 |
 |
|
 |
|
 |
|  |
|  |
|
 |
|
 |
|  |
|  |
|
 |
clipka wrote:
> So if some infiltrated Windows systems would be an inflammation, I'd liken some
> infiltrated Linux systems to a sepsis.
Plus, it's generally a lot easier to infiltrate a web server using code
injection or something than it is to infiltrate a kernel. :-)
--
Darren New, San Diego CA, USA (PST)
"We'd like you to back-port all the changes in 2.0
back to version 1.0."
"We've done that already. We call it 2.0."
Post a reply to this message
|
 |
|  |
|  |
|
 |
|
 |
|  |
|  |
|
 |
Darren New <dne### [at] san rr com> wrote:
> This happened to be some mips-specific assembly. Not exactly exotic, but
> then why are you changing that file if you don't have a mips chip to test it
> on in the first place?
In a commercial project, I'd say maybe because the developing company doesn't
have a mips system to test it on, and has made an agreement with one of its
customers who needs this fix. But still the change should not be included in
the main branch before the customer has confirmed that it does compile and fix
the issue.
Post a reply to this message
|
 |
|  |
|  |
|
 |
|
 |
|  |
|  |
|
 |
clipka <nomail@nomail> wrote:
> I dare to disagree - I'd even postulate that Linux poses a *higher* security
> risk than Windows.
> Why?
> Because Windows has its highest popularity on Desktops. Yeah, that makes great
> targets, and a great number of them to set up bot networks.
You are twisting the whole thing in a really strange way.
It doesn't change the fact that Linux is more secure for the average
user than Windows is, for the simple reason that Linux is not targetted
as much as Windows is.
--
- Warp
Post a reply to this message
|
 |
|  |
|  |
|
 |
|
 |
|  |
|  |
|
 |
clipka <nomail@nomail> wrote:
> Warp <war### [at] tag povray org> wrote:
> > (And before anyone says anything, no, Windows is not better. Windows is
> > year after year always at the top of the list of most security flaws found
> > during the year.)
> True, but the superiority of Linux crumbles in my eyes, if the responsible
> people brush aside security holes that easily.
Then the answer is rather simple, isn't it: Don't use Linux.
> And knowing (through obvious proof) that the Linux kernel code isn't checked
> with professional tools
Define "professional tool".
> I'm not saying "they're worse than Microsoft" - all I'm saying is "they're no
> better".
That's BS. Basically every time a security hole is found in the linux kernel,
a patch appears in a matter of *hours*.
How soon do you get security patches for Windows when security flaws are
found? Certainly not within hours. At best within days, at worst within
months (yes, it has happened).
So yes, the linux community *is* better in security than MS is.
--
- Warp
Post a reply to this message
|
 |
|  |
|  |
|
 |
|
 |
|  |
|  |
|
 |
Warp wrote:
> It doesn't change the fact that Linux is more secure for the average
> user than Windows is, for the simple reason that Linux is not targetted
> as much as Windows is.
I think he's saying the average Linux user isn't the same as the average
Windows user, and the average Linux's user's machine is more valuable to
attack. You're just measuring two different ways.
--
Darren New, San Diego CA, USA (PST)
"We'd like you to back-port all the changes in 2.0
back to version 1.0."
"We've done that already. We call it 2.0."
Post a reply to this message
|
 |
|  |
|  |
|
 |
|
 |
|  |
|  |
|
 |
clipka wrote:
> Darren New <dne### [at] san rr com> wrote:
>> This happened to be some mips-specific assembly. Not exactly exotic, but
>> then why are you changing that file if you don't have a mips chip to test it
>> on in the first place?
>
> In a commercial project,
Sure. This isn't a commercial project, tho.
Actually, in my experience, it's really hard to find help with getting
consulting on Linux open source projects. There's just nobody willing to
rent you their experience with some piece of software, when they could
instead sell you some other software they wrote that's proprietary. The
whole idea that you'll make money with FOSS by selling consulting services
seems to not be very common at all.
--
Darren New, San Diego CA, USA (PST)
"We'd like you to back-port all the changes in 2.0
back to version 1.0."
