On Fri, Mar 12, 2004 at 11:29:07AM -0700, Stuart Jansen wrote: > > One of the real differences between Linux and MS here is that Linux > fesses up and releases patches very quickly. MS hides the problem until > they're good and ready. This protects MS from opportunistic attackers. > The largest part of the attacker are "script kiddies", so called because > they have no real skill themselves. Hiding the problem gives no > protection from truly knowledgeable and determined attackers. The script > kiddies are eventually going to find out about the problem anyway, so > the only real answer is to keep your system fully patched.
Another significant discrepancy is that each linux system is different and usually uniquely tweaked. Something you can't do to such extent in windows. You've read of the Debian exploit, something much removed from common windows viruses. This was a studied attempt at penetrating a single linux system, or systems that closely share. There appears to be no chance for the exponentiation of viruses on linux and other open source systems. Therefore, there can hardly be any viruses for linux, seeing that a virus is something that reproduces itself and infects multiple machines. The common part of a linux system responsible enough, whose breaching would be serious is the linux kernel itself, aside from say, ssh or apache, but even then if the kernel underneath is secure what could be done. This doesn't apply to sensitive user information though. You must protect that with good passwords and encryption. Often the kernel comes heavily patched by linux distributors. As Stuart points out, linux security flaws are patched immediately. Why? Most of them are simple one liners 'if (a = 50)' instead of 'if (50 == a)'. Microsoft's security patches seem to be much more complex and address a whole swath of badly written? code. I think this reflects upon the cleanliness and design of the source code. > Who is John Galt? I am. (: All those who choose free software are John Galt. ... All your John Galt are own to us. (: Justin _______________________________________________ newbies mailing list [EMAIL PROTECTED] http://phantom.byu.edu/cgi-bin/mailman/listinfo/newbies
