So they're only vulnerable to the hobbyist hackers... where are the successful malware examples from that group?
If the argument is that it's not worth anyone's time, then shouldn't you say that we don't know how vulnerable it is? I don't trust Apple implicitly, given how buggy early releases of many of their product seem to be, but this unfounded speculation does seem to be a popular troll that's used equally effectively against Linux. Try being a bit more responsible.
Re:2. is exactly the opposite for me
on
Reviews: Star Trek
·
· Score: 4, Insightful
More so than anyone else: Kirk is an impression.
I didn't get that until the end, and I think they threw in that line delivered in Kirk cadence as part of their plan to make Trekkies happy. It was just one more favorite clichés that we got to see once more. Sure, we're going to replace all your actors, but we won't ruin the characters. I approve.
Now, McCoy was the impression. He was pretty good at it though. No complaints.
And that's not even considering that the eReader solution is more likely to cost:
$300 for the reader still 50 cents for each newspaper addition.
I always expected on-demand cable movies to cost less than movie store rentals, since they don't have to spend money on the media and don't maintain a retail store, but I'm still waiting. It turns out that the cost of the content still has to be covered, and if newspapers still provide a print edition to some people, then they probably won't save any publishing costs at all.
The only sell here is convenience. Make it wireless. Make it reliable.
They probably just couldn't get behind the LCD to disconnect the camera at the source. That's as far as I got disassembling the unibody too. If you're willing to cut the cable you can keep Wi-Fi and just lose camara + bluetooth.
If anyone knows how to access the hidden screws in the unibody LCD, please let me know. I'm guessing that a special tool is involved.
v 1.9.2.3 ====== + A "NoScript development support filterset" gets added to AdBlock
Plus, whitelisting the noscript.net, flashgot.net, informaction.com
and hackademix.net web sites recently broken by an aggressive
EasyList campaign against sites sponsoring NoScript development.
ABP users are informed both on the install and on the release notes
pages, so they can easily disable the filterset if they whish to.
but the Mozilla Add-on Policy requires them to inform you in some detail of what is being changed by an update. Since you're in a browser, a web page seems the logical way to do it.
Maybe you shouldn't update them all at the same time?
"Also, it is important that you maintain version notes appropriately as you improve and change your add-on. Users should be able to see what's new in an add-on they may have tried previously, and should be made aware of changes that might affect their current use of the add-on when they update."
He can add it to the change list to satisfy this requirement.
"Your software should not intrude on the user unnecessarily, try to trick the user, or conceal any of its activities from the user."
I think that clearly user permission is required before altering other installed add-ons. Or he could just fail to operate if the ads aren't loaded and warn the user that one of his/her other add-ons is incompatible. I know which of the two I would uninstall.
I always thought the incremental updates to NoScript were too frequent to be entirely for the benefit of its users.
1) Involuntary web page visits after an update 2) serve ads 3) no step 3 4) profit
He probably looks for any typo that he can fix to get the next update out on time. At some point he needs to just call it adware, and I think we'd all agree that point has been reached. I'm now going find a way to avoid going to his page after an update, that way it won't matter if his ads were blocked or not.
Ah, it's the old "now they're better" argument. My laptop with a Radeon 9600 still can't suspend with the proprietary driver. Sometimes it locks up when I enable an external monitor with their utility (gotta save all my work before trying that one.) Seriously, I hear the same thing about MS and security. If they're living with a reputation they've earned, don't expect that to change overnight. And don't blame users who've gotten bad support, even if their data is a little out of date. If I'm going to get screwed again, at least it won't be by the same company.
My next laptop will have Nvidia based on the experiences with my current one. Maybe after that they'll get another shot.
Oh, now it's personal? While you willingly treat customers however the corporation tells you, expect a little flak.
I agree that cleverness is wasted. This is bureaucracy 101 - get in and get out. The supervisor's a waste too, unless you think you'll get a better deal. These days you're likely to hear, "I'm sorry, my supervisor is not available, but I can have him call you back."
Yeah Mandrake. I knew I was late to the game, but finally tried Mandrake 6. I picked that one for the graphical installer. It was easy and nice looking with a ton of dev tools. I was happy. Wish I'd tried it sooner.
They never should have changed the name. Mandrake Linux could not be confused with Mandrake the Magician.
>> it is safer than downloading random EXEs from the Internet.
>How does that follow?
