Announcement

Collapse
No announcement yet.

How secure is Linux?

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • SteveRiley
    replied
    A security vulnerability in the kernel would affect all distributions using that version of the kernel, so indeed such a vulnerabilty could be devastating. Conversely, a vulnerabilty in KDE would affect all distributions using that version of KDE. The diversity of kernels, libraries, and desktop environments helps to reduce risk somewhat, but generally not by a significant degree.

    Leave a comment:


  • Robtygart
    replied
    Isn't it also true that one of the reasons why Linux is so secure is because of all the different Operating systems. Saying they can only attack one distro at a time.

    Leave a comment:


  • SteveRiley
    replied
    Originally posted by jpenguin View Post
    An OS is only as secure as it's weakest link, the end user=
    This notion actually isn't completely true. Let me illustrate with an example. While many of the TSA's policies and procedures amount to little more than security theater, they've got one apsect right: randomness. The human mind is a pattern-seeking machine, and will even impute patterns into situations in which none exist because randomness is scary. By deliberately introducing randomness into a process, it's relatively easy to thwart many kinds of attacks: either the anticipation will fail, or the attack itself will fail. Randomness is the best technique for mitigating human-based weakness.

    Leave a comment:


  • Robtygart
    replied
    Edit:

    I miss read the post.

    Leave a comment:


  • GreyGeek
    replied
    Originally posted by SteveRiley View Post
    ....
    I'd prefer that the KB not just become a link collection. Having actual text in the post helps improve discovery via search. ...
    It is often claimed that "the Internet never forgets" but it seems that many corporate web pages are removed at their whim and copyright prevents archiving of those sites. Also, people who have supported an Internet web site with lots of information for years are shutting those sites down for financial or DMCA reasons. Even if a DMCA claim is bogus most people cannot match the legal and financial muscle of corporations and get the claim revoked. Many ISPs shut down websites on the slightest hint of a DMCA violation claims.

    So, I agree that in many cases, and hopefully with "fair use" as our authority, the critical information on a link be repeated here. One advantage is that we deal mainly with Open Source software and information, and thus are less likely to run afoul of aggressive corporate goons, or the BSA.

    Leave a comment:


  • james147
    replied
    Originally posted by tek_heretik View Post
    Yes to installed with an explanation, it's only for manual scanning of files that come from Apple and WinDOHS! PCs, lol.
    Its more useful for scanning files going to an apple/windows computer.

    Leave a comment:


  • tek_heretik
    replied
    Yes to installed with an explanation, it's only for manual scanning of files that come from Apple and WinDOHS! PCs, lol.

    Leave a comment:


  • james147
    replied
    Originally posted by Snowhog View Post
    ...To lessen the default security, the installer would have to enable the root account and log in as root.
    There are far worst thing it could do: use insane default settings for otherwise secure applications (ie sshd), installing outdated software without installing security patches, use a known pre-set password for the root account (rather then letting the user choose).

    Leave a comment:


  • Snowhog
    replied
    Well, speaking of *buntu Linux, it's very secure as installed. To lessen the default security, the installer would have to enable the root account and log in as root.

    Leave a comment:


  • james147
    replied
    Originally posted by jpenguin View Post
    An OS is only as secure as it's weakest link, the end user=
    So the real question is "how easy is it to make secure?"

    Leave a comment:


  • Snowhog
    replied
    THAT, is the ultimate answer to the question.

    Leave a comment:


  • jpenguin
    replied
    An OS is only as secure as it's weakest link, the end user=

    Leave a comment:


  • SteveRiley
    replied
    Oh. With appropriate attribution, I'd think copy/paste would be fine. I actually hadn't considered that. As I sit here thinking about it, I'd prefer that the KB not just become a link collection. Having actual text in the post helps improve discovery via search. But ensuring that we indicate the source of the content is wholly the correct thing to do. I'll add a note about that in the forum's sticky.

    Leave a comment:


  • Robtygart
    replied
    My question was more towards posting other peoples work.

    Leave a comment:


  • SteveRiley
    replied
    Originally posted by Robtygart View Post
    Does it need to be orginal or can we Copy, Paste & Link..
    If you've already written a suitable post elsewhere, my preference would be for you to create a new post in the Knowledge Base. Give it an appropriate title, copy/paste the content, and then include a link to its original location so that interested readers can follow it.

    Leave a comment:

Users Viewing This Topic

Collapse

There are 0 users viewing this topic.

Working...
X