FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 03-29-2008, 05:19 PM
"Arthur Pemberton"
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

On Sat, Mar 29, 2008 at 10:33 AM, Manuel Aróstegui
<manuel@todo-linux.com> wrote:
>
> El sáb, 29-03-2008 a las 12:24 -0400, Jim escribió:
> > Read article
>
> That's cool, but it's far to be the real scenario we face everyday.
> I guess that Linux box was secure but the truth here, as far as I've
> been able to see is that either Windows or Linux (I have no mac
> experience) are both pretty insecure if they're been running by a dumb
> administrator.
> It is clear that a Linux, out of the box, has less chances to be hacked
> than a windows in the same situation.
>
> But for me, this hacking contest does not represent a real scenario.

So you're saying a concentrated effort to hack a single machine (only
one with Linux) is an easier test than machines randomly on the
internet operated by noobs who barely know how to change advanced
settings? The arguement is always made that noobs stick with the
defaults, most distro defaults are pretty secure.


--
Fedora 7 : sipping some of that moonshine
( www.pembo13.com )

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-30-2008, 12:04 AM
"Arthur Pemberton"
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

On Sat, Mar 29, 2008 at 5:35 PM, Manuel Aróstegui <manuel@todo-linux.com> wrote:
>
> El sáb, 29-03-2008 a las 12:19 -0600, Arthur Pemberton escribió:
>
> > So you're saying a concentrated effort to hack a single machine (only
> > one with Linux) is an easier test than machines randomly on the
> > internet operated by noobs who barely know how to change advanced
> > settings? The arguement is always made that noobs stick with the
> > defaults, most distro defaults are pretty secure.
>
> I'm saying the opposite.
> It's great they couldn't hack it, but as you say there're loads of
> machines operated by noobs, so the fact of not being able to hack that
> machine in the contest doesn't mean that the noobs can feel safer
> because they run a Linux distro in their servers.


Ah. Then we can agree. Frankly, I blame Microsoft and all the geeks
who seem to feel for being geeks and want to dumb everything down.

--
Fedora 7 : sipping some of that moonshine
( www.pembo13.com )

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-30-2008, 09:48 AM
Colin Paul Adams
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

>>>>> "Tim" == Tim <ignored_mailbox@yahoo.com.au> writes:

Tim> Those of us who remember personal computing before Microsoft
Tim> was but tiny company would probably agree that it was a bad
Tim> idea to make computers something the ignorant could play

I don't. I think it is an excellent idea, but it has to be done very well.

Tim> You're not a true computer admin unless you wear a white lab
Tim> coat, and have the CPU op-code cheat sheet in the coat
Tim> pocket... ;-)

Nay. If you don't KNOW the op-codes by heart, you're not qualified :-)
P.S. It's a long time since I knew them by heart - when I was young
and foolish.
--
Colin Adams
Preston Lancashire

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-30-2008, 05:44 PM
"Arthur Pemberton"
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

On Sun, Mar 30, 2008 at 3:56 AM, Manuel Aróstegui <manuel@todo-linux.com> wrote:
>
> El dom, 30-03-2008 a las 20:13 +1030, Tim escribió:
>
> > On Sat, 2008-03-29 at 19:04 -0600, Arthur Pemberton wrote:
> > > I blame Microsoft and all the geeks who seem to feel for being geeks
> > > and want to dumb everything down.
> >
> > Those of us who remember personal computing before Microsoft was but
> > tiny company would probably agree that it was a bad idea to make
> > computers something the ignorant could play with, they used to be the
> > domain of experts and people actually interested in computing. Computer
> > systems need to be much better designed before it's going to be okay for
> > toy computing, both to protect the ignorant, and everyone else that they
> > interfere with.
>
> Yep, that's why I think that having a good windows administrator and a noob running a Linux server
> you'll have more possibilities to hack the linux machine than the
> Windows one.
>
> Again, out of the box and running both systems by default, it is obvious
> that Windows is going to suffer mucho more to keep itself clean.
>
> Arthur, this is the third time I say that I'm GLAD that they didn't hack
> the Linux box, but it doesn't mean that Linux is invincible and Windows
> can be easily hacked by a dog.
> There are probably out there servers owned by really good Windows
> sysadmins which are truly difficult to get compromised, and servers
> owned by dumb Linux sysadmins that get hacked every single week.

I still agree with you.

--
Fedora 7 : sipping some of that moonshine
( www.pembo13.com )

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-30-2008, 06:48 PM
"George N. White III"
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

On Sun, 30 Mar 2008, Chris wrote:


Manuel Aróstegui wrote:

El sáb, 29-03-2008 a las 12:24 -0400, Jim escribió:

Read article


That's cool, but it's far to be the real scenario we face everyday.
I guess that Linux box was secure but the truth here, as far as I've
been able to see is that either Windows or Linux (I have no mac
experience) are both pretty insecure if they're been running by a dumb
administrator.
It is clear that a Linux, out of the box, has less chances to be hacked
than a windows in the same situation.

