| Sajha.com Archives | |
| Username | Post |
| Puru Subedi | Posted
on 08-Nov-02 10:52 AM
Taken from ecommerce times..also includes threaded discussion at the end of the article.. -PS Is Linux Really More Secure Than Windows? ------------------------------------------------------------ With the recent spate of worms targeting Linux servers, Linux enthusiasts who once believed they were less vulnerable to attack than Microsoft users may have begun to wonder whether they were overly optimistic. But it is a mistake to think that one operating environment is inherently more risky than another... See the Full Story: http://www.ecommercetimes.com/perl/story/19649.html |
| SMSainju | Posted
on 08-Nov-02 11:05 AM
Puru ji, I think the question should be, "Can Linux handle security issues better than Windows?" And the answer to that question is definitely BIG YES. In a simplest term when I have to explain the subtle difference between Linux and Windows as far as security is concerened, I always say, Linux is like a Manual Car while windows is like an automatic one. In windows, many security issues are overlooked to make it simpler, particularly, in consideration of customer's ease of use. Of course this can be debated. When talking about security, one should not just consider a system being hacked by unwanted users. The domain of security goes beyond that. Windows blue screen of death is a good example in this context. Memory management is a big time issue with windows. Preamptive multitasking?? I know windows talk about that... hmm.... If Linux OS is not well configured, it is equally as vulnerable as windows, if not even more. But if it is configured well, then chances for a script kiddies to hack it would be minimal.. SMSainju |
| SMSainju | Posted
on 08-Nov-02 11:18 AM
One more note on this, I thought, might be of interest to some folks out here. IPv6 is implemented on XP. IPv6 was developed primarily because the old IPv4 (32 bit addressing scheme) addressing is running out (xxx.xxx.xxx.xxx). IPv6 will coexist with IPv4 until everything is fully transferred. It is a 128 bit addressing scheme. it will no longer have 8 bit addressing pattern anymore. it will use ":" instead of ".". I know for fact that it is almost impossible to implement it on XP. Window 2000 is not built for that. Linux came with IPv6 support long back and works, I thought, pretty good. SMSainju |
| Puru Subedi | Posted
on 08-Nov-02 11:43 AM
Sambhu ji, Although I agree with your views above, I am still concerned about the management aspects of open source community...be it Linux, Mozilla or Apache...if the modules contributed by programmers are not inspected well, there is a greater chance of insecure code being introduced in the system... Mozilla people seems to have good management structure because it is controlled by Netscape (AOL) hired programmers to some extend..not sure about Linux and Apache... Micorsoft may have an upper hand in this.... Since you were/are teaching Linux Security class at NVCC, would appriciate if you could shed some light on Linux source code management structure in terms of handling security.. Thanks for your response. -Puru |
| SMSainju | Posted
on 08-Nov-02 12:04 PM
Puru ji, FSF (Free Software Foundation) is the governing body of Open source movement. GNU manages what goes and what does not go in the OS itself. First of all, you have to understand that since it is an open source, any body can view your code. Everyone will know how good a coder you are by looking at it. So you are obviously motivated to write a good code to begin with. Not necessarily, paid SEs (software Engineers) write good code. Sounds so much like old wives tale :) Secondly, Gnu maintains the QA to these open source code. They have the governing body to check your work and decide what goes and what does not in the OS. and I am sure you will agree with me that so far, they have produced pretty good results. SMSainju |
| Puru Subedi | Posted
on 08-Nov-02 12:41 PM
Being able to view the source code is good and bad in terms of security...but have to agree with you that OS community is doing a good job in terms of competing with MS so far.. I was able to locate your old posting in the Sajha archive: http://www.sukuti.com/archives/articles/4129.htm Is this 18 years old part of GNU/FSF governing body? Just owndering... -Puru |
| JackAss | Posted
on 08-Nov-02 01:16 PM
Another good thing about IPv6 is that it supports QoS. That still is not enticing enough for the world to change from IPv4 to IPv6. Why change the whole infrastructure to support Ipv6 when v4 is doing just fine. |
| SMSainju | Posted
on 08-Nov-02 01:30 PM
JackAss, Like I said earlier, reason for IPv6 is because, addresses are running out..Classful addressing scheme is really a wasteful scheme... If i have 500 computers in my network, Class C IP is not good enough for me. But Class B address is too much more that I need. so it is a waste first. Popularity of Intenet is growing by leaps and bounds. Soon, the addresses will no longer be available. How are you going to solve addressing problem? IPv6 supports QoS. Specially video and audio streamming are pretty good. eventually, IPv6 will have to be implemented for some of these reasons and for many other.... SMSainju |
| JackAss | Posted
on 08-Nov-02 02:18 PM
Mr Sainju; World was supposed to run out of IP addresses by the end of year 2000 but thanks to the classless addressing, Internet did not crash. Still there is no killer app that would lure enterprisese into implementing IPv6, anytime soon. |
| SMSainju | Posted
on 08-Nov-02 03:27 PM
Puru ji, I am not sure if he is part of GNU. Couldn't tell. SMSainju |
| Puru Subedi | Posted
on 22-Nov-02 07:55 PM