>I mean, it's correct on the technicality that nobody (or almost nobody) writes malware for Linux compared to >Windows, but that doesn't make it safer by design.
Malware in a repository does not survive as long as malware in a random EXE on the internet. However, this is a benefit of open source repositories, not Linux.
using Ubuntu I do have to use the CLI to perform certain tasks. Often they are tasks I like the CLI for better, but I recognize that isn't the case for normal users.
I have to agree that there's a need to be specific here. Is it something a normal user needs to do? I sometimes install Linux for normal users. Once I finish configuring, I am assuming they won't ever need the terminal. If that's wrong, please let me know.
Copying protected files in nautilus was a good example. I think it should give me a way to override the error. Currently I go to the terminal when that happens.
"Odd. I believe I haven't seen my Ubuntu beep, well, ever..."
Really?? All I have to do is connect or disconnect the power supply on my laptop. When the terminal is open I get it all the time for command completion. This thread has reminded me that I'd really rather have it off than muting the speakers all the time.
Someone who currently backs MS 100% of the time regardless of the issue is not an independent thinker. Simple really. Stop pretending you're independent.
"If you claim that Word and Excel did not run as standard users, you are now exposing yourself as a liar."
Oh right! If it didn't happen to you then it didn't happen. You won't want to read this link:
I had this problem, but it was better than the crash that I use to get, which only happened as a limited user. So, you don't know what you're talking about. It's a fact that you don't want to be a standard user on Windows XP. Do you like getting updates to those required anti-virus programs? Then you may want to be an administrator.
Prediction: You will now go on to deny that Windows XP and every prior version had a problem with this, or you'll say that it doesn't matter now that everything has been fixed in Vista. It's enough to make anyone wonder why Windows 7 is coming so soon, when Vista was so perfect.
That's just the point: What discoveries?! The patent looks like it takes existing LAN and DSP technology and adds, "but do it wirelessly." This is shades of patents that added "but do it on the internet". Where a specific infringement is not obvious, I wonder if the vague and all-encompassing idea of using a wireless LAN in an office or home setting would allow them to attack any home wireless technology, regardless of whether or not it had anything to do with their invention.
I was looking forward to the legal battle, but I guess CSIRO gave them a price they couldn't pass up. Maybe now we'll never find out what they "discovered".
1. Someone says anything negative about Microsoft where you can read it. 2. You say: It's a myth that Microsoft does that. They have no choice. It's not their fault. Groupthink! Groupthink! 3. Someone says, but what about x, y, and z? 4. Deny. 5. Deny. 6. Deny. 7. Claim to know more, but don't actually present a counter argument.
It must never get old for you.
"how dare anyone defend MS on slashdot?"
No, how dare you do nothing but defend MS on slashdot, then call yourself and independent thinker. About the third time that you dug in your heels on something obvious, and not very important, I started to wonder what was up with you. Now we know.
I don't care about DRM. It really was on the list of things you posted recently. Again, I was being factual, and you completely misread the plain meaning of it.
"Now you need to fall back on plain english."
In case you missed it, all of my post were in English. Even when we used different terms, my follow up explained how I was using them. At which point you can continue to argue about what's an admin, or you can actually say something about why you prefer admins on Windows. You chose the former.
Speaking of English comprehension, if I say that being able to run without root privileges is new to Windows, that doesn't mean I didn't know XP has standard users. If I say that those standard users were unusable, it might mean that I think not being able to use ordinary applications, including Microsoft applications like Word and Excel, made the standard user unusable. And if I post a link to a Microsoft executive admitting that they coded like this prior to Vista, then you really should be able to comprehend that.
Wow, I'm genuinely surprised you got the following right:
1. We already know from theory, that unixes are much less susceptible to viruses. 2. Architecturally Linux and OS X are less susceptible to viruses. 3. Vista's security model still has its problems.
Those all go to support the main point:
The claim that Linux would have as many viruses as Windows if Linux were as popular as Windows is false.
Here's one I have realized after talking to you:
Nobody who has ever made that claim has ever said anything to support it. It's a hit and run line for Linux bashers.
1. You claim standard users are new to windows
I probably used standard users before you. My claim was that Windows didn't have usable standard users, like Linux does. In fact, this was considered a new goal by Microsoft itself in 2006, which I cited. Thanks for the numbering. That makes this lie #1.
2. You claim admins on windows are like root on linux (i.e. you are unaware of local system's role)
If you think that Windows administrators are not like root, then you are truly clueless. Remember when I asked when you were going to make your next uninformed assumption? It didn't take long. Yes, I know what the system account does. Have fun running as local system. D'oh!
