20070526:
Tyryne [court] I get into an argument with a MS Fanboy at work all the time
about this, his claim is that there is nothing wrong with Microsoft or
their software, it's the users fault 100% for not taking the steps to
secure.
Vertas [court] well, nothing is ever completely secure. except maybe a computer
disconnected from the internet, unplugged from the wall, and locked in a
steel cage in fort knox
Tyryne [court] Definitely, though most people don't expect to be vulnerable
from a JPG.
Rosuav [court] Vertas, true, but a LAMP system is heaps safer than Windows/IIS.
Vertas [court] I use linux and my main problem with windows is you have to work
so hard to be secure. Linux is just easier by default.
Rosuav [court] What's the difference? On Linux (as on all Unices, and OS/2, and
most other OSes), you have to explicitly open up access.
Tyryne [court] Weeeell.... I would say the difference is between having four
locks on your hotel door or having it open.
Rosuav [court] Not quite. The difference is between starting with a swiss
cheese and blocking the holes you can see, and starting with a steel wall
and cutting a door in it.
Rosuav [court] And there are standard doors available, ones which have locks.
Tyryne [court] I don't know if I would go that far, though with an average user
that analogy would make more sense. Technical users forget the learning
curve behind linux applications.
Rosuav [court] Of course, it's still perfectly possible to have an insecure
Linux system. But most of the problems are with applications - eg, an
exploit is found in Apache's modssl package, so all web servers that use
that are vulnerable.
Rosuav [court] The number of Linux base OS problems is low (it's just things
like ping-o-death, SYN flood, etc - direct attacks on the TCP stack,
usually).
Tyryne [court] Unfortunately most of what makes Linux is apps, in the eyes of
the average user the base apps are no different then than OS
Rosuav [court] Yes, they are, but you do have to explicitly run them.
Rosuav [court] There are HEAPS of *Critical* patches to Windows's base OS.
Rosuav [court] If you check Windows Update, you'll see the scope of each one (I
have this morbid curiosity sometimes)
Tyryne [court] Yes, but it goes to semantics again. The average user puts in an
Ubuntu disk and hits the install button, then has a flawed system.
Rosuav [court] Okay. Does the Ubuntu disk install networking services like ftpd
and invoke them on startup?
Vertas [court] from a website 'By default, Ubuntu ships with no open ports on
public interfaces'
Tyryne [court] Oh, I know. I peek at them all the time; Windows has many
critical flaws, and some of that can be attributed to the bloat of
incorporating many of the things that Linux OS (not apps) doesn't.
Tyryne [court] Others just shoddy programming.
Rosuav [court] Shoddy programming. Bing! You've just hit on the #1 cause of
computer problems.
Rosuav [court] Which, incidentally, is another area where OSS beats Windows
hands down. My shoddy code can be fixed by Fred, and vice versa.
Rosuav [court] Hmm. What's the smallest PC distro of Linux?
Vertas [court] distrowatch had a review of one recently that runs on old pcs
and it installs at 346MB. I have a mininmal system installed (no x) using
Debian that is about 100MB
Rosuav [court] Thanks Vertas
Tyryne [court] Yes, I procured the Vista Ult. edition.
Tyryne [court] I've been pleased with it so far, but get annoyed at some
things.
Tyryne [court] It's not immune to programming flaws.
Rosuav [court] Of course not. Nothing is.
Tyryne [court] It does shield the user alot, I was pissed when as a user on the
system I had to do a 5 step process of installing.
Tyryne [court] [ Did you start this action? ] YES, [ You will have to log on as
administrator ] YES, [ Press CTL-ALT-DEL to use Verified Windows Password
Entry ] CTL-ALT-DEL, [Enter your Username and Password]
Vertas [court] that was what made the PC/Mac commercial about vista security
features so funny
Tyryne [court] Yes, it was funny -- it was even less funny with the shoddy
driver detection, or the "You must uninstall NERO before upgrading to
Vista"
Rosuav [court] Uh? Doh.
Tyryne [court] Yeah, I didn't get the point, Uninstall it and reinstall right
after.
Rosuav [court] Did it install OK?
Tyryne [court] I think the upgrade could have handled that one. Yes, installed
fine on one computer, but a standard Dell with a popular internal video
card (can't remember top of head) got the 640x480 16 color install
Tyryne [court] Which felt like warping back in time
Vertas [court] god that would make my eyes hurt
Tyryne [court] Had a few drivers that didn't take, and a few that I had to go
get updated.
Tyryne [court] BUT in fairness, Vista popped up a message saying the driver
wasn't available and said "Press here to get more info" which popped up a
dialog box telling me the hardware didn't have a windows driver, but I
could go to <link> and get it, then opened the page right to the download
page of the hardware manufacturer.
Tyryne [court] Then again, if they knew exactly where it was located....
Tyryne [court] It was cute, but still begs to be upgraded to just say "Click
here to get new drivers from manufacturer [Warning: This is a 3rd party
driver]"
Tyryne [court] And then DL/INSTALL on click.