It all boils down to risk assessment / management / mitigation. But i'm not talking from the user's viewpoint but the software developer's. I mean you can't just tell the users to install firewalls like microsoft does because the system is quite flawed in the first place! I cannot stress this enough:
A system is only that strong as it's weakest component
If you put that on a platform level from the viewpoint of a software developer organization it clearly means that you need to code the system in a way that an attacker sees a very low ratio of possible compromisable hosts. Relying on a feature(firewall) to fix a bug(networking code) is NOT the way to do it. That doesn't mean of course that a firewall is not useful or even quite recommended.
I think if i would claim that 10% of all windows home-user boxes are vulnerable and/or compromised then i think i was really cautious. That 10% however can fu*k up the "fun" for the rest of the 90% too.
I care to disagree with the article and your viewpoint on the basis of evolution and bilogical diversity theories applied to computing.
On the long term, the more diverse an environment is, the more like it is to survive. It doesn't mean that you cannot provide interactivity between two different systems on the level of common protocols and standards, however. That is the most important thing people tend to forget when people are advocating homogenous environments.
If there would be 15 closed source proprietare environments we would be in trouble, but since interoperability can be achieved since everything is open this isn't really a problem. Nature worked this out quite amazingly for us already, i would place my bets there - i think it's a pretty big scientific proof.
Nothing is wrong with different setups/designs because evolution leeds heterogenity into homogenity in some ideas while opening up new frontiers for testing. This means heterogenity actually makes things better on the long term. Think of it as a large try,retry,fail process until you reach one that works. That will survive.
A box running no services should be not vulnerable of any dos except brute force even without a firewall. A firewall shouldn't be a solution to poor design/implementation problems and code bugs. That is simply not working. What if someone gets through the firewall?
Although they do try to show it down on our throats at university, which is a much better selling point for new programming languages than to put it on an XP cd.
User tools to users, programmer tools to programmers.
The shit thing is i DONT want to use microsoft technology, although i want to be a programmer or programming mathematician, whichever is the correct terminology. Still, i'm forced to use it. I really hope in the next years they offer alternatives to using.NET.
The developers just felt there is no urgent need for 2.7 yet and also that 2.6 can accept more features in a semi-stable state than it would be truly a need for 2.7.
You can make a turtle fly at speeds breaking the sound barrier aswell.
Is the turtle designed for that?
Is it capable of that?
Please answer those questions, then replace the turtle with windows and breaking the sound barrier with building a cluster. As someone noted, MS and Dell put together that cluster. The obvious conclusion is that other people aren't out of their minds yet.
Also, i said "No wonder that the top500 is mostly made up from unix/linux systems". The exception makes the rule stronger, is this familiar?
According to this article: "the computer scientists behind the Top 500 list say that 291 of the machines (58 percent) on the list are clustered machines. While the Top 500 list does not specifically identify the operating system platform, it probably breaks down to around 55 percent Linux, 40 percent Unix, and another 5 percent as Windows platforms."
The most important part is the design on those systems. They need flexibility. Windows is anything but flexible. No wonder that the top500 is mostly made up from unix/linux systems.
They need customized things, not a toy. The people running those supercomputers want to customize things themselves. Windows is just not ment for anything else than desktops, thats the truth and i know i'll get flamed for it.
Security/monitoring is a process not a product. When you finish the checklist you start over.
Also, i would recommend trying to cut back the windows server's somehow, maybe mention the right words when the licenses expire or its that time of the year to upgrade to a "free" solution?
Users need to stop blaming companies and start doing what THEY should do to protect THEIR own data. Security is a process, not a product and it includes securing someone's computer too. I bet the majority of cc thefts are from a virus/trojan not because someone played MitM with the user over TLS/SSL or hacked the bank.
The users are mostly not aware of this, they need to be educated. Sadly windows makes people believe there are no knowledge required to use a computer and thats not even true in the case of that particular operating system.
Slashdot Mirror
Blah, bollocks!
The internet can run on 65535 ports!
Thats why we call it the internets!
It all boils down to risk assessment / management / mitigation. But i'm not talking from the user's viewpoint but the software developer's. I mean you can't just tell the users to install firewalls like microsoft does because the system is quite flawed in the first place! I cannot stress this enough:
A system is only that strong as it's weakest component
If you put that on a platform level from the viewpoint of a software developer organization it clearly means that you need to code the system in a way that an attacker sees a very low ratio of possible compromisable hosts. Relying on a feature(firewall) to fix a bug(networking code) is NOT the way to do it. That doesn't mean of course that a firewall is not useful or even quite recommended.
I think if i would claim that 10% of all windows home-user boxes are vulnerable and/or compromised then i think i was really cautious. That 10% however can fu*k up the "fun" for the rest of the 90% too.
Getting through a firewall are possible by the unintentionally left open ports ones in 99% of the cases. False sense of security...
I care to disagree with the article and your viewpoint on the basis of evolution and bilogical diversity theories applied to computing.