3. Your insistence on calling sudo a security warning
It is a warning, in the plain English reading of the word. Choosing not to understand again? How strange... or maybe not.
4. You were unaware of whitelisting and authenticode checks from UAC.
Says who?! Whitelisting does not invalidate my argument. If you're using whitelisting to suppress unwanted UAC *warnings*, then you just don't get it.
Now let me try your tactic: You don't know what Integrity Levels are?? Clearly security is not your thing. You didn't even know what Integrity Levels were until I told you, etc., etc., lie, lie
5. You cited SELinux without actually knowing what it is (since it is unrelated to your claim, you would not cite it if you knew anything about it)
I have used SELinux since FC4, genius. And PolicyKit is on my Ubuntu 8.04 (running in default config, though). This is "unrelated" to Linux security?? Hey, didn't you claim to be running Ubuntu? You said, "I'm typing this from Ubuntu now!" I guess you like to claim things that aren't true. Why is that?
WAIT. WHAT'S THIS I FOUND???
I can't believe I didn't check before now, but since the linux-friendly Linux bashing didn't add up I looked at your posting history. You're a total Microsoft homer!
Whether you really type on Ubuntu as you claim, or not, it is an indisputable fact you can only be bothered to post when Microsoft needs to be defended, whether it be Xbox, Windows 7, or the Corporation itself. You couldn't be more passionate about them if you worked there yourself. You did take a couple of breaks from it in recent postings to promote DRM and to dump on Apple, but other than that it's pure Microsoft looooove.
Hey, don't fight it. Some of us never find love like that in our entire lifetimes.;-)
Either you suck at reading comprehension or you don't know what *you're* talking about. I consider a user with sudo access to be an admin user, because they can administer the machine. Is that so damn hard? Rather than simply getting the point you have to tell us what an admin user is and is not. FYI, admin in Linux != administrator on Windows XP. The Windows XP administrator is more like root in Linux. You knew this, of course, but if I don't spell it out for you, you will pretend I don't understand.
So getting back to the point: A user without sudo is actually usable, but a standard Windows user is not. Your counter example of a 1000 data entry monkeys all using the same application(s) does not impress me. You go on to say the mode is not important because grandma's don't use it? Which is it? We're talking security. It's a security advantage to be able to run in that mode more often? Yes, so it counts. Microsoft itself will admit this point, but you won't. Fine!
Yes, sudo is a security warning. It warns you that your action will require elevated privilege, with the security risk that entails. You're bitching about terms again, probably because you don't really care. It's not a Slashdot myth that UAC is often invoked unnecessarily - that's another weasel debating tactic - labeling that which you disagree with. I've seen security prompted for deleting files I created, and for apps that had no business getting elevated access. I can browse without sudo in Linux, the MS solution is less secure.
"It's the reason to not think of UAC as a security boundary."
AND it's the reason that it's a very bad idea to invoke it for everything under the sun, like Vista does! Then there are the processes themselves. Which elevated apps are more likely to have those holes you speak of? Survey says... Windows. To recap, I run fewer processes with sudo, and those processes are more secure. Deny it if you want. Did you know that sudo can be allowed only for those executables you trust. Oh, what am I saying? I'm sure none of this counts. So Window is the same as Linux after all, in your mind. Congrats.
BTW, we haven't even touched on PolicyKit and SELinux. MS had a hard enough time bolting UAC onto it's architecture. How will they go forward with their "state of the art" UAC and still champion ease of use and backward compatibility? Hint: They probably won't.
I liked the article I quoted, I just think that Convenience beat Security in order to get UAC working. Still it's a step in the right direction and miles better than XP. I hope that external security is similarly improved. Only time will tell.
"Think for a second that one single linux distro has 95% of the market."
Do we have to assume that Linux loses it's diversity as it grows in popularity? Why? I guess if it doesn't fit with your world view, we'll have to throw it out.
Oooh, threat model. I've never heard of that before. Ok, I'll concede the point... wait, what point? You haven't made one. Are you claiming that people aren't choosing Linux for it's security. Based on what?
"Anecdotal evidence does not count."
Count whatever you want. My first reply was to two people contributing their Windows anecdotes. I can add mine too... unless you don't like it, of course. Just let me know.