"We've done that already. We call it 2.0."
Post a reply to this message
|
 |
|  |
|  |
|
 |
|
 |
|  |
|  |
|
 |
Warp <war### [at] tag povray org> wrote:
> You are twisting the whole thing in a really strange way.
I'm not twisting the thing, I'm just twisting the perspective. And I wouldn't
call it strange, but rather just unconventional.
> It doesn't change the fact that Linux is more secure for the average
> user than Windows is, for the simple reason that Linux is not targetted
> as much as Windows is.
I'm not saying "Linux kernel needs more attention because it is less secure".
I'm saying "Linux kernel needs more attention because a breach of the Linux
kernel poses a higher security risk". Seen from a larger perspective than just
the rather egocentric "how safe is *my* individual computer" perspective.
Post a reply to this message
|
 |
|  |
|  |
|
 |
|
 |
|  |
|  |
|
 |
Warp <war### [at] tag povray org> wrote:
> clipka <nomail@nomail> wrote:
> > Warp <war### [at] tag povray org> wrote:
> > > (And before anyone says anything, no, Windows is not better. Windows is
> > > year after year always at the top of the list of most security flaws found
> > > during the year.)
>
> > True, but the superiority of Linux crumbles in my eyes, if the responsible
> > people brush aside security holes that easily.
>
> Then the answer is rather simple, isn't it: Don't use Linux.
No, the answer is rather, "Stop proclaiming that Linux' security is superior",
or "Get back to making Linux as secure as it is claimed to be".
> > And knowing (through obvious proof) that the Linux kernel code isn't checked
> > with professional tools
>
> Define "professional tool".
In this sense, roughly speaking anything that a professional SW developing
entity would be willing(!) to pay more money for than the average hobbyist
would be willing to spend.
Note that free software might qualify in this sense, too.
> > I'm not saying "they're worse than Microsoft" - all I'm saying is "they're no
> > better".
>
> That's BS. Basically every time a security hole is found in the linux kernel,
> a patch appears in a matter of *hours*.
Did you verify that assumption, or are you just repeating hearsay?
I see now a security hole which the top hats apparently weren't even *willing*
to fix, and flawed code which I assume would have been discovered earlier in a
commercial environment - so I'm throwing that hearsay overboard right now
because *that* seems to be BS.
> How soon do you get security patches for Windows when security flaws are
> found? Certainly not within hours. At best within days, at worst within
> months (yes, it has happened).
>
> So yes, the linux community *is* better in security than MS is.
By now I seriously doubt it.
Post a reply to this message
|
 |
|  |
|  |
|
 |
|
 |
|  |
|  |
|
 |
Darren New <dne### [at] san rr com> wrote:
> > email virii
>
> I saw a great rant from someone who actually knows Latin about "virii".
> "Virii" is apparently the plural of some completely unrelated latin word,
> like "voice" or "people" or something. "Virus" is apparently already a mass
> noun not unlike "stuff".
Actually, the word "virus" is taken from latin, originally meaning
"slime/poison/venom" ; the correct latin plural would be "vira", while "viri"
would be singular genitive; a double-i form ("virii") does not exist.
There's also a latin word having the plural form "viri" - that would be "vir",
meaning "man/hero"; again, no double-i form here.
If there existed a lating word with the plural form "virii", it would have to be
"viri" in singular. To the best of my knowledge, there is no such word in latin.
Post a reply to this message
|
 |
|  |
|  |
|
 |
|
 |
|  |
|  |
|
 |
On 19-7-2009 21:17, Darren New wrote:
> Warp wrote:
>> It doesn't change the fact that Linux is more secure for the average
>> user than Windows is, for the simple reason that Linux is not targetted
>> as much as Windows is.
>
> I think he's saying the average Linux user isn't the same as the average
> Windows user, and the average Linux's user's machine is more valuable to
> attack. You're just measuring two different ways.
>
A third difference is that Linux administrators of those more critical
machines are generally more aware of threads and more knowledgeable.
<back to lurk mode for this thread>
Post a reply to this message
|
 |
|  |
|  |
|
 |
|
 |
|  |