye candy than to fix potential memory allocation problems 
> > that noone ever notices. Well, until it becomes a problem that is.
> 
> Is it any wonder?  With thousands of rabid slash dotters cajoling their
> friends into switching to Linux because "it's secure out of the box" and
> "it can't be infected like Windows", what would anyone expect?  The same
> idiots that can't keep a Windows box from being owned are now using
> Linux.  And the result is the same.
> 
> Now, lest you get your hopes up and think it's possible to change the
> world, read this:
> 
> http://www.ukauthority.com/articles/story898.asp
> 
> After reading this, I had a good cry and then took some aspirin.  :-(
> 
> Paul Schmehl (pauls@...allas.edu)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/~pauls/
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