So you know, I am not gating access to my network with XP. Those machines are for testing security in a lab, but not OS security. Do you object that I don't fork out more to MS when it's not necessary? What will your next uninformed assumption be?
"I make my living as a dev on windows."
Color me not surprised, you independent thinker you.
"The word finally is never used in security."
Reading comprehesion, again. Windows security has sucked since DOS. You're trying to say that it has finally improved to decency. That "finally" doesn't mean it won't improve further. It means it's "at last", and "just now" reaching parity. Well
No word play. Another attempt to characterize the response, rather than simply address it, like using the word groupthink.
1. Wrong. Linux has real non-privileged users. A user with sudo is and admin user. So, root, admin, normal user. I'll forgive your lack of familiarity, because you're probably not a security professional.;-)
You think it's OK to conflate confirmation of actions with security warnings? You're fine with requesting privilege elevation so often that users learn they have to click "allow" to get any work done.
2. Wrong. I have tried to use a non-admin account on Windows many times over the years. It's unusable. This is news to you?? I guess you missed this quote from Jim Allchin at Microsoft (http://windowsteamblog.com/blogs/windowsvista/archive/2007/01/23/security-features-vs-convenience.aspx), "most software developers (including at Microsoft) developed their software assuming that the user would be an administrator." If you don't need to run any software, a Windows standard user should be just fine for you!
Here's the clincher, "If an administrator performs multiple tasks on the same desktop, then malware may potentially be able to inject or interfere with an elevated process from a non-elevated process." He goes on to explain why they made security compromises in Vista, but all you really need is the title, "Security Features vs. Convenience".
3. Not a monolithic user environment, I meant to say. The mix of packages installed even on the same distro has a healthy variation. Basically it's the same argument as diversity, which you tried to make equivalent to adoption rates. Just concede the point and move on.
4. Companies who are entirely web-based think that Linux is a safe OS. They don't think that Linux is only safe because hackers don't care. They know that hackers have attacked their OS, and that Linux is pretty secure. Again, just concede the point.
My compromised RADIUS servers were on XP and 2003 with current updates, so I know you won't defend those, even the very latest versions. You want to say that Windows has finally caught up to everyone else, after 15 years, with Vista. Your problem is that you want to do this by saying that Linux and OS X have weak security too. I strongly disagree, but even if you win that argument, you lose. You're on a train to nowhere.
You're a Windows fan, and I'm not - that won't change today, but I hope you'll consider how Windows has earned its reputation as an insecure OS. That is the reason for the complaints, not groupthink. Vista's security model still has its problems, so don't take it personally that someone doesn't take your word for it that things have finally changed. I told you that if I find Windows 7 security to better (i.e. intelligent and effective), I will give it credit. I can tell you right now, if it needs 3rd party applications to ensure OS integrity - and Microsoft says that Vista does - then I won't call it secure.
His grandma not being able to run Linux was an arbitrary excuse to not discuss Linux security. You can speculate on why he didn't go there, but it's not because normal people won't be able to run it for several years! (very funny)
Miller: "I'd say that Macs are less secure." By the way, I'm an expert on Mac security and I work for a security firm that I'm going to promote in this interview. (sorry, that's not an unbiased source)
You'd like to paint my claim as "Windows is swiss cheese and Macs/Linux are vaults", but I'll say it again, since you liked it so much: Architecturally Linux and OS X are less susceptible to viruses. Having real non-privileged users is better than the default admin+UAC of Vista. Applications on Linux have always been expected to run without root privilege (not all do), whereas the concept is still new to Windows, thus the UAC requests for almost anything. Not being as monolithic also helps. Distro diversity also makes viruses less successful (not a Mac advantage).
This groupthink insult is pretty easy throw around, isn't it?
45% of web servers run Apache, and most of those run Linux - including the web's biggest sites. Millions of internet accessible machines. Not worth writing a virus? I can only assume this lie helps you put up with Windows.
The justice department's position is not an elected representative. He's not supposed to represent us. Lawyers are mercenaries. They'll change their beliefs for whomever signs the paycheck. He'll do what he's told. Your problem is with the person running the show. Obama took record amounts of money to win, that probably means a lot of favors to pay back, and not to you and me.
Slashdot Mirror
Exactly!
This would be like installing Windows yourself and complaining that you couldn't even play a DVD, let alone burn one.
So they're only vulnerable to the hobbyist hackers... where are the successful malware examples from that group?
