lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: dfs at roaringpenguin.com (David F. Skoll)
Subject: Re: January 15 is Personal Firewall Day, help
 the cause

On Thu, 15 Jan 2004, Exibar wrote:

>    Sorry to disagree with you, but telling people to simply not use windows
> and not use Outlook is like telling people not to ride in a car for the fear
> of getting into an accident.

No, it's telling them not to drive a Pinto when they could drive something
safer.

>    So you're telling me that if I don't run Windows and I don't run Outlook
> that I'm 100% safe?  Horsesh*t!

You are very much safer.  Our mail server receives on the average day 70
viruses from cracked Windows machines, and none from cracked Linux machines.
We still receive several Nimda hits a day, and none from cracked Linux
machines.

>  If I install Linux and not Windows XP (for
> example) I'm safe?  There isn't anything else that I have to do?

A default install of a modern Linux distro includes firewalling rules
by default, and is fairly safe.

>    Why not EDUCATE the end-user on how to use Windows and Outlook safely?

Because it is impossible to use Windows safely; the very design of the
operating system is flawed.  This is not just my opinion; it's also that
of Bruce Schneier and many other people, some of whom lost their jobs
for speaking out.

> BTW:  Not running Anti-virus software is just plain stupid (I will not
> respond to any flames on this point, so don't bother).

Why?  We have no machines that are susceptible to the viruses that are
in the wild.  We do, of course, drop .exe, .com, etc attachments on
our mail server, but that's just to save disk space and stop annoying
messages from filling our mailboxes.

> Plain and simple.
> I'm very surprised that any company is able to run that way.

We have since 1999, and haven't had any problem.  If you don't use Windows,
you don't need anti-virus software.

Regards,

David.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