Slashdot Mirror

← Back to Stories (view on slashdot.org)

'Unbreakable Linux'

Posted by michael on from the kids-call-me-mr.-glass dept.

Zadig writes "It appears as if Dell, Oracle, and Red Hat CEOs have decided to make 'Unbreakable Linux'. Could a giant arise amidst today's insecure and constantly patched linux world that could hold the title of Unbreakable Linux? I doubt it, but it will be fun to try, what are your thoughts?" There's a similar article on CNet.

16 of 430 comments (clear)

  1. Oracle? by Cutriss · · Score: 3, Insightful

    Let me get this straight...Oracle is helping to make an "Unbreakable Linux"?

    So how much money do we get when some admin forgets to patch zlib or whatever? $100 million?

    They can work day and night to make Linux more secure, but if the customers don't maintain the systems, they're perfectly breakable.

    I'll take my $100M now.

    --
    "Mod, mod, mod...and another troll bites the dust."
  2. Murphy's Laws of Hacking: by PhxBlue · · Score: 3, Insightful

    Unbreakable isn't.

    Doesn't matter whether you're talking about a database, an operating system, or a bank vault. The only way to make something unbreakable is not to make it in the first place.

    --
    !#@%*)anks for hanging up the phone, dear.
  3. Re:There is already an unbreakable OS by H310iSe · · Score: 3, Insightful

    erm, exactly, that is, why would anyone who wanted to make a system ... resistent to attacks call it unbreakable? That name doubles the number of attacks against your system. Call it "nothing to look at here, keep moving, keep moving" or something

    --
    closed minded is as closed minded does
  4. "Unbreakable Linux" by Feren · · Score: 5, Insightful
    This will be interesting. Perhaps the coalition will take lessons on exactly how to achieve this goal from our friends over at OpenBSD, who are working towards much the same goal with BSD. One of the first lessons they should learn is realistic goal setting. The second lesson they should take from OpenBSD is the understanding of the impact that a remote exploit can have, versus one that is only available to users local to the system.

    Another lesson that this new coalition should learn is humility. I would hope after the "Unbreakable" campaign Oracle launched, and the blowback it received, that they'd take the time to tone down their attitude and ensure they're somewhere near as unbreakable as they'd like to think. If their claims aren't so grandiose they're less likely to suffer an explosive userland reaction when a flaw is (and there will be flaws, it's just Murphy's law) is discovered.

    Otherwise, I applaud the idea. Linux can benefit from a hardened, secure-from-the-box distribution initiative powered by folks with the pockets to fund the massive codewalks it will take to tighten things up. OpenBSD brought several benefits to the BSD community, I can see this doing much the same thing.

  5. 'Unbreakable' and linux by tigerknight · · Score: 3, Insightful

    First of all, they're not talking about the OS. Oracle is not helping redhat shape up it's security in any way. What it /is/ talking about is making databases 'unbreakable' by clustering them. No single point of failure.

    Why linux/dell? Cause compared to a couple hundred thousand dollar sun 4500 or hp V class machine, it's all but pennies on the dollar!

  6. Were this to be true... by MissMyNewton · · Score: 3, Insightful

    ...Dell and Oracle would certainly lend cred to the PHBs (who don't find any in Redhat. Really, they don't - don't kid yourself).

    And with PHBs being more comfortable everywhere, that means the possibility of more ISV stuff which is currently held up by politics (as opposed to tech issues) alone.

    And that would be Good (TM)

    --

    ---

    Information wants...you to shut your pie hole.

  7. Read Before You Rant, Folks. by HodMcWuff · · Score: 3, Insightful

    I saw the word "unbreakable" in connection with two concepts in the article: 1) The partnership between the corporate weasels; 2) The fault-tolerant nature of cluster computing. Just to stress the point, I didn't see anything related to exploitability or the absence thereof.

  8. Enough of this crap.. by Dr.+Bent · · Score: 5, Insightful

    Programmers don't make systems secure. Admins do. No system in the world be it software, hardware, electronic or mechanical, can be any more secure than the people who maintain it allow it to be. Yes, default settings, and auto-patches and fancy protocols help, but at the end of that day 99.99% of hacks occur because either:

    a) User Error (@see shitty passwords)

    or

    b) The system was not kept up to date.