If the argument is that it's not worth anyone's time, then shouldn't you say that we don't know how vulnerable it is? I don't trust Apple implicitly, given how buggy early releases of many of their product seem to be, but this unfounded speculation does seem to be a popular troll that's used equally effectively against Linux. Try being a bit more responsible.
More so than anyone else: Kirk is an impression.
I didn't get that until the end, and I think they threw in that line delivered in Kirk cadence as part of their plan to make Trekkies happy. It was just one more favorite clichés that we got to see once more. Sure, we're going to replace all your actors, but we won't ruin the characters. I approve.
Now, McCoy was the impression. He was pretty good at it though. No complaints.
And that's not even considering that the eReader solution is more likely to cost:
$300 for the reader
still 50 cents for each newspaper addition.
I always expected on-demand cable movies to cost less than movie store rentals, since they don't have to spend money on the media and don't maintain a retail store, but I'm still waiting. It turns out that the cost of the content still has to be covered, and if newspapers still provide a print edition to some people, then they probably won't save any publishing costs at all.
The only sell here is convenience. Make it wireless. Make it reliable.
They probably just couldn't get behind the LCD to disconnect the camera at the source. That's as far as I got disassembling the unibody too. If you're willing to cut the cable you can keep Wi-Fi and just lose camara + bluetooth.
If anyone knows how to access the hidden screws in the unibody LCD, please let me know. I'm guessing that a special tool is involved.
There is is. I do not find it sufficient:
v 1.9.2.3
======
+ A "NoScript development support filterset" gets added to AdBlock
Plus, whitelisting the noscript.net, flashgot.net, informaction.com
and hackademix.net web sites recently broken by an aggressive
EasyList campaign against sites sponsoring NoScript development.
ABP users are informed both on the install and on the release notes
pages, so they can easily disable the filterset if they whish to.
but the Mozilla Add-on Policy requires them to inform you in some detail of what is being changed by an update. Since you're in a browser, a web page seems the logical way to do it.
Maybe you shouldn't update them all at the same time?
Specifically, he failed to follow these:
"Also, it is important that you maintain version notes appropriately as you improve and change your add-on. Users should be able to see what's new in an add-on they may have tried previously, and should be made aware of changes that might affect their current use of the add-on when they update."
He can add it to the change list to satisfy this requirement.
"Your software should not intrude on the user unnecessarily, try to trick the user, or conceal any of its activities from the user."
I think that clearly user permission is required before altering other installed add-ons. Or he could just fail to operate if the ads aren't loaded and warn the user that one of his/her other add-ons is incompatible. I know which of the two I would uninstall.
I always thought the incremental updates to NoScript were too frequent to be entirely for the benefit of its users.
1) Involuntary web page visits after an update
2) serve ads
3) no step 3
4) profit
He probably looks for any typo that he can fix to get the next update out on time. At some point he needs to just call it adware, and I think we'd all agree that point has been reached. I'm now going find a way to avoid going to his page after an update, that way it won't matter if his ads were blocked or not.
"...an indication that you were using stenography."
They can always just ask the stenographer if she did any work for you, and then she rats you out.
Lesson: Don't use stenographers. Typing is fast enough.
Ah, it's the old "now they're better" argument. My laptop with a Radeon 9600 still can't suspend with the proprietary driver. Sometimes it locks up when I enable an external monitor with their utility (gotta save all my work before trying that one.) Seriously, I hear the same thing about MS and security. If they're living with a reputation they've earned, don't expect that to change overnight. And don't blame users who've gotten bad support, even if their data is a little out of date. If I'm going to get screwed again, at least it won't be by the same company.
My next laptop will have Nvidia based on the experiences with my current one. Maybe after that they'll get another shot.
They probably will get free academic or community involvement. Just like Linux development, a few get paid, most work for free.
Oh, now it's personal? While you willingly treat customers however the corporation tells you, expect a little flak.
I agree that cleverness is wasted. This is bureaucracy 101 - get in and get out. The supervisor's a waste too, unless you think you'll get a better deal. These days you're likely to hear, "I'm sorry, my supervisor is not available, but I can have him call you back."
Yeah Mandrake. I knew I was late to the game, but finally tried Mandrake 6. I picked that one for the graphical installer. It was easy and nice looking with a ton of dev tools. I was happy. Wish I'd tried it sooner.
They never should have changed the name. Mandrake Linux could not be confused with Mandrake the Magician.
>> it is safer than downloading random EXEs from the Internet.
