Re: [MBZ] Linux is where it's at
And the NSA has contributed a security framework for it in the past. Two points: There is no real security in obscurity. Unix learned lessons years ago about buffer overflows and unchecked parameters in operations involving escalation of privileges. On the second point, many shops moved from UNIX to windows NT because of MS marketing pointing out that NT did NOT have those bugs (which plagued UNIXes back then) and because it was easier to administer. The question is whether that is still the case. -- John W Reames jream...@verizon.net Home: +14106646986 Mobile: +14437915905 On Jun 8, 2012, at 23:10, Rick Knoble rickkno...@hotmail.com wrote: On Jun 8, 2012, at 10:00 PM, Gerry Archer arche...@embarqmail.com wrote: After a malware attack on the Air Force's Windows-based drone-control system last year, there has been a wholesale move to Linux for security reasons. Which sucks because now the Chinese, Russians, and anyone else that writes virii will be coding for Linux now. Great. Rick Sent from my iPhone ___ http://www.okiebenz.com For new and used parts go to www.okiebenz.com To search list archives http://www.okiebenz.com/archive/ To Unsubscribe or change delivery options go to: http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com ___ http://www.okiebenz.com For new and used parts go to www.okiebenz.com To search list archives http://www.okiebenz.com/archive/ To Unsubscribe or change delivery options go to: http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com
Re: [MBZ] Linux is where it's at
Nearly any operating sytem that comes under a focused attack by a nation-state or especially the NSA is unlikely to withstand it. John Reames jwrea...@comcast.net writes: And the NSA has contributed a security framework for it in the past. Two points: There is no real security in obscurity. Unix learned lessons years ago about buffer overflows and unchecked parameters in operations involving escalation of privileges. On the second point, many shops moved from UNIX to windows NT because of MS marketing pointing out that NT did NOT have those bugs (which plagued UNIXes back then) and because it was easier to administer. The question is whether that is still the case. -- John W Reames jream...@verizon.net Home: +14106646986 Mobile: +14437915905 On Jun 8, 2012, at 23:10, Rick Knoble rickkno...@hotmail.com wrote: On Jun 8, 2012, at 10:00 PM, Gerry Archer arche...@embarqmail.com wrote: After a malware attack on the Air Force's Windows-based drone-control system last year, there has been a wholesale move to Linux for security reasons. Which sucks because now the Chinese, Russians, and anyone else that writes virii will be coding for Linux now. Great. Rick Sent from my iPhone ___ http://www.okiebenz.com For new and used parts go to www.okiebenz.com To search list archives http://www.okiebenz.com/archive/ To Unsubscribe or change delivery options go to: http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com ___ http://www.okiebenz.com For new and used parts go to www.okiebenz.com To search list archives http://www.okiebenz.com/archive/ To Unsubscribe or change delivery options go to: http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com -- 1983 300D 1979 300SD ___ http://www.okiebenz.com For new and used parts go to www.okiebenz.com To search list archives http://www.okiebenz.com/archive/ To Unsubscribe or change delivery options go to: http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com
Re: [MBZ] Linux is where it's at
If you fire up Metasploit you will find many known exploits for NT. -Dave Walton On Jun 9, 2012, at 9:38 AM, John Reames jwrea...@comcast.net wrote: And the NSA has contributed a security framework for it in the past. Two points: There is no real security in obscurity. Unix learned lessons years ago about buffer overflows and unchecked parameters in operations involving escalation of privileges. On the second point, many shops moved from UNIX to windows NT because of MS marketing pointing out that NT did NOT have those bugs (which plagued UNIXes back then) and because it was easier to administer. The question is whether that is still the case. -- John W Reames jream...@verizon.net Home: +14106646986 Mobile: +14437915905 On Jun 8, 2012, at 23:10, Rick Knoble rickkno...@hotmail.com wrote: On Jun 8, 2012, at 10:00 PM, Gerry Archer arche...@embarqmail.com wrote: After a malware attack on the Air Force's Windows-based drone-control system last year, there has been a wholesale move to Linux for security reasons. Which sucks because now the Chinese, Russians, and anyone else that writes virii will be coding for Linux now. Great. Rick Sent from my iPhone ___ http://www.okiebenz.com For new and used parts go to www.okiebenz.com To search list archives http://www.okiebenz.com/archive/ To Unsubscribe or change delivery options go to: http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com ___ http://www.okiebenz.com For new and used parts go to www.okiebenz.com To search list archives http://www.okiebenz.com/archive/ To Unsubscribe or change delivery options go to: http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com ___ http://www.okiebenz.com For new and used parts go to www.okiebenz.com To search list archives http://www.okiebenz.com/archive/ To Unsubscribe or change delivery options go to: http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com
Re: [MBZ] Linux is where it's at