    Beyond that, nothing can be unbreakable. There will always be the 0.01% of hacks that occur because of a design fault, and you will never get rid of that 0.01% no matter how many eyeballs you have. But if you're serious about security use good passwords, and keep your system up to date. Sure it's not sexy, and it won't make stock prices jump, and most of the time it isn't much fun, but unless you're the NSA you will never, ever have to do more than those two things to keep your system safe.

    I forget who said it, but right after 9/11, some talking head on TV asked some expert "What can Americans do to stay safe after these attacks?" and the expert answered "Buckle your seat-belt and quit smoking".

    Occam's razor strikes again.

    1. Re:Enough of this crap.. by Arandir · · Score: 5, Insightful

      Yeah, but it's still easier for the admin to secure the machine if he doesn't have to start with swiss cheese.

      --
      A Government Is a Body of People, Usually Notably Ungoverned
  9. Worst. Name. Ever. by gad_zuki! · · Score: 4, Insightful

    The linux community has had more than its fair share of guffaws over "the unstoppable NT" or "unbreakable Oracle," and they should be taking their own lessons to heart. This is just an invitation to be mocked because it just insults the intelligence of everyone involved.

  10. Re:Let's learn from "Unbreakable Oracle" by bpfinn · · Score: 3, Insightful

    Yes, but "Tamper Resistant" Linux just doesn't give the marketing department much to go on.

  11. Unbreakable... by Tazzy531 · · Score: 3, Insightful

    As long as the vendor loses absolute control over the system at the point of delivery, it can never be declared "unbreakable." The vendor can shut down all services and daemons, thereby making it the most secure OS, but at this point, is it any longer userful? Most system vulnerabilities are the result of the users/administrators that open services to suit their needs. There is a equilibrium between the amount of vulnerabilities and the userfulness of the system.

    No system can be made 100% secure AND be totally functional.

    --


    _______________________________
    "I'm not Conceited...I'm just a realist..."
  12. Does "Unbreakable" come with a full warranty? by Animats · · Score: 3, Insightful
    If it came with a full warranty, an "unbreakable" promise would have some credibility. Without that, it's just hype.

    Recently purchased an "unbreakable" "full warranty" hose nozzle. It's stainless steel and brass with a half inch thick hard rubber ring around it. Cost about $20. Product literature shows it being run over by a car without damage. We've installed it at the washing stall of a large horse barn, attached to the similarly expensive "full warranty" "lifetime" hose. We'll see how it works out when a horse steps on it. If it breaks, the manufacturer will send us another one. That's what "unbreakable" means.

  13. Re:insecure? by Afrosheen · · Score: 4, Insightful

    The impression I've gotten of the Unix world is that the universal reaction to a SERIOUS security hole is "Oh sh!t, we've got to FIX this, NOW!"

    The way I see it, the unix world's reaction to possible security holes is the same. Just because a buffer overflow or whatever can be exploited doesn't mean it will be. I think this is where Microsoft's attitude comes into play. They wait for someone to exploit something, wait for enough people to complain, then do something about it. That's called being REactive. Unix and linux coders tend to be PROactive, i.e. issuing bugfixes and patches before anything serious comes to pass (i.e. your whole network getting rooted from an obscure overflow in an even more obscure kernel module/server daemon). Alot of patches are to prevent/repair potential exploits which are provable in theory only sometimes.

  14. holy shit by tps12 · · Score: 4, Insightful

    I can't believe it.

    NO ONE READ THE ARTICLE.

    Not one person. Not the submitter, nor any of the people responding.

    Unbreakable Linux has NOTHING to do with preventing hacking. It is about clustering, so that other nodes can take over when one node breaks. Not is broken into.

    Depressing.

    --

    Karma: Good (despite my invention of the Karma: sig)
  15. Linux and security by einhverfr · · Score: 3, Insightful

    Linux seems to be extremely secure. Now the other software in the distributions, OTOH, may not be. Hint-- try to break into a system with only the Linux kernel running...

    The real issue is not a "Linux" issue but a distro issue. And there are extremely secure distros, such as Trustix, and security-enhanced kernels like SELinux (with its Manditory Access Control layer).

    But the other issue is that there is no such thing as unbreakable [favorite software here] unless that software does not run. There will always be bugs, and points of attack, so there will always be security issues. The real question is how severe are the security issues and what can be done to minimize their impact and number.

    --

    LedgerSMB: Open source Accounting/ERP