>How does that follow?
>I mean, it's correct on the technicality that nobody (or almost nobody) writes malware for Linux compared to
>Windows, but that doesn't make it safer by design.
Malware in a repository does not survive as long as malware in a random EXE on the internet. However, this is a benefit of open source repositories, not Linux.
using Ubuntu I do have to use the CLI to perform certain tasks. Often they are tasks I like the CLI for better, but I recognize that isn't the case for normal users.
I have to agree that there's a need to be specific here. Is it something a normal user needs to do? I sometimes install Linux for normal users. Once I finish configuring, I am assuming they won't ever need the terminal. If that's wrong, please let me know.
Copying protected files in nautilus was a good example. I think it should give me a way to override the error. Currently I go to the terminal when that happens.
"Odd. I believe I haven't seen my Ubuntu beep, well, ever..."
Really?? All I have to do is connect or disconnect the power supply on my laptop. When the terminal is open I get it all the time for command completion. This thread has reminded me that I'd really rather have it off than muting the speakers all the time.
"An independent thinker cannot back MS?"
Someone who currently backs MS 100% of the time regardless of the issue is not an independent thinker. Simple really. Stop pretending you're independent.
"If you claim that Word and Excel did not run as standard users, you are now exposing yourself as a liar."
Oh right! If it didn't happen to you then it didn't happen. You won't want to read this link:
Office 2007 Unusable in Limited User Account
I had this problem, but it was better than the crash that I use to get, which only happened as a limited user. So, you don't know what you're talking about. It's a fact that you don't want to be a standard user on Windows XP. Do you like getting updates to those required anti-virus programs? Then you may want to be an administrator.
Prediction: You will now go on to deny that Windows XP and every prior version had a problem with this, or you'll say that it doesn't matter now that everything has been fixed in Vista. It's enough to make anyone wonder why Windows 7 is coming so soon, when Vista was so perfect.
That's just the point: What discoveries?! The patent looks like it takes existing LAN and DSP technology and adds, "but do it wirelessly." This is shades of patents that added "but do it on the internet". Where a specific infringement is not obvious, I wonder if the vague and all-encompassing idea of using a wireless LAN in an office or home setting would allow them to attack any home wireless technology, regardless of whether or not it had anything to do with their invention.
I was looking forward to the legal battle, but I guess CSIRO gave them a price they couldn't pass up. Maybe now we'll never find out what they "discovered".
Here is homer's standard operating procedure:
1. Someone says anything negative about Microsoft where you can read it.
2. You say: It's a myth that Microsoft does that. They have no choice. It's not their fault. Groupthink! Groupthink!
3. Someone says, but what about x, y, and z?
4. Deny.
5. Deny.
6. Deny.
7. Claim to know more, but don't actually present a counter argument.
It must never get old for you.
"how dare anyone defend MS on slashdot?"
No, how dare you do nothing but defend MS on slashdot, then call yourself and independent thinker. About the third time that you dug in your heels on something obvious, and not very important, I started to wonder what was up with you. Now we know.
I don't care about DRM. It really was on the list of things you posted recently. Again, I was being factual, and you completely misread the plain meaning of it.
"Now you need to fall back on plain english."
In case you missed it, all of my post were in English. Even when we used different terms, my follow up explained how I was using them. At which point you can continue to argue about what's an admin, or you can actually say something about why you prefer admins on Windows. You chose the former.
Speaking of English comprehension, if I say that being able to run without root privileges is new to Windows, that doesn't mean I didn't know XP has standard users. If I say that those standard users were unusable, it might mean that I think not being able to use ordinary applications, including Microsoft applications like Word and Excel, made the standard user unusable. And if I post a link to a Microsoft executive admitting that they coded like this prior to Vista, then you really should be able to comprehend that.
Wow, I'm genuinely surprised you got the following right:
1. We already know from theory, that unixes are much less susceptible to viruses.
2. Architecturally Linux and OS X are less susceptible to viruses.
3. Vista's security model still has its problems.
Those all go to support the main point:
The claim that Linux would have as many viruses as Windows if Linux were as popular as Windows is false.
Here's one I have realized after talking to you:
Nobody who has ever made that claim has ever said anything to support it. It's a hit and run line for Linux bashers.
1. You claim standard users are new to windows
I probably used standard users before you. My claim was that Windows didn't have usable standard users, like Linux does. In fact, this was considered a new goal by Microsoft itself in 2006, which I cited. Thanks for the numbering. That makes this lie #1.
