FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 03-29-2008, 03:33 PM
Manuel Aróstegui
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

El sáb, 29-03-2008 a las 12:24 -0400, Jim escribió:
> Read article

That's cool, but it's far to be the real scenario we face everyday.
I guess that Linux box was secure but the truth here, as far as I've
been able to see is that either Windows or Linux (I have no mac
experience) are both pretty insecure if they're been running by a dumb
administrator.
It is clear that a Linux, out of the box, has less chances to be hacked
than a windows in the same situation.

But for me, this hacking contest does not represent a real scenario.

Anyways, I'm glad Linux survived, do not take me wrong :-)
Manuel
--
Manuel Arostegui Ramirez.

Electronic Mail is not secure, might not be read every day, and should not
be used for urgent or sensitive issues.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-29-2008, 10:35 PM
Manuel Aróstegui
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

El sáb, 29-03-2008 a las 12:19 -0600, Arthur Pemberton escribió:
> So you're saying a concentrated effort to hack a single machine (only
> one with Linux) is an easier test than machines randomly on the
> internet operated by noobs who barely know how to change advanced
> settings? The arguement is always made that noobs stick with the
> defaults, most distro defaults are pretty secure.

I'm saying the opposite.
It's great they couldn't hack it, but as you say there're loads of
machines operated by noobs, so the fact of not being able to hack that
machine in the contest doesn't mean that the noobs can feel safer
because they run a Linux distro in their servers.

Manuel.
--
Manuel Arostegui Ramirez.

Electronic Mail is not secure, might not be read every day, and should not
be used for urgent or sensitive issues.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-30-2008, 09:27 AM
Manuel Aróstegui
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

El sáb, 29-03-2008 a las 19:04 -0600, Arthur Pemberton escribió:
> Ah. Then we can agree. Frankly, I blame Microsoft and all the geeks
> who seem to feel for being geeks and want to dumb everything down.

Whatever you say.

--
Manuel Arostegui Ramirez.

Electronic Mail is not secure, might not be read every day, and should not
be used for urgent or sensitive issues.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-30-2008, 09:43 AM
Tim
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

On Sat, 2008-03-29 at 19:04 -0600, Arthur Pemberton wrote:
> I blame Microsoft and all the geeks who seem to feel for being geeks
> and want to dumb everything down.

Those of us who remember personal computing before Microsoft was but
tiny company would probably agree that it was a bad idea to make
computers something the ignorant could play with, they used to be the
domain of experts and people actually interested in computing. Computer
systems need to be much better designed before it's going to be okay for
toy computing, both to protect the ignorant, and everyone else that they
interfere with.

You're not a true computer admin unless you wear a white lab coat, and
have the CPU op-code cheat sheet in the coat pocket... ;-)

--
(This computer runs FC7, my others run FC4, FC5 & FC6, in case that's
important to the thread.)

Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-30-2008, 09:56 AM
Manuel Aróstegui
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

El dom, 30-03-2008 a las 20:13 +1030, Tim escribió:
> On Sat, 2008-03-29 at 19:04 -0600, Arthur Pemberton wrote:
> > I blame Microsoft and all the geeks who seem to feel for being geeks
> > and want to dumb everything down.
>
> Those of us who remember personal computing before Microsoft was but
> tiny company would probably agree that it was a bad idea to make
> computers something the ignorant could play with, they used to be the
> domain of experts and people actually interested in computing. Computer
> systems need to be much better designed before it's going to be okay for
> toy computing, both to protect the ignorant, and everyone else that they
> interfere with.

Yep, that's why I think that having a good windows administrator and a noob running a Linux server
you'll have more possibilities to hack the linux machine than the
Windows one.

Again, out of the box and running both systems by default, it is obvious
that Windows is going to suffer mucho more to keep itself clean.

Arthur, this is the third time I say that I'm GLAD that they didn't hack
the Linux box, but it doesn't mean that Linux is invincible and Windows
can be easily hacked by a dog.
There are probably out there servers owned by really good Windows
sysadmins which are truly difficult to get compromised, and servers
owned by dumb Linux sysadmins that get hacked every single week.

Manuel.
--
Manuel Arostegui Ramirez.

Electronic Mail is not secure, might not be read every day, and should not
be used for urgent or sensitive issues.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-30-2008, 10:54 AM
Da Rock
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

On Sun, 2008-03-30 at 20:13 +1030, Tim wrote:
> On Sat, 2008-03-29 at 19:04 -0600, Arthur Pemberton wrote:
> > I blame Microsoft and all the geeks who seem to feel for being geeks
> > and want to dumb everything down.
>
> Those of us who remember personal computing before Microsoft was but
> tiny company would probably agree that it was a bad idea to make
> computers something the ignorant could play with, they used to be the
> domain of experts and people actually interested in computing. Computer
> systems need to be much better designed before it's going to be okay for
> toy computing, both to protect the ignorant, and everyone else that they
> interfere with.
>
> You're not a true computer admin unless you wear a white lab coat, and
> have the CPU op-code cheat sheet in the coat pocket... ;-)
>
> --

But then you probably wouldn't have the job you have now...

