On Tue, 21 Oct 2003 20:48:34 -0700 James Sparenberg <[EMAIL PROTECTED]> uttered:
> Not true, I've seen the paper he refers to. It's possible to patch a > running kernel in order to gain ownership... that's the scary part. In theory, and with the expertise of a hacker like Silvio Cesare. Is this something desktop Linux users should be concerned about? No. > > > > This is hype, pure and simple, another attempt to gain notoriety by > > pointing out "flaws" in a kernel that has proved itself beyond > > question more secure than the "other" kernel. > > No he didn't do this. What he said was that a piecemeal attempt at > security is not a solution, instead it's a path to death. True > security occurs will all parts are in concert. What good is a > firewall if the chat software allows a rootkit to come down along with > a message? His point is that piecemeal security and patches are a lot > like locking a screen door. Nice idea but eventually someone will > figure out how to cut the screen. Patching the screen may close the > hole but it doesn't increase security. He's right it has to be a > ground up decision/effort. What currently existing or planned chat software would allow a rootkit to come down the pipe and be executed? If the user accepts a file, makes it executable, and runs it, there's nothing that can be done anyway. Education is the key, not more paranoia. > > > > To further claim that Linux needs to go the route of the Trusted > > Computing initiative...well, yer right, that's not funny, that's > > scary. > > And inline with a harsh reality. Linux is not secure. It can be made > secure. But in and of itself it isn't. Security comes not from what > the OS is. But on whether or not the tools exist to make that OS > secure. Take a look at NSA linux if you want to see some really neat > stuff about security. It's certainly secure enough to avoid going down the path of tying software to hardware. The Trusted Computing Initiative is not to be trusted at all. To tell me what software I'm allowed to run on my hardware because some l33t h4x0r knows how to patch a running kernel is pure paranoia, and it would be the death of open source. I'll take my chances, thank you very much. -- HaywireMac ++ ICQ # 279518458 Registered Linux user #282046 Homepage: www.orderinchaos.org ++++++++++++++++++++++++++++++++++++++++++ Mandrake HowTo's & More: http://twiki.mdklinuxfaq.org ++++++++++++++++++++++++++++++++++++++++++ I am not afraid of tomorrow, for I have seen yesterday and I love today. -- William Allen White
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