2. You claim admins on windows are like root on linux (i.e. you are unaware of local system's role)
If you think that Windows administrators are not like root, then you are truly clueless. Remember when I asked when you were going to make your next uninformed assumption? It didn't take long. Yes, I know what the system account does. Have fun running as local system. D'oh!
3. Your insistence on calling sudo a security warning
It is a warning, in the plain English reading of the word. Choosing not to understand again? How strange... or maybe not.
4. You were unaware of whitelisting and authenticode checks from UAC.
Says who?! Whitelisting does not invalidate my argument. If you're using whitelisting to suppress unwanted UAC *warnings*, then you just don't get it.
Now let me try your tactic: You don't know what Integrity Levels are?? Clearly security is not your thing. You didn't even know what Integrity Levels were until I told you, etc., etc., lie, lie
5. You cited SELinux without actually knowing what it is (since it is unrelated to your claim, you would not cite it if you knew anything about it)
I have used SELinux since FC4, genius. And PolicyKit is on my Ubuntu 8.04 (running in default config, though). This is "unrelated" to Linux security?? Hey, didn't you claim to be running Ubuntu? You said, "I'm typing this from Ubuntu now!" I guess you like to claim things that aren't true. Why is that?
WAIT. WHAT'S THIS I FOUND???
I can't believe I didn't check before now, but since the linux-friendly Linux bashing didn't add up I looked at your posting history. You're a total Microsoft homer!
Whether you really type on Ubuntu as you claim, or not, it is an indisputable fact you can only be bothered to post when Microsoft needs to be defended, whether it be Xbox, Windows 7, or the Corporation itself. You couldn't be more passionate about them if you worked there yourself. You did take a couple of breaks from it in recent postings to promote DRM and to dump on Apple, but other than that it's pure Microsoft looooove.
Hey, don't fight it. Some of us never find love like that in our entire lifetimes. ;-)
you better know what you're talking about.
Either you suck at reading comprehension or you don't know what *you're* talking about. I consider a user with sudo access to be an admin user, because they can administer the machine. Is that so damn hard? Rather than simply getting the point you have to tell us what an admin user is and is not. FYI, admin in Linux != administrator on Windows XP. The Windows XP administrator is more like root in Linux. You knew this, of course, but if I don't spell it out for you, you will pretend I don't understand.
So getting back to the point: A user without sudo is actually usable, but a standard Windows user is not. Your counter example of a 1000 data entry monkeys all using the same application(s) does not impress me. You go on to say the mode is not important because grandma's don't use it? Which is it? We're talking security. It's a security advantage to be able to run in that mode more often? Yes, so it counts. Microsoft itself will admit this point, but you won't. Fine!
Yes, sudo is a security warning. It warns you that your action will require elevated privilege, with the security risk that entails. You're bitching about terms again, probably because you don't really care. It's not a Slashdot myth that UAC is often invoked unnecessarily - that's another weasel debating tactic - labeling that which you disagree with. I've seen security prompted for deleting files I created, and for apps that had no business getting elevated access. I can browse without sudo in Linux, the MS solution is less secure.
"It's the reason to not think of UAC as a security boundary."
AND it's the reason that it's a very bad idea to invoke it for everything under the sun, like Vista does! Then there are the processes themselves. Which elevated apps are more likely to have those holes you speak of? Survey says... Windows. To recap, I run fewer processes with sudo, and those processes are more secure. Deny it if you want. Did you know that sudo can be allowed only for those executables you trust. Oh, what am I saying? I'm sure none of this counts. So Window is the same as Linux after all, in your mind. Congrats.
BTW, we haven't even touched on PolicyKit and SELinux. MS had a hard enough time bolting UAC onto it's architecture. How will they go forward with their "state of the art" UAC and still champion ease of use and backward compatibility? Hint: They probably won't.
I liked the article I quoted, I just think that Convenience beat Security in order to get UAC working. Still it's a step in the right direction and miles better than XP. I hope that external security is similarly improved. Only time will tell.
"Think for a second that one single linux distro has 95% of the market."
Do we have to assume that Linux loses it's diversity as it grows in popularity? Why? I guess if it doesn't fit with your world view, we'll have to throw it out.
Oooh, threat model. I've never heard of that before. Ok, I'll concede the point... wait, what point? You haven't made one. Are you claiming that people aren't choosing Linux for it's security. Based on what?
