Dedicated webservers are actually far more attractive targets to attackers, they are likely to have a lot more upstream bandwidth available to them than a typical end user making them ideal for spam, ddos, and scanning for other machines to infect, or they could merely reuse the existing webserver as a delivery mechanism for malware or phishing sites.
Sometimes they will even hack the FAT to make it look like a much larger drive, although obviously you will start getting errors if you try to write beyond its actual capacity... A lot of people get caught out by this because it takes them some time to fill the drive.
Linux isn't really more difficult, it's just different... In many ways it's actually easier, to do anything complex it's a lot simpler for instance and most configuration is done in text files that often have very good comments.
The problem is that people think windows can be run by any idiots (thanks to ms marketing it as such), which simply isn't the case... If you want a windows based network that's even remotely secure or stable you need to hire competent staff, and those people are generally not cheap... You also need a lot of third party software to keep a windows network running properly.
If you've content to have a flakey windows network operated by the cheapest possible staff you *might* save money, especially if you don't consider the costs of security breaches. If you're willing to invest in decent staff and think long term, linux will almost always come out cheaper.
You're right, people should use open source because they choose it... They should use *anything* because they choose it...
Unfortunately, this is not the business model MS have chosen. They promote their products not by making people want to choose them, but by forcing them through various lockin schemes combined with heavy marketing and "training" schemes which encourage ignorance of the options available. Very few people do proper research and then choose MS based on the results of that research showing it to be technically or financially superior. They either do no research at all, or their selection criteria are corrupted because of lock-in.
No, but what they do is charge you per machine rather than per machine that has their software installed, making it not cost effective to use anything else.
They have special toilets, attached to sealed booths with attached rubber gloves you put your hands in, and a hose to wash the stuff down... Immigration officials use equipment like that all the time to retrieve drugs and other illegal items people try to import by swallowing.
Your house and other goods you owned would still retain value (and its value in terms of the currency would actually increase since more of the devalued currency would be required to purchase a house), the only thing that would lose value is any cash you held.
Obviously if you wanted to sell those goods, you wouldn't accept payment in a currency that was rapidly losing value. This is why people in countries with hyperinflation typically abandon the local currency and deal in dollars or euros.
The dictator may be unable to export the goods himself, perhaps due to sanctions or similar... Or he may have to export them on the black market and accept an extremely poor price for them.
Yes, like the government's quantitative easing policy...
Did this friend of yours contribute to the laughable state of the zimbabwean economy? I bought a 100 trillion zimbabwe dollar bill a while ago just for fun, its worth about 3 cents.
For another encryption example, look at how windows and linux implement user password hashing...
Linux takes the plaintext password via an input channel (ssh, telnet, gdm, local console etc), passes it to PAM which loads the corresponding password from the shadow file, encrypts the user input with the same algorithm and salt, and compares the output. The backend (pam, encryption cipher) can be changed without affecting how the frontend, making it easy to use a different encryption algorithm as increases in computing power, or discovery of cryptographic flaws, renders the old ones insecure.
Windows, in a somewhat misguided attempt to prevent plain texts being sent over the network, effectively uses the encrypted hash (yes its more complicated than that, but the general idea is that only the hash ever gets used and the password isnt sent in the clear - unix solves this at a different layer by using encryption of the plaintext password such as ssh)... Because of this, the hashing algorithm is difficult to change. Older windows used lanman which is laughably weak, while modern windows uses ntlm by default which is somewhat stronger but not great... However, modern windows still has lanman support for compatibility reasons, and until vista/2008 it was still enabled by default. If they change the hashing algorithm, then they will still have to retain the old ones for quite some time in order to have compatibility, and also change the protocols to handle a third possible algorithm. The fact that you can use the hash without cracking it first is also a design flaw, this isn't possible on unix or anything else i'm aware of.
Compatibility (with their own lockin) is their biggest selling point, but because of design flaws (like the registry and countless others) also their biggest weakness...
Also, how did they come to be testing open source software... Was it submitted by the authors for testing? I suspect not, since the testing process will cost money... Or did they simply download it and decide to test it arbitrarily? If the latter, then the open source software in question doesn't fall under the "needed their software tested" category...
You aren't worth the effort of exploiting... You probably don't use that machine as a workstation in a significantly sized company/government department... And if you do, then attacking you is a waste of time because any such company will have plenty of windows machines floating around which will be a lot easier to exploit and likely hold all the data an attacker might want anyway.
And unless you installed some third party implementation, the password complexity option is crap.. Password1 or Password1! will get through just fine, and when you're forced to change your password then Password2 will work perfectly well.
