Slashdot Mirror

← Back to Stories (view on slashdot.org)

BugTraq's Elias Levy Talks Security

Posted by timothy on from the how-apropos dept.

LiquidPC writes: "UnderLinux.com.br has an interview with the BugTraq moderator, Elias Levy or Aleph1. Questions ranging from what he thinks of 'Hacking Exposed' to whether BSD is more secure than Linux. Kind of short, but interesting nonetheless." He notes the interesting difference between the approaches to security taken by FreeBSD (which he praises) and Linux -- lots of projects vs. a single unified one, and emphasizes that security is ongoing, not defeating any single problem.

3 of 137 comments (clear)

  1. Re:security by Simon+Brooke · · Score: 3, Insightful
    Win2k is not hard to secure; neither is any other MS system

    [simon@beesianum simon]$ cat /var/log/httpd/*access* | grep msadc | wc -l
    133

    Not bad for a worm that's been live for less than seven hours, and attacks an operating system that's 'easy to secure'.

    --
    I'm old enough to remember when discussions on Slashdot were well informed.
  2. Re:Most Secure Language by scrytch · · Score: 3, Insightful

    This is why you shouldn't use an MS designed languages like VB or C#.

    Show me a buffer overflow attack on the VB VM. Just one. Attacks on the system? Watch me write "rm -rf $HOME /" in perl, python, and ruby. MS ships IIS in a bloody awful configuration for security, and it may not be possible to totally secure it, but the herring you're waving around is redder than Kruschev (there's a dated joke).

    --
    I've finally had it: until slashdot gets article moderation, I am not coming back.
  3. *nix admins are different by lowflying · · Score: 3, Insightful
    In a previous lifestyle, I flew helicopters for the Army. As a newbie admin, other admins have seemed impressed by how paranoid I am that some box I am responsible for is going to get cracked. This has always been my explanation:
    The thing is, helicopters are different from planes. An airplane by it's nature wants to fly, and if not interfered with too strongly by unusual events or by a deliberately incompetent pilot, it will fly. A helicopter does not want to fly. It is maintained in the air by a variety of forces and controls working in opposition to each other, and if there is any disturbance in this delicate balance the helicopter stops flying; immediately and disastrously. There is no such thing as a gliding helicopter.

    This is why being a helicopter pilot is so different from being an airplane pilot, and why in generality, airplane pilots are open, clear-eyed, buoyant extroverts and helicopter pilots are brooding introspective anticipators of trouble. They know if something bad has not happened it is about to.
    -Harry Reasoner, February 16, 1971

    I just wonder what is different about the training of *nix admins that makes them recognize that vigilance must be eternal, while the admins of other OSes seem to assume everything will go right when that is clearly not the case.

    Dave