"Anecdotal evidence does not count."
Count whatever you want. My first reply was to two people contributing their Windows anecdotes. I can add mine too... unless you don't like it, of course. Just let me know.
So you know, I am not gating access to my network with XP. Those machines are for testing security in a lab, but not OS security. Do you object that I don't fork out more to MS when it's not necessary? What will your next uninformed assumption be?
"I make my living as a dev on windows."
Color me not surprised, you independent thinker you.
"The word finally is never used in security."
Reading comprehesion, again. Windows security has sucked since DOS. You're trying to say that it has finally improved to decency. That "finally" doesn't mean it won't improve further. It means it's "at last", and "just now" reaching parity. Well
No word play. Another attempt to characterize the response, rather than simply address it, like using the word groupthink.
1. Wrong. Linux has real non-privileged users. A user with sudo is and admin user. So, root, admin, normal user. I'll forgive your lack of familiarity, because you're probably not a security professional. ;-)
You think it's OK to conflate confirmation of actions with security warnings? You're fine with requesting privilege elevation so often that users learn they have to click "allow" to get any work done.
2. Wrong. I have tried to use a non-admin account on Windows many times over the years. It's unusable. This is news to you?? I guess you missed this quote from Jim Allchin at Microsoft (http://windowsteamblog.com/blogs/windowsvista/archive/2007/01/23/security-features-vs-convenience.aspx), "most software developers (including at Microsoft) developed their software assuming that the user would be an administrator." If you don't need to run any software, a Windows standard user should be just fine for you!
Here's the clincher, "If an administrator performs multiple tasks on the same desktop, then malware may potentially be able to inject or interfere with an elevated process from a non-elevated process." He goes on to explain why they made security compromises in Vista, but all you really need is the title, "Security Features vs. Convenience".
3. Not a monolithic user environment, I meant to say. The mix of packages installed even on the same distro has a healthy variation. Basically it's the same argument as diversity, which you tried to make equivalent to adoption rates. Just concede the point and move on.
4. Companies who are entirely web-based think that Linux is a safe OS. They don't think that Linux is only safe because hackers don't care. They know that hackers have attacked their OS, and that Linux is pretty secure. Again, just concede the point.
My compromised RADIUS servers were on XP and 2003 with current updates, so I know you won't defend those, even the very latest versions. You want to say that Windows has finally caught up to everyone else, after 15 years, with Vista. Your problem is that you want to do this by saying that Linux and OS X have weak security too. I strongly disagree, but even if you win that argument, you lose. You're on a train to nowhere.
You're a Windows fan, and I'm not - that won't change today, but I hope you'll consider how Windows has earned its reputation as an insecure OS. That is the reason for the complaints, not groupthink. Vista's security model still has its problems, so don't take it personally that someone doesn't take your word for it that things have finally changed. I told you that if I find Windows 7 security to better (i.e. intelligent and effective), I will give it credit. I can tell you right now, if it needs 3rd party applications to ensure OS integrity - and Microsoft says that Vista does - then I won't call it secure.
Corrections:
His grandma not being able to run Linux was an arbitrary excuse to not discuss Linux security. You can speculate on why he didn't go there, but it's not because normal people won't be able to run it for several years! (very funny)
Miller: "I'd say that Macs are less secure." By the way, I'm an expert on Mac security and I work for a security firm that I'm going to promote in this interview. (sorry, that's not an unbiased source)
You'd like to paint my claim as "Windows is swiss cheese and Macs/Linux are vaults", but I'll say it again, since you liked it so much: Architecturally Linux and OS X are less susceptible to viruses. Having real non-privileged users is better than the default admin+UAC of Vista. Applications on Linux have always been expected to run without root privilege (not all do), whereas the concept is still new to Windows, thus the UAC requests for almost anything. Not being as monolithic also helps. Distro diversity also makes viruses less successful (not a Mac advantage).
This groupthink insult is pretty easy throw around, isn't it?
45% of web servers run Apache, and most of those run Linux - including the web's biggest sites. Millions of internet accessible machines. Not worth writing a virus? I can only assume this lie helps you put up with Windows.
"over someone who could accurately represent us"
The justice department's position is not an elected representative. He's not supposed to represent us. Lawyers are mercenaries. They'll change their beliefs for whomever signs the paycheck. He'll do what he's told. Your problem is with the person running the show. Obama took record amounts of money to win, that probably means a lot of favors to pay back, and not to you and me.