Slashdot Mirror
Linux Getting Harder To Crack
AlanS2002 points out today's article from Iain Thomson on vnu.net, which says that "Linux systems are getting tougher for hackers to crack, security experts have reported today," summarizing "A study conducted by the Honeynet Project has found that it takes about 3 months before a unpatched Linux machine will be owned, compared with about 72 hours in the past. According to a report on the study default installations are now more secure with less services enabled by default, added to this is newer versions of software such as OpenSSH being more secure. Interestingly Solaris 8 and 9 did not fare so well."
Sorry to feed the troll here but:
What about Apple's OS/X ?
No know exploits. Uncrackable.
**NOTHING** is "uncrackable" A machine may be less crackable, or diffucult to crack but as long as it's connected to a network it is crackable. It may take longer than the lifetime of the universe to do it, but it is possible.
I suppose in the same sense, even things that arn't connected to the network are crackable, but that requires mission impossible like stunts.
My UID is prime and so is this number: 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0.
Yes, tell the millions of sports fans that. You know, the ones who drive East German Trebants because the stadium owners only allow Trebant owners to attend sports events.
I'd rather give up the superbowl and drive my Ferrari, thank you. Besides, sooner or later, all the Trebant owners will die when their engine block explodes, and the stadium owners will be forced to accept me as a customer...
That doesn't address the problem of 0 day exploits. Further I know people who have done a fresh install of Windoze XP and connected to the internet to get all the patches available from WindowsUpdate only to be infected within 5 seconds of connecting.
Not all conservatives are stupid,
but it is true that most stupid people are conservative.
- Hume
So, is this a good reason to use Windoze or something? What's your point? Most of us here are running "random" machines and would rather not be owned before we can update our way out of harm's way. Even if you were right in your reasoning, the result is still in favor of using Linux over the alternatives, Windoze and Solaris.
Do you have a better method to determine system performance than the one used? All your theorizing is so much BS when actual computers are put onto the web in normal configurations. Put it up.
If anything, the Windoze boxes had it easy. I doubt they configured the thing to surf with IE or read email with OE, which are both filled with holes. Surfing with Konqueror/Mozilla/Dillo/Galeon/whatever is a world safer as is reading your email with Evolution/Kmail/MozillaMail/Balsa/mutt/whatever. We can be sure the results would be worse for Windoze if all the machines were set to get mail every 5 minutes. Many would not survive the first shot.
Friends don't help friends install M$ junk.
Either it's not that tight, or you were using a bad broswer that allows software (viruses) to install itself. Bad boy. It's a matter of common sense now. www.getfirefox.com
Follow me
Re: Security is a state. Securing is a process.
Wrong again! Secure is a state; Securing is the activity of improving security and security is the perpetuation of a secure state.
Re: If you really think that it is impossible for security to happen automatically, ask your self exactly what is it that a security professional can do that it is theoretically impossible to automate.
"Theoretically impossible to automate" is far stronger a constraint than is necessary to justify human involvement. These aspects of security which are extraordinarily difficult to automate relate to the following security tasks - for example: