[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: peter at adamantix.org (Peter Busser)
Subject: RE: Linux (in)security
Hi!
> You're investing a significant amount of time into convincing us that
> linux boxes sitting on the internet (even when completely up to date and
> reasonably locked down) aren't 100% secure.
>
> Rest easy, each and every one of us knows this.
I would certainly hope so. :-) What I try to point out (and fail to do so it
seems) is that there are relatively simple methods that can already help quite
a bit to improve secutity of a Linux box.
If you read the following URL:
http://groups.google.com/groups?selm=20030525190037%2470c6%40gated-at.bofh.it
You'll see that one box got hacked 37 times in a year. The other box 0 times.
The difference: A kernel patch called PaX.
It seems to me that not all insecurity is created equal.
> The point raised by others in this thread (which you seem to object to,
> although you haven't really responded to) is that linux (operated by a
> knowlegable user) is 'stronger' than a similar Microsoft box.
How relevant, the wooden house vs. the grass house argument. The fact that
MS-Windows is less secure does not make Linux more secure. I think it is even
counter productive. If MS-Windows was perceived as more secure than Linux,
people would spend a lot of time improving the security of Linux systems. Now
there is the idea that it is not worth the effort, because Linux is after all
secure.
Groetjes,
Peter Busser
--
The Adamantix Project
Taking trustworthy software out of the labs, and into the real world
http://www.adamantix.org/
Powered by blists - more mailing lists