But for me, this hacking contest does not represent a real scenario.

Anyways, I'm glad Linux survived, do not take me wrong :-)
Manuel


Let's also not forget the most important part of the article - it mentioned
something about Java allowing MS security to be circumvented.


That leads me to think that if Java was not installed on that box, would it
have been hacked?


If you don't want to install Java you need to tell us what alternative is
going to provide better security. Many developers use Java because the
work needed to implement the functionality (including the attention to
security issues) would be prohibitive.


MS was chosen for this attack because the person who knew the Java
exploit also happened to be familiar with MS. Such attacks often
proceed in stages:

1. get user-level access via a browser, java, etc.
2. elevate to "admin/root" privileges, which is where knowledge of
the specific OS comes in.

Often the 1st step works on multiple platforms.

Perhaps not. So, I think the article is very misleading. To me, I could care
either way. as pointed out else where in this thread, a properly patched and
managed box (under any OS) can be very difficult to hack.


Or not, if you happen to know of an unpatched vulnerability.

I wonder why (at least in this article) OpenBSD was not mentioned. Perhaps it
was just a session that was betwix Linux & MS.


OS X was the first to fall (via safari), so the BSD camp didn't fare very
well.


--
George N. White III <aa056@chebucto.ns.ca>
--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-30-2008, 07:12 PM
"Paul Johnson"
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

2008/3/29 Jim <mickeyboa@sbcglobal.net>:
> Read article
>
> Well guys, Linux is "KING" it couldn't be hacked, Vista and Mac went
> down in flames.
> Read article.
>
> http://www.linuxworld.com/news/2008/032908-with-vista-breached-linux-unbeaten.html
>
>
>
The article says Vista was hacked through a Java weakness that
probably affects all platforms. I wouldn't crow too loud about this
one.


--
Paul E. Johnson
Professor, Political Science
1541 Lilac Lane, Room 504
University of Kansas

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-30-2008, 09:35 PM
"Arthur Pemberton"
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

On Sun, Mar 30, 2008 at 2:13 PM, Kevin Kofler <kevin.kofler@chello.at> wrote:
> Paul Johnson <pauljohn32 <at> gmail.com> writes:
> > The article says Vista was hacked through a Java weakness that
> > probably affects all platforms. I wouldn't crow too loud about this
> > one.
>
> According to:
> http://dvlabs.tippingpoint.com/blog/2008/03/28/pwn-to-own-final-day-and-wrap-up
> it was actually Adobe Flash, not Java.
>
> Yet another reason not to install the proprietary Flash crap!
>
> Kevin Kofler
>

And there isn't ONE java either


--
Fedora 7 : sipping some of that moonshine
( www.pembo13.com )

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-31-2008, 01:10 PM
Bruno Wolff III
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

On Sun, Mar 30, 2008 at 14:07:17 -0700,
Les <hlhowell@pacbell.net> wrote:
> representative. Have you tried browsing lately without Java? I

Are you sure you are not confusing java with javascript? Maybe we use
different kinds of sites, but I haven't run across a problem with not
having java enabled. There are a few sites where I am willing to enable
javascript in order to make a site work.

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-31-2008, 01:27 PM
"Arthur Pemberton"
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

On Mon, Mar 31, 2008 at 7:10 AM, Bruno Wolff III <bruno@wolff.to> wrote:
> On Sun, Mar 30, 2008 at 14:07:17 -0700,
> Les <hlhowell@pacbell.net> wrote:
> > representative. Have you tried browsing lately without Java? I
>
> Are you sure you are not confusing java with javascript? Maybe we use
> different kinds of sites, but I haven't run across a problem with not
> having java enabled. There are a few sites where I am willing to enable
> javascript in order to make a site work.


I don't even have Java on my Fedora desktop and I browse with it all
the time. On my Windows machine I browse with NoScript, Javascript
blocked by default.


--
Fedora 7 : sipping some of that moonshine
( www.pembo13.com )

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 03-31-2008, 09:00 PM
George Arseneault
 
Default Linux is KING - Couldn't be hacked - Mac, Vista went down in flames

Don't mean to be critical... But, out of respect for
people's privacy (assuming they are in favor of
privacy) you should have cut and pasted the link
without all of those private email addresses. This is
a public list after all.

Don't take it personally, just a reminder to people
not to be careless with others info. Your post is
just a perfect example.

Feel free to burn me in effigy

George





__________________________________________________ __________________________________
Special deal for Yahoo! users & friends - No Cost. Get a month of Blockbuster Total Access now
http://tc.deals.yahoo.com/tc/blockbuster/text3.com

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 

Thread Tools




All times are GMT. The time now is 09:11 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org