On the long term, the more diverse an environment is, the more like it is to survive. It doesn't mean that you cannot provide interactivity between two different systems on the level of common protocols and standards, however. That is the most important thing people tend to forget when people are advocating homogenous environments.
If there would be 15 closed source proprietare environments we would be in trouble, but since interoperability can be achieved since everything is open this isn't really a problem. Nature worked this out quite amazingly for us already, i would place my bets there - i think it's a pretty big scientific proof.
Nothing is wrong with different setups/designs because evolution leeds heterogenity into homogenity in some ideas while opening up new frontiers for testing. This means heterogenity actually makes things better on the long term. Think of it as a large try,retry,fail process until you reach one that works. That will survive.
You forgot something:
A box running no services should be not vulnerable of any dos except brute force even without a firewall. A firewall shouldn't be a solution to poor design/implementation problems and code bugs. That is simply not working. What if someone gets through the firewall?
I kinda blame the bad angle of the picture.
Try to imagine it from another angle and try virtually putting your hand on it. I think it could work.
I don't think they would be that stupid to design something you cannot use. Especially if usefulness and comfort was their main goal.
Holy lack of ANY \n, \r, \t! and !
I play OpenTTD (http://www.openttd.org) Hell of a cool one for old Transport Tycoon lovers.
Although they do try to show it down on our throats at university, which is a much better selling point for new programming languages than to put it on an XP cd.
.NET.
User tools to users, programmer tools to programmers.
The shit thing is i DONT want to use microsoft technology, although i want to be a programmer or programming mathematician, whichever is the correct terminology. Still, i'm forced to use it. I really hope in the next years they offer alternatives to using
The developers just felt there is no urgent need for 2.7 yet and also that 2.6 can accept more features in a semi-stable state than it would be truly a need for 2.7.
Watch out for false positives though. (not if i would have anything against shemales, i just don't wanna SEE them naked)
*sigh*
You don't get it. I never said it's impossible. I never said that nothing in the top500 runs windows.
To put it bluntly my whole point is that its like using a toothpick to dig an underground tunnel in rock. NOT THE RIGHT TOOL!
You can make a turtle fly at speeds breaking the sound barrier aswell.
Is the turtle designed for that?
Is it capable of that?
Please answer those questions, then replace the turtle with windows and breaking the sound barrier with building a cluster. As someone noted, MS and Dell put together that cluster. The obvious conclusion is that other people aren't out of their minds yet.
Also, i said "No wonder that the top500 is mostly made up from unix/linux systems". The exception makes the rule stronger, is this familiar?
According to this article: "the computer scientists behind the Top 500 list say that 291 of the machines (58 percent) on the list are clustered machines. While the Top 500 list does not specifically identify the operating system platform, it probably breaks down to around 55 percent Linux, 40 percent Unix, and another 5 percent as Windows platforms."
Biowulf? Microsoft has nothing to do with bio stuff!
They are the borg, remember?!
Let me be the first one to say: Windows isn't
- Designed
- Ment
- Capable
for/of running on a Top500 server.The most important part is the design on those systems. They need flexibility. Windows is anything but flexible. No wonder that the top500 is mostly made up from unix/linux systems.
They need customized things, not a toy. The people running those supercomputers want to customize things themselves. Windows is just not ment for anything else than desktops, thats the truth and i know i'll get flamed for it.
There is a difference between NTP and NTPD.
the Grsec patchset (and i believe others) already randomize TCP sequences, pids, i believe it wouldn't be too hard to randomize this aswell.
No sitting back.
Security/monitoring is a process not a product. When you finish the checklist you start over.
Also, i would recommend trying to cut back the windows server's somehow, maybe mention the right words when the licenses expire or its that time of the year to upgrade to a "free" solution?
Just hire me.
/. .
Seriously, i'm the best, as an added extra i only spend 4 hours a day on
Hey, i'm a beautiful mind, could you ask for anyone better?
Of course no!
Hm, what are you doing with that stick?
Uh, trust me, i'm not that annoying!
Don't come any closer or i'll scream!
EEEEEAAAAAAAAAAAAAAAAAAAAAAAAA!!!!!!!!!!
*thud*
There is nothing wrong with Bt8x8. I'm using my card for like 1.5 years with it.
shush...
Good or nothing, as the saying goes about the deceased.
wrong.
Do you think he would be alive still if he couldn't be replaced without huge efforts?
You know what this means.
Users need to stop blaming companies and start doing what THEY should do to protect THEIR own data. Security is a process, not a product and it includes securing someone's computer too. I bet the majority of cc thefts are from a virus/trojan not because someone played MitM with the user over TLS/SSL or hacked the bank.
The users are mostly not aware of this, they need to be educated. Sadly windows makes people believe there are no knowledge required to use a computer and thats not even true in the case of that particular operating system.
They have no obligation to BREAK it neither.
Be careful what you wish for.