On 12/16/2012 12:12 PM, Reindl Harald wrote:
Am 16.12.2012 18:02, schrieb Bruno Wolff III:
On Sun, Dec 16, 2012 at 19:17:50 +1030,
Tim <ignored_mail...@yahoo.com.au> wrote:
On Sat, 2012-12-15 at 11:18 -0600, Bruno Wolff III wrote:
Unless you think you have a chance of being singled out by a goverment
or if you don't trust some of the people/machines on your local
network, this isn't a significant risk.
You don't think some malcontent might try to set up a bogus repo, or
damage another one, just because they're an ass?
They have to get people to use such a repo, which is going to be hard. One
could get away with it perhaps for a
little while by showing different data to users and to the mirror checker. And
only a small fraction of people are
going to end up using such a mirror.
nothing easier as to point you to another repo with /etc/hosts
if something goes wrong on your machine - it is enough if you
are ONE TIME ente your root-password in the wrong dialog and
after pointing you to a modified repo you get a backdoor installed
which you can not detect if it is done well by filter output of
lsof, ps and whatever tools you think are helping you in such cased
who makes you believe repos are always trustable for sure and no
ssh-keys of maintainers are lost and misued? it happened not so long
ago to the fedora infrastructure (google is your friend)
the first and largest mistake in context security you can make
is to think you are secure but not have the knowledge to make
sure it is so - goodwill and hope is no base for security
But aren't there ways to protect myself?...I use ClamAV, I have NO IDEA
how it works, and I'm trying like hell to get a grasp of the SELinux
thing, but until I'm a "guru" in either of those categories, how would I
prevent myself and my system from being compromised? I don't place too
much faith in AV tools....only because coming from a "Windows World" the
Symantecs.......McAfees......and various other so-called "protection
services" did nothing to keep me safe. And mind you I was NEVER so
ignorant as to think that just updating virus definition files would
protect me......and that I could just click on anything I wanted! I was
cautious! I didn't even visit certain sites I had heard got "hit"....so
coming from that environment....and not being savvy enough to "hack"
myself into a perfect state of hardened security....what's someone who's
still in transition to do?...
EGO II
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org