Slashdot Mirror
'Unbreakable Linux'
Zadig writes "It appears as if Dell, Oracle, and Red Hat CEOs have decided to make 'Unbreakable Linux'. Could a giant arise amidst today's insecure and constantly patched linux world that could hold the title of Unbreakable Linux? I doubt it, but it will be fun to try, what are your thoughts?" There's a similar article on CNet.
Another lesson that this new coalition should learn is humility. I would hope after the "Unbreakable" campaign Oracle launched, and the blowback it received, that they'd take the time to tone down their attitude and ensure they're somewhere near as unbreakable as they'd like to think. If their claims aren't so grandiose they're less likely to suffer an explosive userland reaction when a flaw is (and there will be flaws, it's just Murphy's law) is discovered.
Otherwise, I applaud the idea. Linux can benefit from a hardened, secure-from-the-box distribution initiative powered by folks with the pockets to fund the massive codewalks it will take to tighten things up. OpenBSD brought several benefits to the BSD community, I can see this doing much the same thing.
Programmers don't make systems secure. Admins do. No system in the world be it software, hardware, electronic or mechanical, can be any more secure than the people who maintain it allow it to be. Yes, default settings, and auto-patches and fancy protocols help, but at the end of that day 99.99% of hacks occur because either:
a) User Error (@see shitty passwords)
or
b) The system was not kept up to date.
Beyond that, nothing can be unbreakable. There will always be the 0.01% of hacks that occur because of a design fault, and you will never get rid of that 0.01% no matter how many eyeballs you have. But if you're serious about security use good passwords, and keep your system up to date. Sure it's not sexy, and it won't make stock prices jump, and most of the time it isn't much fun, but unless you're the NSA you will never, ever have to do more than those two things to keep your system safe.
I forget who said it, but right after 9/11, some talking head on TV asked some expert "What can Americans do to stay safe after these attacks?" and the expert answered "Buckle your seat-belt and quit smoking".
Occam's razor strikes again.
The linux community has had more than its fair share of guffaws over "the unstoppable NT" or "unbreakable Oracle," and they should be taking their own lessons to heart. This is just an invitation to be mocked because it just insults the intelligence of everyone involved.
The impression I've gotten of the Unix world is that the universal reaction to a SERIOUS security hole is "Oh sh!t, we've got to FIX this, NOW!"
The way I see it, the unix world's reaction to possible security holes is the same. Just because a buffer overflow or whatever can be exploited doesn't mean it will be. I think this is where Microsoft's attitude comes into play. They wait for someone to exploit something, wait for enough people to complain, then do something about it. That's called being REactive. Unix and linux coders tend to be PROactive, i.e. issuing bugfixes and patches before anything serious comes to pass (i.e. your whole network getting rooted from an obscure overflow in an even more obscure kernel module/server daemon). Alot of patches are to prevent/repair potential exploits which are provable in theory only sometimes.
I can't believe it.
NO ONE READ THE ARTICLE.
Not one person. Not the submitter, nor any of the people responding.
Unbreakable Linux has NOTHING to do with preventing hacking. It is about clustering, so that other nodes can take over when one node breaks. Not is broken into.
Depressing.
Karma: Good (despite my invention of the Karma: sig)