The guy who said this knows nothing about computers nor how trivial most of these "hacker" skills are to develop. Either that or he's just a liar. Given that this is China we are talking about neither would surprise me.
I don't get this bird killing thing. I've spent lots of time walking amongst the giant wind turbines around Tehachapi, CA where I grew up. I never saw a dead bird out there nor had I ever heard of these things killing birds until just a few years ago. Does anyone actually have any data on this? So far it sounds like an urban legend.
I have been using Linux as my desktop since 1994. And I know many others who do the same. I have never heard of any Linux desktop system getting any sort of virus/worm/malware. With the EEE PC and the OLPC each having shipped hundreds of thousands of units with Linux pre-installed before an XP install was even available and the pre-existing Linux desktop installed base it should be pretty safe to say that there are millions of desktop Linux installs running out there. More than there were DOS machines when I got my first DOS virus. And still no Linux malware... Not saying it isn't possible, only that it is FAR FAR harder to accomplish.
I have been deployed around 30 CentOS 5 boxes over the last 6 months. I used to turn SE Linux off when it was expedient. Not anymore. I educated myself about how it works and a few basic commands. This:
audit2allow -a -m local
checkmodule -M -m -o local.m
semodule_package -o local.pp -m local.mod
semodule -i./local.pp
sequence of commands plus togglesebool has so far accomplished everything I have ever needed. I don't run any hand-written custom policy. And we have web servers, dns, mysql, web dev, and all kinds of other stuff.
It sure is easier than setting up a bunch of iptables commands although I see it as analogous. I rarely hear people talk about what a pain iptables is (and it surely is a pain). I think learning SE Linux was even easier.
I really look forward to more policy being applied to the desktop applications. That work is already well underway thanks to Dan Walsh over at RedHat who has already made a lot of progress in this area:
It is work like this that leads me to believe that Linux is not nearly so likely to become like Windows should it ever achieve a critical mass of desktop users. Security problems on the massive scale of some other operating systems are not inevitable. That is nice to know.
Also, I will be doing a presentation on SE Linux at the Kernel Panic Linux Users Group:
My former employer (I left for a serious step up in career and have nothing but glowing things to say for them), with e-commerce revenues of nearly 100 million a year, keeps all of their financials in a Linux box running mysql. They have done so for around 5 years and have never had a problem and their books always add up properly. It isn't as outlandish as you might think.
You are absolutely right. I have been reading this thread and agreeing with all of the other technical arguments about why Linux is fun or safer or cheaper or whatever but you make a very good point about the people. For the last year I have been hanging out on a local Windows user group mailing list just to see how the other half lives. I have been on the local Linux user group mailing list for at least 12 years. The difference is night and day. The Windows user group mailing list has invites to various free lunches paid for by vendors who want to you to buy their stuff and the occasional chatter about some problem with SQL Server or IIS or something. When someone complains about Windows a rep from Microsoft shows up on the list to handle the situation. The Linux group is full of passionate discussion and debate about all manner of technical and political issues plus the usual advice giving and newbie helping. The Linux people are clearly in it for the love of it and the Windows users just seem to be there for a paycheck. Just look at the times people post to the lists. The local Linux folk are posting day and night and weekends. The Windows people are mostly 9 to 5'ers Monday through Friday. The Windows group meets at the local Microsoft office and watch a vendor presentation and then go home. The Linux group meets at a local school, put on their own presentation from 7 to 9 pm every second Thursday and then a dozen or so of them go to an after-meeting meeting at a nearby Denny's restaurant for conversation until midnight. If any of you are in the San Diego area check out http://kernel-panic.org/
And on top of it all, tonight I hacked a new feature into Kudzu (detecting AoE disks so that Anaconda can install RedHat/CentOS onto them which is something I *really* need) made possible by Free Software and some help from my LUG friends so I'm pretty darn happy with the GNU/Linux community right now. I'll be sending that code to RedHat for sure because that's how I give back and we as a community keep improving our Free Software.
I found out about this a day or two before it hit slashdot via programming.reddit.com or something. I was the second post on the singularity site. Right after the current first post "I'm glad Singularity has been released. When I first read about the project a year or so ago, I wondered what would become of it."
I said that this isn't open source and that this is why I prefer Free Software and that the confusion of Free as in freedom vs free as in cost is better than the confusion over open source you can't actually do anything with.
They have deleted my post. Bastards.
The current second post which says "Please do not worry about the "free software" demands. I'm very pleased to see the source of the (hopefully) next windows kernel." was in reply to my post about free software.
Sleezy. Just sleezy. And this is why I don't do business with them.
This has been covered so many times already. It isn't market share. It is design. Linux has a totally different design from Windows. So does Mac OS X. Someone already pointed out that MacOS 9 had far more viruses/malware than Mac OS X currently does even though Mac OS X has twice the market share. There are now far more Linux boxes out there on the net than there were non-Internet enabled DOS machines back when I got my first DOS virus (Jerusalem B). There is a worm out there attacking MySQL running on Windows servers (quite small market share). Design. Not market share.
