Mystery of chroot

David Boles dgboles at gmail.com
Mon Jul 23 01:32:58 UTC 2007 

on 7/22/2007 5:55 PM, monty19@ hotmail.com wrote:
>  >Sounds like you have limited experience with doz "security". Malware 
>  >that targets its security flaws is extraordinarily easy to acquire in 
>  >doz, and difficult to eradicate, short of reinstalling the whole OS 
> and >apps. It's even possible (easy, so I hear)
> 
> So you admit you have no actual experience to counter his 'limited' 
> experience...
> 
>  >to acquire malware in the interval between installation and completion 
>  >of installing security updates online from M$.
> 
> Do you really think that given adequate access (i.e. throw it up on the 
> internet with no firewall) to a Linux system with known vulnerabilities 
> this would not also be possible between the interval you install that 
> system and manage to update it? What makes you believe then that Windows 
> should magically behave any better.
> 
> Of course, you can spin an updated install disk with the latest packages 
> so that this is not the case with your Linux system. Of course, you can 
> slipstream the install for any of Microsoft's more recent operating 
> systems and expect the same.
> 
> Look, I am no fan of a lot of Microsoft's business and marketing 
> tactics; Microsoft has been inching it's way out of my computing 
> experience slowly but surely over the last couple years. But this is the 
> same kind of FUD Microsoft likes to spread about any of the *nix 
> operating systems.
> 
> A generic Fedora 7, Fedora 6, Fedora 5, (how far do you want to go 
> back), Solaris, Mac OS X, etc. install is likely to have security flaws 
> prior to being updated that are remotely exploitable under the proper 
> circumstances.
> 
> If you don't use yum or a similar tool to install any security updates 
> to your Fedora installation, fail to run a firewall, and carelessly 
> click on links, and open unexpected email attachments then you are no 
> better than the masses of Windows users who fail to install their 
> windows updates, fail to run a firewall, and carelessly click on links, 
> and open unexpected email attachments.
> 
> The difference is that because you are not running Windows you will 
> probably go just a bit longer than them before managing to infect your 
> system with one form of malware or another, only because most malware 
> written today is directed at the much larger number of Windows computers 
> out there.
> 
> I run Mac OS X on my laptop and linux on everything else, resorting to 
> Windows Vista for only an occasional game that I might want to play with 
> friends. i might run Windows once a week tops.
> 
> However, my wife uses Windows exclusively. She has no real interest in 
> Linux, Mac OS X, and so on. She is diligent about installing those 
> Critical and Recommended Windows updates, has the basic Windows Firewall 
> set up, and uses common sense when browsing the web and reading email. 
> She has NEVER had a problem with viruses, spyware, pop-ups, or any other 
> form of malware.
> 
> Conversely I have seen Linux and even Mac users who believe their system 
> is an iron fortress simply for the fact that they are not running 
> Windows, only to find root kits and other nastiness installed on their 
> system down the road.
> 
> And people will cry that the only way in which you can correct an 
> infected Windows system is to reinstall the operating system, but I 
> would argue that from my professional and personal experience that 99% 
> of the time this is completely untrue. Again, do you really believe that 
> when a system becomes infected with this garbage that there is no sound, 
> technical, and methodical manner in which you can remove these programs, 
> and restore the system? There are some truely nasty pieces of malware 
> out there that will employ tactics such as attempting to reinstall 
> themselves if all components are not removed, etc. I have had a 
> miserable time cleaning up more than a few of these, but I have never 
> had to give up on a machine and reinstall it, though time wise it may 
> have been just as effective to reinstall one or two of them.
> 
> Oh, and how does most of this start? User browses to website X and 
> recieves popup Y that says you can get this absolutely nifty free 
> program that installs super cool item Z (instant message icons, games, 
> screensavers, and whatever crap), and Joe user thinks hey, what a great 
> deal, and goes on and install it beginning the mess...
> 
> Really, your poorly informed arguments do nothing for improving the 
> cause of Linux.
> 
> With respect,
> Jason
> 
> P.S. I believe the operating systems name is Windows, not 'doz'; 
> demeaning a product or making silly attacks against its name really are 
> no way to make your case against the company.

Clap. Clap. Well said

-- 

  David

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 187 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20070722/6cbbb220/attachment-0001.sig>

More information about the fedora-list mailing list