2, or a vulnerable plugin, or socially engineer a user of a fully patched browser (also a security flaw because the user needs the ability to execute arbitrary binaries)... 5/5a, active directory as a whole is vulnerable to these kind of attacks, due to design flaws rather than specific bugs that can easily be patched. 6, cracking windows passwords is easy once you have the hashes due to the encryption being extremely weak, and it cannot easily be replaced because the encryption algorithm is required for the network authentication processes (see design flaw)... However, you don't even need to crack the hashes, you can use the hashes as they are without cracking them (another design flaw)
aside from the various design flaws in windows, their marketing is the biggest flaw... windows is marketed as an "easy to use" server platform, where you don't need to hire expensive admins to run it. Now to keep a windows network barely functioning this is true, however to keep one as secure as possible (within the limits imposed by the various fundamental design flaws) you need a significant number of highly skilled staff and (often expensive) third party sotware.. MS would never admit this however, because that would be an admission that windows is about the most expensive platform to maintain across the board. Most companies seem to buy in to the marketing and hire insufficient staff with insufficient skills, as a result you get huge gaps in their setup which can be exploited.
There is also the lockin issue, companies are often tied to old crufty proprietary apps that cannot be moved to more modern systems, for instance webapps tied to ie6. Had they done their research up front and understood the risks and the future pain it will cause, it's likely they never would have implemented such proprietary systems... However, most companies seem not to understand the risks of lockin and even today are implementing new proprietary applications that will tie them down again. Windows 7 may be "the most secure windows ever", but they said that about nt4 years ago too. In a few years time, windows 7 will be the insecure crufty legacy os thats a thorn in peoples side while ms is pushing everyone to upgrade to the new "more secure" version.
Fascism doesn't necessarily require a small government, just that the government be controlled by corproate interests... In fact, a large totalitarian government is beneficial to a fascist state because it becomes easier to create conditions more favorable to business.
Which is why a monoculture is so bad... Attackers don't need information on the systems being used, they can just assume that their victims are running windows. If they had to recon their target first to find out what they're running and devise attack methodologies for multiple platforms the attacks would be massively more difficult and less common.
However, due to basic design flaws (rather than implementation bugs that will get patched), a windows and active directory based network is much easier to crack than environments based on other platforms...
The large ISPs that can afford to implement the recording are more than happy... Economies of scale mean they can implement the recording far more cheaply than the smaller players, many of whom will simply go bust leaving the big players to soak up the extra customers. And when they charge extra for the recording, they don't have to spend all the extra revenue on actually implementing it... Much of that will go to profit.
Why would a "server" os even have a web browser installed by default?
Dedicated webservers are actually far more attractive targets to attackers, they are likely to have a lot more upstream bandwidth available to them than a typical end user making them ideal for spam, ddos, and scanning for other machines to infect, or they could merely reuse the existing webserver as a delivery mechanism for malware or phishing sites.
Sometimes they will even hack the FAT to make it look like a much larger drive, although obviously you will start getting errors if you try to write beyond its actual capacity... A lot of people get caught out by this because it takes them some time to fill the drive.
Linux isn't really more difficult, it's just different... In many ways it's actually easier, to do anything complex it's a lot simpler for instance and most configuration is done in text files that often have very good comments.
The problem is that people think windows can be run by any idiots (thanks to ms marketing it as such), which simply isn't the case... If you want a windows based network that's even remotely secure or stable you need to hire competent staff, and those people are generally not cheap... You also need a lot of third party software to keep a windows network running properly.
If you've content to have a flakey windows network operated by the cheapest possible staff you *might* save money, especially if you don't consider the costs of security breaches. If you're willing to invest in decent staff and think long term, linux will almost always come out cheaper.
You're right, people should use open source because they choose it...
They should use *anything* because they choose it...
Unfortunately, this is not the business model MS have chosen. They promote their products not by making people want to choose them, but by forcing them through various lockin schemes combined with heavy marketing and "training" schemes which encourage ignorance of the options available.
Very few people do proper research and then choose MS based on the results of that research showing it to be technically or financially superior. They either do no research at all, or their selection criteria are corrupted because of lock-in.
No, but what they do is charge you per machine rather than per machine that has their software installed, making it not cost effective to use anything else.
Yes, but the north korean government doesn't really fit with communist ideology at all...
They aren't violating the GPL if they aren't distributing it (which i don't believe they are yet)...
They have special toilets, attached to sealed booths with attached rubber gloves you put your hands in, and a hose to wash the stuff down...
Immigration officials use equipment like that all the time to retrieve drugs and other illegal items people try to import by swallowing.
Your house and other goods you owned would still retain value (and its value in terms of the currency would actually increase since more of the devalued currency would be required to purchase a house), the only thing that would lose value is any cash you held.
Obviously if you wanted to sell those goods, you wouldn't accept payment in a currency that was rapidly losing value. This is why people in countries with hyperinflation typically abandon the local currency and deal in dollars or euros.
The dictator may be unable to export the goods himself, perhaps due to sanctions or similar... Or he may have to export them on the black market and accept an extremely poor price for them.
Yes, like the government's quantitative easing policy...
Did this friend of yours contribute to the laughable state of the zimbabwean economy? I bought a 100 trillion zimbabwe dollar bill a while ago just for fun, its worth about 3 cents.
Bugs can be fixed without impacting operation/compatibility...
