| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: jeremiah at nur.net (Jeremiah Cornelius) Subject: Microsoft prepares security assault on Linux ] -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wednesday 12 November 2003 07:49, amebix@...cast.net wrote: > With Linux you have the ability to not install certain things. With Windows > you have no choice, messenger will be installed and enabled. Its going to > be exploitable out of the box. This is true... A new XP box - installed from Media - requires over 90 MB of new download patches! God help the <128Kbps crowd. This is applied VERY slowly. We are talking two hours on a PIII 750MHz. Three reboots are required, with a manual re-initialization of the patching sequence. How will MS improve this? Mandatory patching? Retroactively enforced on machines they /can't/ get to install the current fixes? MS ought to make payments to high-speed ISPs! > Take for example Debian Woody. Quite > possibly the greatest operating system package ever released. No argument! But the security of Woody is subject to a bunch of apt-get 's after install - not too different from the MS situation - except for the speed! I always grab a subset of the Adamantix packages and I run Bastille to automate securing defaults on the whole mess. Paid for my paranoia... > Basic install > is a kernel, C library, shell, and networking functions , etc. Its > incredibly secure from default, and from that point on you download the > up-to-date packages that YOU WANT. Why does supposedly modern Windows require a reboot after installing .dot net crap? That would be like making Deb reboot after adding Python and XML/RPC libraries... After 9 years to work on this, 32-bit Windows really /is/ pathetic. I DO miss getting a working Deb 2.x in less than 35 MB. I'd recycle Sparc 5 and IPX machines this way for auth gateways and SMTP forwarders - etc... > Your not forced into anything you dont > need. Windows is not more secure, ANY and i do mean ANY bloated operating > system is going to be more vulnerable then one that is slimmed to your > needs. Yeah. The choir agrees. > Windows is just to bloated and therefore insecure compared to a > slimmed down Linux install. MS needs to kill the messenger service, enable > ICF and give the user some more power of his / her box when it comes to > security. Good point about MS Messenger being default, and ICF not! You can make meaningless counts of patches. You can compare numbers of incidents. You can make rhetorical mountains out of statistical molehills. Really, at the end of the day, MS lives in a glass-house. They will rue the stone-throwing, even if they do manage to damage corporate and government acceptance of Linux, etc. None of this posturing affects Winders security - just press releases and dubious "off-white" papers. The next Blaster waits around the corner. Bolting IPSec to a turd won't help! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQE/snTrJi2cv3XsiSARAgPvAJ4rp45KtjoBGXdUjxVL933AXXdoDwCfZzKx I1YkOny40W6WGkytn86BG7c= =XOo7 -----END PGP SIGNATURE-----
Powered by blists - more mailing lists