Talk about a flame war!

Discussion topics, Linux related - not requests for help

Moderators: ChrisThornett, LXF moderators

Talk about a flame war!

Postby Bazza » Tue Jun 21, 2011 2:07 pm

Hi guys...

Make sure you read the comments too!

http://www.pcworld.com/businesscenter/a ... _ever.html

;-(
73...

Bazza, G0LCU...

Team AMIGA...
User avatar
Bazza
LXF regular
 
Posts: 1476
Joined: Sat Mar 21, 2009 11:16 am
Location: Loughborough

Postby johnhudson » Tue Jun 21, 2011 6:01 pm

As they say, 'Don't let facts get in the way of a good story.'
johnhudson
LXF regular
 
Posts: 876
Joined: Wed Aug 03, 2005 1:37 pm

Postby Rhakios » Tue Jun 21, 2011 6:18 pm

One thing about the original article, it claims that one of Linux's strengths is diversity, and yet we are often told that "under the hood" all Linuxes are very similar and our favourite magazine tels us it uses the command line in so many tutorials because that is the common factor between distros. So, if Linux became wildly popular, how long would it take malware writers to learn to exploit the underlying unity of Linux?
The main advantage is that "script-kiddies" aren't going to have much luck, but enterprising and clever malware writers might well be able to create kits from which others can create exploits.
In any event, social engineering will leave Linux, as well as any other OS open to interference.
Bye, Rhakios
User avatar
Rhakios
Moderator
 
Posts: 7634
Joined: Wed Apr 06, 2005 11:18 pm
Location: Midlands, UK

Postby guy » Tue Jun 21, 2011 7:34 pm

Social engineering is certainly the easiest route in for any malware (since IE6 anyway). Linux is only safer as long as the malware expects Windows or maybe MacOS underneath.

Once in, a standardised platform is bad news. Android malware is growing, and current attempts to standardise the code - merging all those crayzee forks - will make things worse.

People generally don't pick up food lying in the highway and eat it. Yet they pick up shiny stuff lying in the information highway and click it, then wonder why they get the virtual runs.

BTW Bazza said, "Make sure you read the comments too!" I don't see any, but then NoScript tells me there are seven script servers itching for me to let them rip. I do wonder if there is a (socially engineered) connection. :roll:
Cheers,
Guy
The eternal help vampire
User avatar
guy
LXF regular
 
Posts: 1078
Joined: Thu Apr 07, 2005 12:07 pm
Location: Worcestershire

Postby nelz » Tue Jun 21, 2011 8:16 pm

Hardly an impartial piece. He complains about the use of security by obscurity by other platforms, then praises the diversity of Linux distros for providing exactly that. In ignoring the real security advantages of Linux he does more harm than good.
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
User avatar
nelz
Site admin
 
Posts: 8498
Joined: Mon Apr 04, 2005 11:52 am
Location: Warrington, UK

Postby guy » Tue Jun 21, 2011 9:00 pm

nelz wrote:Hardly an impartial piece. He complains about the use of security by obscurity by other platforms, then praises the diversity of Linux distros for providing exactly that. In ignoring the real security advantages of Linux he does more harm than good.

Eh? I think he praises the diversity of distros for being incompatible at the exploit level, making it hard for a black hat to reach a wide population. That's not the same thing.

Meanwhile aren't the user privilege model and openness of code genuine advantages over certain other OS?
Cheers,
Guy
The eternal help vampire
User avatar
guy
LXF regular
 
Posts: 1078
Joined: Thu Apr 07, 2005 12:07 pm
Location: Worcestershire

Postby nelz » Tue Jun 21, 2011 11:10 pm

Not exactly the same but similar. Neither approach actually blocks any form of attack, just makes the entry point a little harder to find. Yes, he does mention the real advantages, but gives them less credence. Had he concentrated on those advantages the piece would have been far better, but instead he detracted from them.

Having said that, I don't believe the user privilege model provides significant protection. It may prevent malware from modifying your root partition (if you don't fall for the social engineering aspect and give a password) but it in no way stops your computer being used as a spambot for example.
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
User avatar
nelz
Site admin
 
Posts: 8498
Joined: Mon Apr 04, 2005 11:52 am
Location: Warrington, UK

Postby johnhudson » Wed Jun 22, 2011 8:38 am

nelz wrote:Hardly an impartial piece. He complains about the use of security by obscurity by other platforms, then praises the diversity of Linux distros for providing exactly that. In ignoring the real security advantages of Linux he does more harm than good.


I'd assumed Katherine Noyes was a woman.
johnhudson
LXF regular
 
Posts: 876
Joined: Wed Aug 03, 2005 1:37 pm

Postby Marrea » Wed Jun 22, 2011 8:56 am

johnhudson wrote:I'd assumed Katherine Noyes was a woman.

I was just wondering how long it was going to take for someone to mention that! :)
User avatar
Marrea
LXF regular
 
Posts: 1873
Joined: Fri Apr 08, 2005 9:32 pm
Location: Chilterns, West Hertfordshire


Return to Discussion

Who is online

Users browsing this forum: No registered users and 1 guest