A design flaw cannot.
For another encryption example, look at how windows and linux implement user password hashing...
Linux takes the plaintext password via an input channel (ssh, telnet, gdm, local console etc), passes it to PAM which loads the corresponding password from the shadow file, encrypts the user input with the same algorithm and salt, and compares the output. The backend (pam, encryption cipher) can be changed without affecting how the frontend, making it easy to use a different encryption algorithm as increases in computing power, or discovery of cryptographic flaws, renders the old ones insecure.
Windows, in a somewhat misguided attempt to prevent plain texts being sent over the network, effectively uses the encrypted hash (yes its more complicated than that, but the general idea is that only the hash ever gets used and the password isnt sent in the clear - unix solves this at a different layer by using encryption of the plaintext password such as ssh)... Because of this, the hashing algorithm is difficult to change. Older windows used lanman which is laughably weak, while modern windows uses ntlm by default which is somewhat stronger but not great... However, modern windows still has lanman support for compatibility reasons, and until vista/2008 it was still enabled by default. If they change the hashing algorithm, then they will still have to retain the old ones for quite some time in order to have compatibility, and also change the protocols to handle a third possible algorithm.
The fact that you can use the hash without cracking it first is also a design flaw, this isn't possible on unix or anything else i'm aware of.
Compatibility (with their own lockin) is their biggest selling point, but because of design flaws (like the registry and countless others) also their biggest weakness...
Also, how did they come to be testing open source software... Was it submitted by the authors for testing? I suspect not, since the testing process will cost money... Or did they simply download it and decide to test it arbitrarily? If the latter, then the open source software in question doesn't fall under the "needed their software tested" category...
I just shred with a generic desktop shredder, and then set fire to the resulting bundle of paper scraps.
You aren't worth the effort of exploiting...
You probably don't use that machine as a workstation in a significantly sized company/government department... And if you do, then attacking you is a waste of time because any such company will have plenty of windows machines floating around which will be a lot easier to exploit and likely hold all the data an attacker might want anyway.
And unless you installed some third party implementation, the password complexity option is crap.. Password1 or Password1! will get through just fine, and when you're forced to change your password then Password2 will work perfectly well.
2, or a vulnerable plugin, or socially engineer a user of a fully patched browser (also a security flaw because the user needs the ability to execute arbitrary binaries)...
5/5a, active directory as a whole is vulnerable to these kind of attacks, due to design flaws rather than specific bugs that can easily be patched.
6, cracking windows passwords is easy once you have the hashes due to the encryption being extremely weak, and it cannot easily be replaced because the encryption algorithm is required for the network authentication processes (see design flaw)... However, you don't even need to crack the hashes, you can use the hashes as they are without cracking them (another design flaw)
aside from the various design flaws in windows, their marketing is the biggest flaw... windows is marketed as an "easy to use" server platform, where you don't need to hire expensive admins to run it. Now to keep a windows network barely functioning this is true, however to keep one as secure as possible (within the limits imposed by the various fundamental design flaws) you need a significant number of highly skilled staff and (often expensive) third party sotware.. MS would never admit this however, because that would be an admission that windows is about the most expensive platform to maintain across the board.
Most companies seem to buy in to the marketing and hire insufficient staff with insufficient skills, as a result you get huge gaps in their setup which can be exploited.
There is also the lockin issue, companies are often tied to old crufty proprietary apps that cannot be moved to more modern systems, for instance webapps tied to ie6. Had they done their research up front and understood the risks and the future pain it will cause, it's likely they never would have implemented such proprietary systems... However, most companies seem not to understand the risks of lockin and even today are implementing new proprietary applications that will tie them down again. Windows 7 may be "the most secure windows ever", but they said that about nt4 years ago too. In a few years time, windows 7 will be the insecure crufty legacy os thats a thorn in peoples side while ms is pushing everyone to upgrade to the new "more secure" version.
Fascism doesn't necessarily require a small government, just that the government be controlled by corproate interests... In fact, a large totalitarian government is beneficial to a fascist state because it becomes easier to create conditions more favorable to business.
Which is why a monoculture is so bad... Attackers don't need information on the systems being used, they can just assume that their victims are running windows.
If they had to recon their target first to find out what they're running and devise attack methodologies for multiple platforms the attacks would be massively more difficult and less common.
However, due to basic design flaws (rather than implementation bugs that will get patched), a windows and active directory based network is much easier to crack than environments based on other platforms...
Plenty of reading on the web, but start with http://www.crest-approved.org/Pages/conf/windowsauth.pdf (use google to convert it to html if you're concerned about pdf vulns).
Only, MS don't release the specs until they are ready to release code that implements it thus giving them a head start on any development.
The large ISPs that can afford to implement the recording are more than happy... Economies of scale mean they can implement the recording far more cheaply than the smaller players, many of whom will simply go bust leaving the big players to soak up the extra customers.
And when they charge extra for the recording, they don't have to spend all the extra revenue on actually implementing it... Much of that will go to profit.