Sooner or later, we will have to face questions about the SCO issue. The more information we have, the better we will be able to defend Linux and Open Source.
We must be aware of every new development in this issue to be able to stand for our beliefs when we are confronted with a PHB full of SCO's FUD.
There is a third form: the corporate policy to deal with exploits.
In this form, M$ is also guilty, because they choose a "security through obscurity" approach. Also they take several days to deliver a patch, their patches sometimes end up breaking something else.
In the Open Source world, a few hours after the exploit is discover, there are already patchs available.
Windows identifies a file as an executable based on the extension of its name. If its an.exe, it will execute in any computer.
Linux/Unix identifies a file as an executable based in its permissions. By default, all files are created with read and write permission, but not execute. So to run a program, you need to first change its permissions.
That makes the social engineering needed to trick a user to run a virus much more difficult.
If you are working with Linux, sooner or later, someone will ask you about the SCO claims.
To be able to discuss and defend Linux, every piece of information, every article or discussion is helpfull. We need to know all the details and be up to date with the every move by SCO to be able to dismiss their FUD.
Windows identifies a file as an executable by it's extension (.exe,.com ,.pif ). If you download an executable from internet, you just need to click on it to run it.
Unix/Linux identify a file as an executable by it's permissions. By default all files are created as rw- (read, write, no execute).
If you download an executable from Internet, you need to explicitly give it execute permission before being able to run it.
That doesn't mean that a virus for Linux is impossible to create, but it will be much more difficult to get an user to run it and it's impossible to execute it by mistake.
So, regarding viruses, yes, Linux/Unix is far more secure than M$.
to create a Linux or Mac OS virus/worm, M$ would have hundreds of coders writing them and releasing them in the wild, just to counterbalance the bad PR they are getting.
What about the unpatched servers (remember that Slammer hit Sql Server, an app that most home users are unlikely to use).? Are these servers administered by idiots or by people who paid to get an MSCE?
Why there isn't a culture of patching among Windows admins? Is the importance of patching not stressed enough in the MSCE courses?
If the spammers are using my email address to make money, dont I have some right to a part of that money. I do pay an ISP for an email address and they are profiting for it.
If anti spamn groups can get their list of emails, all the people that are on that list should get togheter and sued them.....
I assume that a majority of the serves hit were been administered by qualified people, someone with an MSCE or similar.
If such a huge number of MSCEs failed to do some basic thing like appling a service pack, or they are not aware of the importance of them, that raises several questions regarding the msce CERTIFICATION ITSELF.....
If such a big amount of servers got hit, that leaves two posibilities: 1) A lot of companies are putting unexperienced people to administer their servers.
or 2) they put MSCEs, That means that an MSCE is not even capable to apply a service pack or are not aware of their importance.....
Slashdot Mirror
I don't understand.
If SCO source code is in Linux, it's not a secret anymore. Why they don't just give a list of the infringing files or part of files?
In 1908? The russian revolution (which put the soviets in power) was in 1917...
Sooner or later, we will have to face questions about the SCO issue. The more information we have, the better we will be able to defend Linux and Open Source.
We must be aware of every new development in this issue to be able to stand for our beliefs when we are confronted with a PHB full of SCO's FUD.
Please, keep posting SCO stories.
The W32.Swen.A@mm exploits a vulnerability in Microsoft Outlook and Outlook Express for which a patch was posted in M$ site in March 2001.
Windows XP (which was released more than a year after the patch) is among the affected systems. So they failed to apply their own patches.
This shows that the problem with M$ security is very serious, they fail at the corporate level to address the security issues.
With Melinda Gates buying, it's easy to understand....
There is a third form: the corporate policy to deal with exploits.
In this form, M$ is also guilty, because they choose a "security through obscurity" approach. Also they take several days to deliver a patch, their patches sometimes end up breaking something else.
In the Open Source world, a few hours after the exploit is discover, there are already patchs available.
If Bigfoot realy existed, it (he?) will be not an Ape, but an humanoid.
What's going to happen to the creationsm belief? Such an humanoid will be a big argument if favor of evolution.
Windows identifies a file as an executable based on the extension of its name. If its an .exe, it will execute in any computer.
Linux/Unix identifies a file as an executable based in its permissions. By default, all files are created with read and write permission, but not execute. So to run a program, you need to first change its permissions.
That makes the social engineering needed to trick a user to run a virus much more difficult.
If you are working with Linux, sooner or later, someone will ask you about the SCO claims.
To be able to discuss and defend Linux, every piece of information, every article or discussion is helpfull. We need to know all the details and be up to date with the every move by SCO to be able to dismiss their FUD.
So, please, keep posting SCO stories.
It was 1986, we would invite our girlfriends to "see the Haley" at the beach.
I wonder how many children of Haley are around....
Windows identifies a file as an executable by it's extension (.exe, .com , .pif ). If you download an executable from internet, you just need to click on it to run it.
Unix/Linux identify a file as an executable by it's permissions. By default all files are created as rw- (read, write, no execute).
If you download an executable from Internet, you need to explicitly give it execute permission before being able to run it.
That doesn't mean that a virus for Linux is impossible to create, but it will be much more difficult to get an user to run it and it's impossible to execute it by mistake.
So, regarding viruses, yes, Linux/Unix is far more secure than M$.
to write a Linux virus, M$ will be releasing hundreds of them every month.....
if Issac Newton had been able to patent his Gravity Law?
to create a Linux or Mac OS virus/worm, M$ would have hundreds of coders writing them and releasing them in the wild, just to counterbalance the bad PR they are getting.
Bad PR?
It would be an admission of their incompetence.
to write a virus for Linux, there would be hundreds of them coming out of Redmond every month.....
What about the unpatched servers (remember that Slammer hit Sql Server, an app that most home users are unlikely to use).? Are these servers administered by idiots or by people who paid to get an MSCE?
Why there isn't a culture of patching among Windows admins? Is the importance of patching not stressed enough in the MSCE courses?
Redmond would be releasing hundreds of them every month.....
The AV companies probably have some people reading Slashdot, to get new ideas about how to create a virus....
If the spammers are using my email address to make money, dont I have some right to a part of that money. I do pay an ISP for an email address and they are profiting for it .
If anti spamn groups can get their list of emails, all the people that are on that list should get togheter and sued them.....
So Opera should fix every possible problem that MS can create....
if they want to serve pages that only work in IE, they should state it clearly: "We dont support other browsers".
If they don't, they are misleading users to believe that Opera is a crappy software.
I assume that a majority of the serves hit were been administered by qualified people, someone with an MSCE or similar.
If such a huge number of MSCEs failed to do some basic thing like appling a service pack, or they are not aware of the importance of them, that raises several questions regarding the msce CERTIFICATION ITSELF.....
Makes me wonder....
If such a big amount of servers got hit, that leaves two posibilities:
1) A lot of companies are putting unexperienced people to administer their servers.
or
2) they put MSCEs, That means that an MSCE is not even capable to apply a service pack or are not aware of their importance.....
What EULA are you talking about?
I don't use any M$ software and I haven't agreed to any EULA. But because of M$ buggy software, I suffered the consequences of the Internet slowdown.
This DDoS affected everyone, not only those running M$....