No Subject
subscribe freebsd-stable subscribe cvs-all __ Do You Yahoo!? Make international calls for as low as $.04/minute with Yahoo! Messenger http://phonecard.yahoo.com/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Is FreeBSD more secure than Windows NT or Windows 2000?
Hi, One thing that makes me uncomfortable with both Linux and FreeBSD is that unlike Windows NT, both UNIX clones seem to be less secure for a desktop use. ( ** Note clones doesn't mean it's any less better than UNIX, it just means, it's not officially considered UNIX by OPEN-GROUP ** ) I've used Windows NT 4.0 since '98, Linux since '99, FreeBSD since '00 and finally gone FreeBSD only on my laptop. However, unlike, Windows NT 4.0, other people can get access to my confidential files! How? Well, they can just reinstall the FreeBSD without deleting my $HOME directory and as a root, they can access all my files! This is a great concern when my laptop gets stolen! Windows NT is very secure in that matter. Simply reinstalling Windows NT will not let you read someone else's file. Also, it won't let you reinstall Windows NT without verifying that you're the right administrator! During the reinstall, it asks for your root passwd. If the passwd doesn't match, it won't let you reinstall unless you're willing to reinstall from scratch (reformat or erase everything before going on to installation procedure). Now I think that's being secure all the way. Is there anyway I can do that with FreeBSD? For example, attaching signature to all my files etc. Regards, Sung N. Cho, Saturday, July 21, 2001. Dept. of Physics, Virginia Polytechnic Institute State University. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: Is FreeBSD more secure than Windows NT or Windows 2000?
On Sat, Jul 21, 2001 at 03:45:05PM -0400, Sung Nae Cho wrote: Hi, One thing that makes me uncomfortable with both Linux and FreeBSD is that unlike Windows NT, both UNIX clones seem to be less secure for a desktop use. ( ** Note clones doesn't mean it's any less better than UNIX, it just means, it's not officially considered UNIX by OPEN-GROUP ** ) I've used Windows NT 4.0 since '98, Linux since '99, FreeBSD since '00 and finally gone FreeBSD only on my laptop. However, unlike, Windows NT 4.0, other people can get access to my confidential files! How? Well, they can just reinstall the FreeBSD without deleting my $HOME directory and as a root, they can access all my files! This is a great concern when my laptop gets stolen! Windows NT is very secure in that matter. Simply reinstalling Windows NT will not let you read someone else's file. Also, it won't let you reinstall Windows NT without verifying that you're the right administrator! During the reinstall, it asks for your root passwd. If the passwd doesn't match, it won't let you reinstall unless you're willing to reinstall from scratch (reformat or erase everything before going on to installation procedure). Now I think that's being secure all the way. Is there anyway I can do that with FreeBSD? For example, attaching signature to all my files etc. Use gnupg to encrypt the files, or look for some crypto filesystem (don't know if it's available for FreeBSD) You can read NTFS filesystems even easier by using an NTFS driver for linux or dos, these drivers just ignore the file permissions. The only way to secure sensitive data is using encryption, encrypted swap might be desirable then too, to make sure they can't read the data from your swap partition. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: Is FreeBSD more secure than Windows NT or Windows 2000?
On Sat, 21 Jul 2001, Sung Nae Cho wrote: Windows NT is very secure in that matter. Simply reinstalling Windows NT will not let you read someone else's file. Also, it won't let you reinstall Windows NT without verifying that you're the right administrator! During the reinstall, it asks for your root passwd. If the passwd doesn't match, it won't let you reinstall unless you're willing to reinstall from scratch (reformat or erase everything before going on to installation procedure). Now I think that's being secure all the way. Is there anyway I can do that with FreeBSD? For example, attaching signature to all my files etc. There are any number of tools, both commercial and freely available, that can read NTFS filesystems without paying attention to the permissions on the drive. The difference here is this: Unix does not pretend to be secure when it isn't. If you want file security against folks with access to the hardware, you need strong crypto. This is true on literally any operating system. -- Charlie Watts [EMAIL PROTECTED] Frontier Internet http://www.frontier.net/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: Is FreeBSD more secure than Windows NT or Windows 2000?