China, Korea, Japan etc. use lots of ipv6. I've been there, seen it, helped set some up. There is a whole Internet out there full of asian language websites out there that we don't even know about because our english only Internet doesn't link to it. Go to a cyber cafe in Hong Kong, Beijing, Seoul, and you'll see what I mean.
I read the paper today and was rather depressed that this seems to be all bad news for us folks who value our privacy in that it makes our encryption more vulnerable. Then I saw the bright side: It makes *everyones* encryption more vulnerable including DRM schemes. So even if they do lock us out using DRM you can cool the RAM and get it out of the machine (or just clip on and read it out after power-off of the host system) and read out the encryption keys used by the DRM.
Overall I think this may be a very worthwhile trade. The chances of someone actually performing this attack on my physical hardware while the encryption key for my encrypted volume is in RAM are slim. I keep it unmounted when it is not needed. And they need to have physical access which means they are either feds or really determined crooks.
But my chances of being able to benefit from cracked DRM via this method are great. It only takes one person to do it and millions of people will have access to the hardware.
As a pilot I can tell you that navigating by compass remains a critical skill used by anyone who flies an airplane. I often have other instruments to help me along as well but a compass is a critical no-go if not working instrument by my own rules and by the FAA regulations.
Set them up with one windows box and let them rdesktop into it when they need to use that app. That's what I do. Works great. Once license, one anti-virus, one headache instead of many.
Walmart did indeed answer this question and while they did not want to give specifics they did indicate that the return rate was no higher than for any of their other systems. I call that a victory for Linux.
Slashdot Mirror
...they have the skills.
The guy who said this knows nothing about computers nor how trivial most of these "hacker" skills are to develop. Either that or he's just a liar. Given that this is China we are talking about neither would surprise me.
I don't get this bird killing thing. I've spent lots of time walking amongst the giant wind turbines around Tehachapi, CA where I grew up. I never saw a dead bird out there nor had I ever heard of these things killing birds until just a few years ago. Does anyone actually have any data on this? So far it sounds like an urban legend.
Did Vader just make the breakthrough he needed to construct the Death Star laser?
...is the one you don't learn anything from.
GO NASA!
I have been using Linux as my desktop since 1994. And I know many others who do the same. I have never heard of any Linux desktop system getting any sort of virus/worm/malware. With the EEE PC and the OLPC each having shipped hundreds of thousands of units with Linux pre-installed before an XP install was even available and the pre-existing Linux desktop installed base it should be pretty safe to say that there are millions of desktop Linux installs running out there. More than there were DOS machines when I got my first DOS virus. And still no Linux malware... Not saying it isn't possible, only that it is FAR FAR harder to accomplish.
...Windows XP?
I have been deployed around 30 CentOS 5 boxes over the last 6 months. I used to turn SE Linux off when it was expedient. Not anymore. I educated myself about how it works and a few basic commands. This:
./local.pp
audit2allow -a -m local
checkmodule -M -m -o local.m
semodule_package -o local.pp -m local.mod
semodule -i
sequence of commands plus togglesebool has so far accomplished everything I have ever needed. I don't run any hand-written custom policy. And we have web servers, dns, mysql, web dev, and all kinds of other stuff.
It sure is easier than setting up a bunch of iptables commands although I see it as analogous. I rarely hear people talk about what a pain iptables is (and it surely is a pain). I think learning SE Linux was even easier.
I really look forward to more policy being applied to the desktop applications. That work is already well underway thanks to Dan Walsh over at RedHat who has already made a lot of progress in this area:
http://danwalsh.livejournal.com/15700.html
http://danwalsh.livejournal.com/18578.html
http://danwalsh.livejournal.com/13376.html
It is work like this that leads me to believe that Linux is not nearly so likely to become like Windows should it ever achieve a critical mass of desktop users. Security problems on the massive scale of some other operating systems are not inevitable. That is nice to know.
Also, I will be doing a presentation on SE Linux at the Kernel Panic Linux Users Group:
http://www.kernel-panic.org/meetings/general/08-07-10-general-meeting
on July 10th, 2008. If you are in San Diego please stop by. It's a fun crowd and the after-meeting meeting at Denny's is always lively.
http://xenaoe.org/
I'm way ahead of ya guys!
A lot of details left to fill in but I have a few clusters up and running already. Working on documenting my setup so that others may duplicate it.
My former employer (I left for a serious step up in career and have nothing but glowing things to say for them), with e-commerce revenues of nearly 100 million a year, keeps all of their financials in a Linux box running mysql. They have done so for around 5 years and have never had a problem and their books always add up properly. It isn't as outlandish as you might think.