Here is another negative report about Linux security that was published yesterday: Report Rekindles Open Source vs. Microsoft Security Debate -PS === The Aberdeen Group says open-source software, including the popular Linux OS and a wide variety of applications, has pushed aside Microsoft as the "poster child" for security problems. The IT market research firm makes its case based on numbers from the Computer Emergency Response Team, a federally funded research and development center at Carnegie Mellon University. For the first 10 months of the year, 16 out of 29 security advisories published by CERT were for open-source or Linux software. Only seven involved Microsoft products. ... More interesting comment from the report: Companies that make a living off closed-source code, such as Microsoft, claim their products are safer because hackers can't easily see what's under the covers. Open-source advocates argue that because the software is open to inspection by everyone, vulnerabilities can be discovered and fixed earlier. Neither side can back its arguments with a definitive study. |
| taha cha | Posted
on 22-Nov-02 09:11 PM
SMSaijuji, with all due respect Microsoft can be secure, if you know how to. Your argument goes both ways. I have been working with Microsoft and Linux products. They both have vulnerabilities and both need "security" to be secured. The security in Microsoft will only get better so will Linux. |
| SMSainju | Posted
on 24-Nov-02 08:41 AM
Taha cha ji, Will all due respect, security is not only about some one hacking someone's data. Dont be confused. Like I said earlier, if you had chance to read my posting, security covers broad range of issues in the domain of computer science and technology. Lets say your working on an app and want to save your data, and your system crashes. You'd loose all your data in such circumstances. This is just an example. Hope this clarifies.... SMSainju |
| dangggg | Posted
on 26-Nov-02 10:14 AM
guys! enjoy this joke: Subject: BOYFRIEND UPGRADE Dear Tech Support: Last year I upgraded from Boyfriend 5.0 to Husband 1.0 and noticed a slowdown in the performance of the flower and jewelry applications that had operated flawlessly under the Boyfriend 5.0 system. In addition, Husband 1.0 uninstalled many other "valuable" programs, such as romance 9.9, and installed "undesirable" programs such as NFL 7.4, NBA 3.2 and NHL 4.1. Conversation 8.0 also no longer runs, and Housecleaning 2.6 simply crashes the system. I've tried running Nagging 5.3 to fix these problems, but to no avail. What can I do? Signed, Desperate Dear Desperate, First, keep in mind that Boyfriend 5.0 was an entertainment package, while husband 1.0 is an operating system. Try to enter the command C:/ITHOUGHTYOULOVEDME and install Tears 6.2. Husband 1.0 should then automatically run the applications Guilt 3.3 and Flowers 7.5. But remember, overuse can cause Husband 1.0 to default to such applications as Grumpy Silence 2.5, Happy Hour 7.0, or Beer 6.1. Please remember that Beer 6.1 is a very bad program that will create SnoringLoudly.WAV files. DO NOT install Mother-in-law 1.0 or reinstall another boyfriend program. These are not supported applications, and will crash Husband 1.0. It could also potentially cause Husband 1.0 to de- fault to the program: Girlfriend 9.2, which runs in the background and has been known to introduce potentially serious viruses into the Operating System. In summary! , Husband 1.0 is a great program, but it does have limited memory and can't learn new applications quickly. You might consider buying additional software to enhance his system performance. I personally recommend Hot Food 3.0 and Single Malt Scotch 4.5 combined with such applications as that old standby... Lingerie 6.9. |
| taha cha | Posted
on 26-Nov-02 11:37 PM
SMS ji, I am not confused and I know what security means on systems or domains, the concept is not much different. I have read your thread from top to bottom. I have seen the same circumstance in Linux, when system crashes it crashes, my friend. Have you used W2k or XP? I recommend that you learn about windows as well. You like it or not it is a good product and will continue to have significant impact in technological and business world. There is a reason businesses choose windows on top of Linux. It is time you need to figure that out why... |
| SMSainju | Posted
on 27-Nov-02 10:50 AM
Hi taha cha ji, You're taking it too personally. I apologize if I offended you. I did not mean to do so. Because of the better memory management, threading, thunking, multitasking etc issues Linux serves better does MS Windows. I am not just making this up. It is the fact. It is getting so popular, MS folks are grining their teeth. No wonder, they call LINUX is like cancer. I have little interest about learing MS Windows. Once in a while I use windows too but most of the time, I can get away with it. Wish you a good one. Take care !! SMSainju |
| Taha Cha | Posted
on 30-Nov-02 11:47 AM
SMji, There is no need for an apalogy. . I have seen a chronic problem among techies, they think they are smarter than the person they are talking to. This attitude is prevalent in the industry, I am not suprised to see some of it in you. There are benefits of using Linux I do not deny that. My point was that when making a comparative judgement you need to know the products that you are comparing against, otherwise it only makes a bias judgement. You sound like a do or die Linux fan. May the glory be yours! |
| SMSainju | Posted
on 01-Dec-02 04:27 PM
Taha chha ji, Ok, I take my apology back. Call me whatever you want. But, why do you think that I think that I am smarter than you are? Where is this coming from??? My guess is, you think that I am just showing off, right? Bias? How did you come to conclusion that I don't know jack shit about your beloved windows? Now, that's called bias. Do you even know what I do for living or for whatever for that matter? Tell me if I were wrong defining the horizon of computer security. Like I said before, Security is not only about someone hacking your system. It sure is more than that. When I said that, you think that I am showing off. You think that I am trying to prove the world, that I am smarter than you are or anyone, don't you? This kinda thing does not bother me at all. It only helps me get more motivated and helps me to consolidate my firm belief that I must do better. Actually thanks to you for all of that. It's good. It's better than good. Different strokes for different folks. This is the way I am and where I am today is because of just that. Wish you a good one... SMSainju |