:Hi, : :One thing that makes me uncomfortable with both Linux and FreeBSD is that :unlike Windows NT, both UNIX clones seem to be less secure for a desktop :use. ( ** Note clones doesn't mean it's any less better than UNIX, it just :means, it's not officially considered UNIX by OPEN-GROUP ** ) I've used :Windows NT 4.0 since '98, Linux since '99, FreeBSD since '00 and finally :gone FreeBSD only on my laptop. However, unlike, Windows NT 4.0, other :people can get access to my confidential files! How? Well, they can just :reinstall the FreeBSD without deleting my $HOME directory and as a root, :they can access all my files! This is a great concern when my laptop gets :stolen! Windows NT is very secure in that matter. Simply reinstalling :Windows NT will not let you read someone else's file. Also, it won't let :you reinstall Windows NT without verifying that you're the right :administrator! During the reinstall, it asks for your root passwd. If :the passwd doesn't match, it won't let you reinstall unless you're willing :to reinstall from scratch (reformat or erase everything before going on to :installation procedure). Now I think that's being secure all the way. Is :there anyway I can do that with FreeBSD? For example, attaching signature :to all my files etc. : :Regards, :Sung N. Cho, :Saturday, July 21, 2001. Umm... well, you should realize something about computers: If you have physical access to the computer, you can access everything on that computer whether or not the OS allows it. There are only two ways to secure a computer such that physical access does not compromise its files. (1) Encrypt the filesystems or (2) don't put anything critical on the computer in the first place. All someone needs to do to access your NT files is to put a bootable CD into your laptop and boot an OS that doesn't ask them for a password. Poof, they have access to your NT files. Don't be fooled by UI-based security - it doesn't exist. -Matt To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: Is FreeBSD more secure than Windows NT or Windows 2000?
Hi, Thank you all for your generous info on encryption. Hmmm, now I don't know what Microsoft actually meant when they advertised Windows NT, 2000 was Truly Secure! Regards, Sung N. Cho, Saturday, July 21, 2001. Dept. of Physics, Virginia Polytechnic Institute State University. On Sat, 21 Jul 2001, Jerry Stachowski wrote: Hi--- Have you considered PGP encypting your confidential files? Take Care--- Jerry Stachowski Sung Nae Cho wrote: Hi, One thing that makes me uncomfortable with both Linux and FreeBSD is that unlike Windows NT, both UNIX clones seem to be less secure for a desktop use. ( ** Note clones doesn't mean it's any less better than UNIX, it just means, it's not officially considered UNIX by OPEN-GROUP ** ) I've used Windows NT 4.0 since '98, Linux since '99, FreeBSD since '00 and finally gone FreeBSD only on my laptop. However, unlike, Windows NT 4.0, other people can get access to my confidential files! How? Well, they can just reinstall the FreeBSD without deleting my $HOME directory and as a root, they can access all my files! This is a great concern when my laptop gets stolen! Windows NT is very secure in that matter. Simply reinstalling Windows NT will not let you read someone else's file. Also, it won't let you reinstall Windows NT without verifying that you're the right administrator! During the reinstall, it asks for your root passwd. If the passwd doesn't match, it won't let you reinstall unless you're willing to reinstall from scratch (reformat or erase everything before going on to installation procedure). Now I think that's being secure all the way. Is there anyway I can do that with FreeBSD? For example, attaching signature to all my files etc. Regards, Sung N. Cho, Saturday, July 21, 2001. Dept. of Physics, Virginia Polytechnic Institute State University. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: Is FreeBSD more secure than Windows NT or Windows 2000?
Thank you all for your generous info on encryption. Hmmm, now I don't know what Microsoft actually meant when they advertised Windows NT, 2000 was Truly Secure! It meant, believe us in all we say and do! Give us your money because you will believe whatever we say It's all advertising (aka. propaganda). Ciao. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: Is FreeBSD more secure than Windows NT or Windows 2000?
Sung Nae Cho wrote: One thing that makes me uncomfortable with both Linux and FreeBSD is that unlike Windows NT, both UNIX clones seem to be less secure for a desktop use. ( ** Note clones doesn't mean it's any less better than UNIX, it just means, it's not officially considered UNIX by OPEN-GROUP ** ) I've used Windows NT 4.0 since '98, Linux since '99, FreeBSD since '00 and finally gone FreeBSD only on my laptop. However, unlike, Windows NT 4.0, other people can get access to my confidential files! How? Well, they can just reinstall the FreeBSD without deleting my $HOME directory and as a root, they can access all my files! This is an illusion. Let me borrow your laptop for 15 minutes, and I'll boot off a floppy, read through all your files and give it back to you without you having a clue as to what I've done - no matter what OS you've got installed. The funny security checks that NT/2000 do on install are only an illusion of security. As someone else pointed out, the only way to guarantee the privacy of your files on a stolen HDD is to encrypt them. Actually, this isn't a guarantee, since just about any encryption is crackable if the cracker has enough time on his hands and enough patience. You can only hope that it takes him so long to crack, that by the time he decrypts it the information isn't valuable any more. Using RSA algorithms with large keys ( 1024 ) is a good way to do this. -Bill -- It may be that true happiness is nothing more than the ability to *always* know the right thing to say at the right time, whereas true misery is the state of perpetually saying to oneself, What I *should* have said was... To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: is stable stable?