You are absolutely right. I have been reading this thread and agreeing with all of the other technical arguments about why Linux is fun or safer or cheaper or whatever but you make a very good point about the people. For the last year I have been hanging out on a local Windows user group mailing list just to see how the other half lives. I have been on the local Linux user group mailing list for at least 12 years. The difference is night and day. The Windows user group mailing list has invites to various free lunches paid for by vendors who want to you to buy their stuff and the occasional chatter about some problem with SQL Server or IIS or something. When someone complains about Windows a rep from Microsoft shows up on the list to handle the situation. The Linux group is full of passionate discussion and debate about all manner of technical and political issues plus the usual advice giving and newbie helping. The Linux people are clearly in it for the love of it and the Windows users just seem to be there for a paycheck. Just look at the times people post to the lists. The local Linux folk are posting day and night and weekends. The Windows people are mostly 9 to 5'ers Monday through Friday. The Windows group meets at the local Microsoft office and watch a vendor presentation and then go home. The Linux group meets at a local school, put on their own presentation from 7 to 9 pm every second Thursday and then a dozen or so of them go to an after-meeting meeting at a nearby Denny's restaurant for conversation until midnight. If any of you are in the San Diego area check out http://kernel-panic.org/
And on top of it all, tonight I hacked a new feature into Kudzu (detecting AoE disks so that Anaconda can install RedHat/CentOS onto them which is something I *really* need) made possible by Free Software and some help from my LUG friends so I'm pretty darn happy with the GNU/Linux community right now. I'll be sending that code to RedHat for sure because that's how I give back and we as a community keep improving our Free Software.
http://www.youtube.com/watch?v=5mA3voZUZrk
This dude is hilarious...
belt buckle, money clip, coin, keys, wallet purse, put some d's on it. run it through...
http://www.youtube.com/watch?v=z7AWw7t5zj0
I found out about this a day or two before it hit slashdot via programming.reddit.com or something. I was the second post on the singularity site. Right after the current first post "I'm glad Singularity has been released. When I first read about the project a year or so ago, I wondered what would become of it."
I said that this isn't open source and that this is why I prefer Free Software and that the confusion of Free as in freedom vs free as in cost is better than the confusion over open source you can't actually do anything with.
They have deleted my post. Bastards.
The current second post which says "Please do not worry about the "free software" demands. I'm very pleased to see the source of the (hopefully) next windows kernel." was in reply to my post about free software.
Sleezy. Just sleezy. And this is why I don't do business with them.
This has been covered so many times already. It isn't market share. It is design. Linux has a totally different design from Windows. So does Mac OS X. Someone already pointed out that MacOS 9 had far more viruses/malware than Mac OS X currently does even though Mac OS X has twice the market share. There are now far more Linux boxes out there on the net than there were non-Internet enabled DOS machines back when I got my first DOS virus (Jerusalem B). There is a worm out there attacking MySQL running on Windows servers (quite small market share). Design. Not market share.
Once for the OS which should have been more secure in the first place, twice for the anti-virus, and a third time for the anti-botnet.
China, Korea, Japan etc. use lots of ipv6. I've been there, seen it, helped set some up. There is a whole Internet out there full of asian language websites out there that we don't even know about because our english only Internet doesn't link to it. Go to a cyber cafe in Hong Kong, Beijing, Seoul, and you'll see what I mean.
I read the paper today and was rather depressed that this seems to be all bad news for us folks who value our privacy in that it makes our encryption more vulnerable. Then I saw the bright side: It makes *everyones* encryption more vulnerable including DRM schemes. So even if they do lock us out using DRM you can cool the RAM and get it out of the machine (or just clip on and read it out after power-off of the host system) and read out the encryption keys used by the DRM.
Overall I think this may be a very worthwhile trade. The chances of someone actually performing this attack on my physical hardware while the encryption key for my encrypted volume is in RAM are slim. I keep it unmounted when it is not needed. And they need to have physical access which means they are either feds or really determined crooks.
But my chances of being able to benefit from cracked DRM via this method are great. It only takes one person to do it and millions of people will have access to the hardware.
As a pilot I can tell you that navigating by compass remains a critical skill used by anyone who flies an airplane. I often have other instruments to help me along as well but a compass is a critical no-go if not working instrument by my own rules and by the FAA regulations.
Sage has one also:
http://www.sage.org/ethics/
"Method for exterminating cockroaches"
Set them up with one windows box and let them rdesktop into it when they need to use that app. That's what I do. Works great. Once license, one anti-virus, one headache instead of many.
Which man do you respect more: The one who devotes a few of his hundreds of billions to charity or the one who devotes his whole life to charity?
Why is that? Most seem to like a good slurp.
You rush to fsck so fast. Few women will appreciate that. Try my technique:
who; gawk; uname; talk; nice; date; wine; cd ~; grep; touch; unzip; finger; gasp; \
suck; lyx; strip; slurp; uptime; mount; fsck; more; yes; gasp; umount; \
make clean; make mrproper; sleep
Walmart did indeed answer this question and while they did not want to give specifics they did indicate that the return rate was no higher than for any of their other systems. I call that a victory for Linux.