[96850] in RedHat Linux List

home help back first fref pref prev next nref lref last post

Re: RedHat bugs???

daemon@ATHENA.MIT.EDU (Joshua Levitsky)
Thu Oct 29 16:55:09 1998

Date: Thu, 29 Oct 1998 16:37:45 -0500
To: redhat-list@redhat.com
From: Joshua Levitsky <jlevitsk@mindspring.com>
Cc: elawson@lr.net (Ed Lawson)
In-Reply-To: <199810292056.NAA22317@mu.gsnet.com>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com

At 04:05 PM 10/29/98 , Mike Bridge wrote:
>To say that people should know better is to ignore the problem.  The fact 
>is, Linux is growing rapidly as a cheap, secure alternative in business 
>and lots of people who haven't had any experience with it are being 
>asked to run them.  Linux is currently getting very positive press for 
>solidity and security, so why shouldn't it  "sound right" that it could to 
>fend 
>for itself with the millions of other machines visible on the web?  

Linux is as secure as you make it. If you build a house and don't bother to
install locks then you will get robbed. Your argument will probably be that
the builders should include locks or they aren't good builders... but you
know what? Show me a free house.. and then show me a free house with locks
in it. This is a free OS people. Put in your own locks in addition to the
locks that have been left for you to install. 


>My point is that it should be readily apparent from the very beginning of a 
>user's relationship with Linux that this isn't the case; all the Linux 
>distributions are just as vulnerable as Microsoft to bugs (they just get 
>fixed faster).  Given the evidence of widespread lack of knowledge about 
>this, it should be much more apparent to a newcomer that *although* you 
>just "installed" the OS, the installation isn't done: the next step is to 
>replace what they just installed with patches from ftp.redhat.com.
>We should never make the assumption that someone should just know 
>better, especially if we're trying to attract new people to Linux.  This is 
>the 
>kind of condescending attitude that sours potential interest from new 
>users.

Ok you setup a Windows NT box and don't bother to patch it up to the latest
security fixes. Gimme the IP and I'll wreck it for you. Please. Microsoft
doesn't tell people in the instructions to check for security updates. At
least it wasn't in my NT workstation instruction book. In the origional
post it was said that "Administrators" were installing it and getting
hacked. Admins should know better or they shouldn't be admins. Plain and
simple.

>The original writer mentioned that his hacker friend told him that RedHat 
>distributions are known to be insecure.  I strongly support Red Hat and I 
>know from experience there is a great deal of quality in the distribution. 
>That's why I don't want to see them acquire a bad reputation.

Any OS is insecure before you start configuing security on it. Possibly the
safest out of the box OS I've ever seen is MacOS but that's only because
Network services are so detached from the OS.

-Josh

--
Joshua Levitsky, EMTD, MCPS -- Service Desk x7777
Alpha Pager:    (888) 907-8446  /  Voicemail and Fax: (212) 656-1796
Help Desk Professional's visit: http://www.joshie.com/helpdesk/
Computer Sales: http://www.handtech.com/tcweb/jlevitsk/
----------------------------------------------------------------------
Windows 95: n. 32 bit extensions and a graphical shell for a 16 bit
patch to an 8 bit operating system originally coded for a 4 bit 
microprocessor, written by a 2 bit company.


-- 
  PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
		http://www.redhat.com http://archive.redhat.com
         To unsubscribe: mail redhat-list-request@redhat.com with 
                       "unsubscribe" as the Subject.


home help back first fref pref prev next nref lref last post