Anthony's drive issues.Re: ssh password delay
Bart Silverstrim
bsilver at chrononomicon.com
Tue Mar 29 12:16:38 PST 2005
On Mar 29, 2005, at 11:09 AM, Anthony Atkielski wrote:
> Bart Silverstrim writes:
>
>> What did they say?
>
> MS developers are much like most other developers: it's never their
> fault.
From the way you were complaining, I had the impression that MS was
bending backwards to help in issues while the FreeBSD people were
immature children. Is this evidence to the contrary, that MS isn't the
pinnacle of perfection in dealing with every software issue?
>> Isn't that how many FOSS projects get started...do some task more
>> efficiently and "better"?
>
> FOSS?
http://en.wikipedia.org/wiki/FLOSS
http://www.dwheeler.com/oss_fs_why.html
http://www.dwheeler.com/oss_fs_refs.html
>> Nope, but it sure makes it a lot simpler! Actually it helps hamper
>> finding bugs that allow it to happen.
>
> It depends on how the code is written, but I'll agree that most bloated
> code is written in great haste, with no attention at all given to the
> many holes that are opened by all those millions of extra lines of
> deadwood.
Especially in projects driven by money and politics in a workplace, and
with looming deadlines. You can do the job to get it shoved out the
door or do the job right. In the "practical" world, you end up shoving
it out the door 99% of the time. In a world where you do it as a hobby
in spare time, it takes longer, but there's far more leeway to "do it
right" instead of just shoving it out the door. It happens, as with
everything else, that there are exceptions but the primary reason for
the shoving to happen isn't as great.
>> As has been shown time and time again in Microsoft-sponsored studies
>> comparing Windows to Linux. After removing the power supply and
>> encasing my system in concrete, it is FAR more secure than I've ever
>> dreamt possible, and that was with it running DOS! :-)
>
> There's nothing unique about Windows. But more people attack Windows,
> so more holes are found and exploited. Linux is rapidly catching up.
> And Mac OS X isn't immune, although I suspect that almost all the holes
> being found in OS X are in Apple's code, not the base OS.
A) No OS is immune, because they are
1) complicated, thus have bugs and
2) are used by people, so stupid social engineering tricks (see anna
kournikova nude!) will get idiots to click click on things they
shouldn't be click clicking on
B) The "More popular thus more exploited" is a crap argument. Why?
Ask the three little pigs. Any twit can build a "shelter" that is
architecturally poor but cheap, so it falls apart or is broken into
easily. Notice how quakes can do a LOT more damage in areas where
buildings are not built to withstand the tremors, while other places
like San Francisco, where people spend huge amounts of money in
research and proper implementation, limit the damage a similar quake
would inflict? Windows was "designed" for single user non-network
desktops. It was extended to encompass the current network-is-the-rule
environment. It's legacy shows. That "30 year old UNIX" was better
designed for network sharing and multiple users in scant resources. It
has since been extended and modified, but the legacy shows.
The "more popular thus more exploited" just means there are more
targets available. Spreading a limited-target virus has BEEN DONE; it
was targeting a specific vendor's firewall product, and it inflicted a
noticeable amount of damage on the Internet in the form of bandwidth
stealing and because of the rapid spread of higher-bandwidth
connections, the number of targets available isn't quite such a big
deal. It only takes a small number to be able to saturate connections
and inflict damage. I'd dig out AGAIN the research paper summarizing
the attack and it's affects, but I'm sure that the intended audience
wouldn't bother reading it anyway. Search for it yourself if you're
such a big boy and everyone else is too immature to know about this
sort of idea.
If apologists would get their heads out of their butts they'd see that
it isn't always "There's more Windows, thus easier to exploit!", it's
"Windows' design is inherently less secure, so it's easier to target!",
as well as a healthy dose of "the average Windows user is more clueless
than the average Linux user!" thrown in to boot. Many of the features
in the recent "The Road to Windows "Longhorn" 2005" article on Paul
Thurrott's Supersite for Windows seems oddly to match many of the
features already available on OS X...Hmm, wonder why...could it be
because of the security imposed by "UNIX" under OS X that makes that
kind of model a decent tradeoff of usability and security in the first
place? If it wasn't such a pain in the butt for Joe Sixpack to use,
ideas in EROS would help a helluva lot more on the desktop for
security. Security is an inconvenience. Users want mindless
interactions. Somewhere it meets in the middle in order to be usable.
More information about the freebsd-questions
mailing list