In some ways both views have pros and cons. But consider the
possibilities that have opened up for humankind in general from this one
technology. If computing wasn't as open as it is now, then we could
quite possibly be still banging rocks together in a cave somewhere...

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

Sun Mar 30 14:30:02 2008
Return-path: <fedora-list-bounces@redhat.com>
Envelope-to: tom@linux-archive.org
Delivery-date: Sun, 30 Mar 2008 14:05:47 +0300
Received: from hormel1.redhat.com ([209.132.177.33] helo=hormel.redhat.com)
by s2.java-tips.org with esmtp (Exim 4.68)
(envelope-from <fedora-list-bounces@redhat.com>)
id 1JfvMB-0002ef-9W
for tom@linux-archive.org; Sun, 30 Mar 2008 14:05:47 +0300
Received: from listman.util.phx.redhat.com (listman.util.phx.redhat.com [10.8.4.110])
by hormel.redhat.com (Postfix) with ESMTP id 547F861891B;
Sun, 30 Mar 2008 07:05:44 -0400 (EDT)
Received: from int-mx1.corp.redhat.com (int-mx1.corp.redhat.com
[172.16.52.254])
by listman.util.phx.redhat.com (8.13.1/8.13.1) with ESMTP id
m2UB5f1S007194 for <fedora-list@listman.util.phx.redhat.com>;
Sun, 30 Mar 2008 07:05:42 -0400
Received: from mx3.redhat.com (mx3.redhat.com [172.16.48.32])
by int-mx1.corp.redhat.com (8.13.1/8.13.1) with ESMTP id m2UB5fJa022911
for <fedora-list@redhat.com>; Sun, 30 Mar 2008 07:05:41 -0400
Received: from mars.math-info.univ-paris5.fr (mars.math-info.univ-paris5.fr
[193.48.200.18])
by mx3.redhat.com (8.13.8/8.13.8) with ESMTP id m2UB5RTh000448
for <fedora-list@redhat.com>; Sun, 30 Mar 2008 07:05:27 -0400
Received: from [127.0.0.1] (mars.math-info.univ-paris5.fr [127.0.0.1])
by mars.math-info.univ-paris5.fr (8.14.1/jtpda-5.4) with ESMTP id
m2UB5NbV009636
for <fedora-list@redhat.com>; Sun, 30 Mar 2008 13:05:24 +0200
Message-ID: <47EF73F3.3030000@math-info.univ-paris5.fr>
Date: Sun, 30 Mar 2008 13:05:23 +0200
From: =?ISO-8859-1?Q?Fran=E7ois_Patte?=
<francois.patte@math-info.univ-paris5.fr>
User-Agent: Thunderbird 2.0.0.9 (X11/20071115)
MIME-Version: 1.0
To: fedora-list@redhat.com
X-Enigmail-Version: 0.95.6
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
X-Miltered: at mars.math-info.univ-paris5.fr with ID 47EF73F3.000 by Joe's
j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-j-chkmail-Score: MSGID : 47EF73F3.000 on mars.math-info.univ-paris5.fr :
j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Status: Ham
X-RedHat-Spam-Score: -0.069
X-Scanned-By: MIMEDefang 2.58 on 172.16.52.254
X-Scanned-By: MIMEDefang 2.63 on 172.16.48.32
X-loop: fedora-list@redhat.com
Subject: scim and language bengali
X-BeenThere: fedora-list@redhat.com
X-Mailman-Version: 2.1.5
Precedence: junk
Reply-To: For users of Fedora <fedora-list@redhat.com>
List-Id: For users of Fedora <fedora-list.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>,
<mailto:fedora-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/fedora-list>
List-Post: <mailto:fedora-list@redhat.com>
List-Help: <mailto:fedora-list-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>,
<mailto:fedora-list-request@redhat.com?subject=subscribe>
Sender: fedora-list-bounces@redhat.com
Errors-To: fedora-list-bounces@redhat.com
Content-Transfer-Encoding: quoted-printable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Bonjour,

It seems that using bengali itrans in scim kills scim with a seg fault...=
.

Anybody has such an experience?

thanks
- --
Fran=E7ois Patte
UFR de math=E9matiques et informatique
Universit=E9 Paris Descartes
45, rue des Saints P=E8res
F-75270 Paris Cedex 06
T=E9l. +33 (0)1 44 55 35 61
http://www.math-info.univ-paris5.fr/~patte
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFH73PzdE6C2dhV2JURAr6nAKDNc3/AvNeIZQiAhnssAj0us/hWggCgwWVA
8clIyEIyb6bizDiZuHp3aAs=3D
=3D425w
-----END PGP SIGNATURE-----

--=20
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-30-2008, 04:14 PM
Les
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

On Sun, 2008-03-30 at 20:13 +1030, Tim wrote:
> have the CPU op-code cheat sheet in the coat pocket... ;-)
I memorized it and threw it away. Does that mean I fail the test?

