Slashdot Mirror
Ubuntu Servers Hacked
An anonymous reader noted that "Ubuntu had to shutdown 5 of 8 production servers that are sponsored by Canonical, when they started attacking other systems. Canonical blames the community, saying they were community hosted, and were poorly maintained. However, kernel upgrades couldn't be done because of poor backwards compatibility with the very hardware that Canonical had sponsored! While people point fingers at each other it is pretty clear that both sides are equally to blame, the community administrators for practicing bad security practices, such as using unencrypted FTP transfers with accounts, not properly maintaining the system. However Canonical should have been well aware of what they are hosting. The question remains, if any of the files distributed to users have been compromised. A major blow for Canonical though who are attempting to enter the business market with Ubuntu Server."
So you're saying that Ubuntu is especially open to insecurity by association?
Perhaps that's an attack vector that needs more attention. Sure, you can focus on FTP, but a system is more than the sum of its parts. How insecure is it to leave a system accessible to Windows users on any front?
uhh...that's what happens when you try to make your linux distro work like windows....
So Linux is more secure than Windows? You bet
And this is your 'opinion', as facts don't show this to be true for many years now.
I have read tons of articles about *nix break ins over the past year, ranging from several Govts around the world to even BSD at Berkley and other universities. Losing everything from secrets to consumer identity information.
The only Windows stories you hear anymore are when someone loses a non-encrypted laptop or a CD with names in unencrpyted MS Access format is stolen.
Windows Server 'compromises' are not as 'normal' as you seem to think they are. In fact not since 2001 has Windows Servers even 'registered' on the hack/compromise radar. So after six years of doing a rather good job with high-profile security on some of the most high-profiles sites on the internet, don't you think it is time to let go of the 2001 mentality?
To lock down such Windows server/workstation is much harder because of "black box" mentality such software has.
Since when? Windows 2003 server installs by default locked tighter than almost any default *nix distribution, with less active server services. And this is a point and click Server OS, that is so easy to setup, idiots are literally getting by with normal installations without being hacked. Go talk to a company like ServerBeach, Rackspace or other large unmanaged hosting companies that offer both Windows and Linux servers. They confirm that any idiot can turn on Windows Server and be fairly safe.
Linux has not proven itself to be 'inherently' or 'logistically' more secure than any other OS. Nothing in its design is ANYMORE evolved than any other OS.
PERIOD.
Does that mean i shuld tipe lik dis ? U might th1nk sp33k n33ds to 3volv3 but i lik it just f1n3.
Point taken ? Just because morons refuse to LEARN doesnt mean we need to cater to them, popular media be damned.
"Two things are infinite: the universe and human stupidity; and I'm not sure about the the universe." --Albert Einstein
Okay, so your assertion of fact was really just an enormous assumption. Thanks for the clarification.
Memory + pattern recognition = intelligence, and some assumptions are safer than others.
Given the above, it's fair to say that the chances that M$ is virus and botnet free on any given day is virtually no existant. Another way to put that is that someone on the M$ campus is hacked everyday.
You can keep your denials to yourself because they contradict people's experience and common sense in an offensive way, better known as a bald faced and insultingly stupid lie.
Friends don't help friends install M$ junk.