They all use the same guts these days ; that is, a Unix compliant kernel, often based on the Mach Ten BSD kernel, at least a few years back when I paid attention. Apple does too, it's not a secret. The difference is the rest of the OS -- Apple and Linux (in all the various flavors -- it was started as a class project in the late 80's by Linus Torvalds as a Unix compliant system NOT based on ATT code) have been aware of virus and malware vulnerability and hence were built from the ground up to be protected from stupid things like processor overflows and buffer over/under runs leaving gaping holes for the malware to get root access and so forth. None of the non-Microsoft programs like Firefox, etc. allow root access to Javascript or Active-X or whatever that stupid thing Microsoft did with their office suite that give programs unlimited root user access -- this is just stupid programming and one of the main reasons I avoid Microsoft products whenever possible, they are VERY badly designed and written, usually in a great rush to be first and set the standard, whatever that means. The very idea that a stack overflow will leave an OS in an undetermined state or allow non-kernel processes root user access is hilarious, one of the first things any decent class on operating systems should teach is error and exception trapping. Not a Microsoft exclusive by far as we have a program running one of our analyzers that will crash the OS with a divide by zero error occasionally , but for a company that used to shout about their excellence and how much money they spent on research to have malware exploit a stack overflow or buffer overslow (which shouldn't happen anyway with decently written software) is an indication that the people in charge don't understand computer programming. Obviously, Gates didn't since he didn't finish any of his computer science classes. Things are better with MS now that Gates is gone, I suspect, if only because they don't control the market anymore and will have to actually compete. Peter On Jun 9, 2012, at 8:38 AM, John Reames wrote: And the NSA has contributed a security framework for it in the past. Two points: There is no real security in obscurity. Unix learned lessons years ago about buffer overflows and unchecked parameters in operations involving escalation of privileges. On the second point, many shops moved from UNIX to windows NT because of MS marketing pointing out that NT did NOT have those bugs (which plagued UNIXes back then) and because it was easier to administer. The question is whether that is still the case. -- John W Reames jream...@verizon.net Home: +14106646986 Mobile: +14437915905 On Jun 8, 2012, at 23:10, Rick Knoble rickkno...@hotmail.com wrote: On Jun 8, 2012, at 10:00 PM, Gerry Archer arche...@embarqmail.com wrote: After a malware attack on the Air Force's Windows-based drone- control system last year, there has been a wholesale move to Linux for security reasons. Which sucks because now the Chinese, Russians, and anyone else that writes virii will be coding for Linux now. Great. Rick Sent from my iPhone ___ http://www.okiebenz.com For new and used parts go to www.okiebenz.com To search list archives http://www.okiebenz.com/archive/ To Unsubscribe or change delivery options go to: http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com ___ http://www.okiebenz.com For new and used parts go to www.okiebenz.com To search list archives http://www.okiebenz.com/archive/ To Unsubscribe or change delivery options go to: http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com ___ http://www.okiebenz.com For new and used parts go to www.okiebenz.com To search list archives http://www.okiebenz.com/archive/ To Unsubscribe or change delivery options go to: http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com
[MBZ] Linux is where it's at
The US Navy has signed off on a $27,883,883 contract from military contractor Raytheon to install Linux ground control software for its fleet of vertical take-off and landing (VTOL) drones. While the US military has been a growing user of Linux, the contract might also have something to do with the swabbies learning from the mistakes made by the flyboys and girls in the US Air Force. After a malware attack on the Air Force's Windows-based drone-control system last year, there has been a wholesale move to Linux for security reasons. If I would need to select between Windows XP and a Linux based system while building a military system, I wouldn't doubt a second which one I would take, F-Secure's security researcher Mikko Hypponen pointed out at the time. http://www.theregister.co.uk/2012/06/08/us_navy_linux_drones/ ___ http://www.okiebenz.com For new and used parts go to www.okiebenz.com To search list archives http://www.okiebenz.com/archive/ To Unsubscribe or change delivery options go to: http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com
Re: [MBZ] Linux is where it's at
On Jun 8, 2012, at 10:00 PM, Gerry Archer arche...@embarqmail.com wrote: After a malware attack on the Air Force's Windows-based drone-control system last year, there has been a wholesale move to Linux for security reasons. Which sucks because now the Chinese, Russians, and anyone else that writes virii will be coding for Linux now. Great. Rick Sent from my iPhone ___ http://www.okiebenz.com For new and used parts go to www.okiebenz.com To search list archives http://www.okiebenz.com/archive/ To Unsubscribe or change delivery options go to: http://mail.okiebenz.com/mailman/listinfo/mercedes_okiebenz.com