Regards,
Les H

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-30-2008, 09:07 PM
Les
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

On Sun, 2008-03-30 at 14:07 -0500, Chris wrote:
> On Sun, 30 Mar 2008 15:48:27 -0300 (ADT)
> "George N. White III" <aa056@chebucto.ns.ca> wrote:
>
> > On Sun, 30 Mar 2008, Chris wrote:
> >
> > > Manuel Aróstegui wrote:
> > >> El sáb, 29-03-2008 a las 12:24 -0400, Jim escribió:
> > >>> Read article
> > >>
> > >> That's cool, but it's far to be the real scenario we face everyday.
> > >> I guess that Linux box was secure but the truth here, as far as
> > >> I've been able to see is that either Windows or Linux (I have no
> > >> mac experience) are both pretty insecure if they're been running
> > >> by a dumb administrator.
> > >> It is clear that a Linux, out of the box, has less chances to be
> > >> hacked than a windows in the same situation.
> > >>
> > >> But for me, this hacking contest does not represent a real
> > >> scenario.
> > >>
> > >> Anyways, I'm glad Linux survived, do not take me wrong :-)
> > >> Manuel
> > >
> > > Let's also not forget the most important part of the article - it
> > > mentioned something about Java allowing MS security to be
> > > circumvented.
> > >
> > > That leads me to think that if Java was not installed on that box,
> > > would it have been hacked?
> >
> > If you don't want to install Java you need to tell us what
> > alternative is going to provide better security. Many developers use
> > Java because the work needed to implement the functionality
> > (including the attention to security issues) would be prohibitive.
>
> I still feel that if Java was not installed on the MS box, it still
> raises the question, would the box have been hacked?
>
> Java is not part of the default install (afaik) XP, Vista, etc.
> One might ask, perhaps the folks that setup these boxen, did they
> knowingly install Java with the pre-thought that that would be a way
> in.
>
> > MS was chosen for this attack because the person who knew the Java
> > exploit also happened to be familiar with MS. Such attacks often
> > proceed in stages:
>
> Here again, this seems unfair. These tests should have been done on
> boxen that did not have 3rd part apps etc. Still seems like a tainted
> test.
>
> > 1. get user-level access via a browser, java, etc.
> > 2. elevate to "admin/root" privileges, which is where knowledge of
> > the specific OS comes in.
> >
> > Often the 1st step works on multiple platforms.
>
> Assuming the multi-platforms are setup with as close to the same
> programs as possible.
>
> >
> > > Perhaps not. So, I think the article is very misleading. To me, I
> > > could care either way. as pointed out else where in this thread, a
> > > properly patched and managed box (under any OS) can be very
> > > difficult to hack.
> >
> > Or not, if you happen to know of an unpatched vulnerability.
> >
> > > I wonder why (at least in this article) OpenBSD was not mentioned.
> > > Perhaps it was just a session that was betwix Linux & MS.
> >
> > OS X was the first to fall (via safari), so the BSD camp didn't fare
> > very well.
> >
>
> As you do know, I specifically mentioned OpenBSD. I would like to see
> them folks go against an out of the box install of Linux (any distro)
> and OpenBSD - that would be a telling tale indeeed.
>
> In any event, as we all also know, these sorts of tests and results can
> be manipulated to reflect any ones agenda - I for one, have never been
> a fan of these things. It really proves nothing.
>
> --
> fedora-list mailing list
> fedora-list@redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Well, to my knowledge, Microsoft adds their own version of Javascript
(or at least used to) and did at one time make changes to Java which
made it less secure, first by providing a file access process that was
not part of the original specification by Sun. Now I don't know what
was on the Microsoft system, nor do I know if the attack was actually by
Java or Javascipt, which is often confused by even technical media,
although they are entirely different languages with different means of
employment. But without further knowledge, I suspect that they used a
normal users configuration, and that would include Microsoft's default
installs, whatever they are, and maybe Java was added to be
representative. Have you tried browsing lately without Java? I
therefore expect that Java was also on the Linux box as well. However
gaining admin level via Java or Javascript on a linux box is more
difficult than the standard installation of windows as used by home
users.

Regards,
Les H



--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-30-2008, 09:55 PM
Tim
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

On Sun, 2008-03-30 at 20:54 +1000, Da Rock wrote:
> In some ways both views have pros and cons. But consider the
> possibilities that have opened up for humankind in general from this
> one technology.

Yeah, technical support lines, anti-virus companies, spam...

I view being asked to fix someone's PC like they'd just asked me to
unblock their loo with my bare hands.


--
(This computer runs FC7, my others run FC4, FC5 & FC6, in case that's
important to the thread.)

Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-30-2008, 09:58 PM
Tim
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

On Sun, 2008-03-30 at 14:07 -0700, Les wrote:
> Have you tried browsing lately without Java?

I generally do, I don't find it that commonly used. I don't bother
installing or, or I disable it in Firefox.

However, trying to disable various options in MSIE that you consider
insecure, usually manages to bork the entire thing into an unusable
state. Thankfully, the days of really needing MSIE are getting quite
thin.

--
(This computer runs FC7, my others run FC4, FC5 & FC6, in case that's
important to the thread.)

Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 

Thread Tools




All times are GMT. The time now is 03:15 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org