Very well said. This should be added to the handbook. :) From: Lamont Granquist [EMAIL PROTECTED] Subject: Re: is stable stable? Date: Sat, 21 Jul 2001 11:27:01 -0700 (PDT) On Sat, 21 Jul 2001, A. L. Meyers wrote: Having followed the postings here for a few weeks it seems, at least occasionally, that stable appears to be a bit less than stable. You are doing a CVS checkout of a source tree that is getting updates on a daily basis. If you have ever done this in a development environment before, you should know that absolute 100% stability in any such an environment is never, ever going to happen. If you want the latest -stable sources which *are* stable, then you really need to checkout sources on a fresh machine, build your distribution and spend a few days regression testing the features of the OS which are important to you. You should then roll out the build to your staging platform and give it at least a week or two. Following that you should put it in the load balancing rotation on your production site, and then gradually phase it in as you gain more confidence. Which, of course, you should be doing anyway. If you want better stability, then checkout the actual 4.x releases with the security fixes. Those have actually been frozen and then bugfixed for stability. They should be better. Why is this so difficult for people to understand? *ANY* time you are checking out the head of a development branch (even one where developers are supposedly being more careful) then you should expect to occasionally see problems. People will break the build. People will have insufficiently tested their code and subsystems will break. I guarantee you that none of the FBSD developers have a sufficient testing matrix to *ensure* that the changes which are checked into the top of the tree will run on every platform out there (consider for a moment just how big the x86 testing matrix is). I'm pretty damned impressed that -stable works as well as it does (kudos for the developers). To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Please be nice to the newbie....
Hello all, I am new to FreeBSD, and I am about to embark on my first FreeBSD kernel compile. I am very familiar with the kernel build process in linux, but FreeBSD appears to be a very different animal in that respect. So, what I am asking, is there any advice that you would care to impart to this FreeBSD newbie (aside from RTFM, which I have done... FreeBSD's docs kick butt)? I appreciate it, Derek To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: Is FreeBSD more secure than Windows NT or Windows 2000?
Sung Nae Cho wrote: | Thank you all for your generous info on encryption. Hmmm, now I don't | know what Microsoft actually meant when they advertised Windows NT, 2000 | was Truly Secure! They lied -- as they normally do in the interest of making a sale to an uninformed user. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: Please be nice to the newbie....
Derek C. wrote: So, what I am asking, is there any advice that you would care to impart to this FreeBSD newbie (aside from RTFM, which I have done... FreeBSD's docs Just follow (yes, it is part of the FM :) http://www.freebsd.org/handbook/kernelconfig-building.html Perhaps nice is to familiarize yourself with booting another kernel than /kernel (during the kernel install the old /kernel will be renamed to /kernel.old) so that in case of a failing new kernel you know how to revert to the old one. Or did you want advice on what to modify/tune to the kernel config itself ? Hans Lambermont -- http://lambermont.webhop.org/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: Please be nice to the newbie....
I read all of that :-) I read the whole kernel config section, the source sync section, and a bunch of other sections of the docs. Wery thorough and easy to follow. I have a lot of respect for the people responsible. Any advice at all is great. This includes, but is not limited to performance tips, recovery advice, sources of more information, and safety precautions to avoid needing to use the recovery advice. But now that you mention it, I think I will practice booting from a kernel other than /kernel, I'll practice on kernel.GENERIC. Thanks! Derek At 02:24 PM 7/21/2001, H wrote: Derek C. wrote: So, what I am asking, is there any advice that you would care to impart to this FreeBSD newbie (aside from RTFM, which I have done... FreeBSD's docs Just follow (yes, it is part of the FM :) http://www.freebsd.org/handbook/kernelconfig-building.html Perhaps nice is to familiarize yourself with booting another kernel than /kernel (during the kernel install the old /kernel will be renamed to /kernel.old) so that in case of a failing new kernel you know how to revert to the old one. Or did you want advice on what to modify/tune to the kernel config itself ? Hans Lambermont -- http://lambermont.webhop.org/ To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message
Re: FreeBSD 4.3 and 6G RAM
So, someone wanting to implement this in FreeBSD isn't starting from square one? That depends on how you number your squares. Can the NetBSD stuff be fairly easily ported to FreeBSD, or is their VM system too funky? It's just different. But no, the NetBSD work doesn't immediately translate. -- ... every activity meets with opposition, everyone who acts has his rivals and unfortunately opponents also. But not because people want to be opponents, rather because the tasks and relationships force people to take different points of view. [Dr. Fritz Todt] V I C T O R Y N O T V E N G E A N C E To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-stable in the body of the message