Dustin, IMHO, this is exactly why Steve Gibson is in a huff. He's basically saying that M$ irresponsibility concerning security in XP is going to cause a huge increase in DDOS attacks. This is going to be seen as another point of competition between OSs, because your typical home user will be pretty upset when they find out their machine has been hacked. This is not an apocalyptic scenario, it will instead cause some good changes, in that lots of people will start to learn about security for the first time. I'm looking forward to seeing the M$ propaganda campaign to convince the user it is his fault. I say let M$ innovate. When the Internet starts to come to a crawl, we will either make hackers into terrorists or blame Microsoft. Either one is interesting with far reaching implications. John <p>--- Dustin Puryear <[EMAIL PROTECTED]> wrote: <em>> john beamon wrote: <em>> <em>> > I don't look to make Linux any "easier" for new <em>> users. I look for new <em>> > users who will at least recognize problems and <em>> devote a few minutes a <em>> > week to staying on top of their updates. <em>> <em>> <em>> Well, here is a fundamental difference in opinion on <em>> what users should <em>> and should not need to do. I don't feel a computer <em>> should be like a car <em>> where users need extensive training to use them. <em>> Rather, a computer <em>> should be like a TV where it can be turned on and <em>> just work. <em>> <em>> Users will not "devote a few minutes a week" to <em>> installing updates. <em>> Hell, who has the time? Users should just do their <em>> jobs and use <em>> computers like they use any other work-related tool. <em>> Vendors and <em>> administrators have the responsibility of properly <em>> configuring and <em>> maintaining systems. <em>> <em>> As far as home users, vendors should properly <em>> configure their products <em>> with reasonable security. Home users may be required <em>> to do more <em>> maintenance work than a business user, but only a <em>> little more. It should <em>> not be a daily or weekly task to check a vendor's <em>> website, download <em>> patches, backup system, install patches, check <em>> patches, ad nauseum. <em>> <em>> Regards, Dustin <em>> <em>> <em>> > <em>> > -j <em>> > <em>> > On Tue, 3 Jul 2001, Ricky Salmon wrote: <em>> > <em>> > <em>> >>Date: Tue, 3 Jul 2001 09:31:33 -0500 <em>> >>From: Ricky Salmon <[EMAIL PROTECTED]> <em>> >>Reply-To: [EMAIL PROTECTED] <em>> >>To: [EMAIL PROTECTED] <em>> >>Subject: RE: [brluglist] Fw: Steve Gibson's <em>> July/2001 News from GRC.COM <em>> >> ... <em>> >> <em>> >>Well, to give M$ a little credit (duck), XP is <em>> supposed to have a fair <em>> >>amount of security by default. <em>> >> <em>> >>But, there's always that relationship between <em>> Security and Usability (is <em>> >>that a word?). I'm sure some <em>> >>developers/admins will love the fact that they <em>> finally get to use Raw <em>> >>Sockets, but that in turn decreases <em>> >>some amount of security. As people continue to <em>> add these new features, you <em>> >>can't always an "Idiot Proofing" mechanism that <em>> works well... It's a nice <em>> >>double edged sword... <em>> >> <em>> >>As for current windows machines, a million and one <em>> trojans already exist. <em>> >>So my question is, is it the responsibly of the <em>> Vendor to make sure the <em>> >>users know how to use a computer, or is it the <em>> responsibility of the user to <em>> >>know how to use a computer? <em>> >> <em>> >>As much as I love that certain vendor (sarcasm), <em>> their main focus is to put <em>> >>out more productive products with a fair amount of <em>> security. There aren't <em>> >>enough resources in the world to make sure that <em>> every Joe Blow isn't leaving <em>> >>themselves open... <em>> >> <em>> >>My 2 cents... <em>> >> <em>> >>Ricky <em>> >> <em>> >> <em>> >> <em>> >>-----Original Message----- <em>> >>From: [EMAIL PROTECTED] <em>> [mailto:[EMAIL PROTECTED] <em>> >>Behalf Of John Hebert <em>> >>Sent: Tuesday, July 03, 2001 9:02 AM <em>> >>To: [EMAIL PROTECTED] <em>> >>Subject: Re: [brluglist] Fw: Steve Gibson's <em>> July/2001 News from GRC.COM <em>> >>... <em>> >> <em>> >> <em>> >> <em>> >>--- Dustin Puryear <[EMAIL PROTECTED]> wrote: <em>> >> <em>> >>>Hmm. Is this about the raw socket deal with <em>> Windows <em>> >>>XP? Raw sockets have <em>> >>>been available in the UNIX world for a while, so <em>> I <em>> >>>guess that means UNIX <em>> >>>vendors are no better? <em>> >>> <em>> >>>From my understanding of Gibson's writings, he <em>> says <em>> >>that raw sockets are a problem in Windows XP <em>> because <em>> >>most people use M$ Windows operating systems <em>> >>(well, duh) AND M$ doesn't seem to have its act <em>> >>together when it comes to network security (hmmm, <em>> >>he's got a point). So, distributing M$ Windows XP <em>> >>with raw sockets for home users who don't properly <em>> >>secure their machines will only give DDOS script <em>> >>kiddies more platforms to attack from. <em>> >> <em>> >>:P <em>> >> <em>> >>John <em>> >> <em>> >>__________________________________________________ <em>> >>Do You Yahoo!? <em>> >>Get personalized email addresses from Yahoo! Mail <em>> >>http://personal.mail.yahoo.com/ <em>> >>================================================ <em>> >>BRLUG - The Baton Rouge Linux User Group <em>> >>Visit http://www.brlug.net for more information. <em>> >>Send email to [EMAIL PROTECTED] to change <em>> >>your subscription information. <em>> >>================================================ <em>> >> <em>> >>================================================ <em>> >>BRLUG - The Baton Rouge Linux User Group <em>> >>Visit http://www.brlug.net for more information. <em>> >>Send email to [EMAIL PROTECTED] to change <em>> >>your subscription information. <em>> >>================================================ <em>> >> <em>> >> <em>> > <em>> > ================================================ <em>> > BRLUG - The Baton Rouge Linux User Group <em>> > Visit http://www.brlug.net for more information. <em>> > Send email to [EMAIL PROTECTED] to change <em>> > your subscription information. <em>> > ================================================ <em>> > <em>> > <em>> > <em>> <em>> <em>> -- <em>> Dustin Puryear <[EMAIL PROTECTED]> <em>> http://members.telocity.com/~dpuryear <em>> In the beginning the Universe was created. <em>> This has been widely regarded as a bad move. - <em>> Douglas Adams <em>> <em>> ================================================ <em>> BRLUG - The Baton Rouge Linux User Group <em>> Visit http://www.brlug.net for more information. <em>> Send email to [EMAIL PROTECTED] to change <em>> your subscription information. <em>> ================================================ <p>__________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail http://personal.mail.yahoo.com/ ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================ <!-- body="end" --> <hr noshade> <ul> <li><strong>Next message:</strong> john beamon: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Previous message:</strong> John Hebert: "LSB was Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>In reply to:</strong> Dustin Puryear: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Next in thread:</strong> john beamon: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Reply:</strong> john beamon: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Reply:</strong> Dustin Puryear: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Messages sorted by:</strong> [ date ] [ thread ] [ subject ] [ author ] [ attachment ] </ul> <hr noshade>
<small> <em> This archive was generated by hypermail 2.1.2 : <em>Thu Sep 06 2001 - 11:10:54 CDT</em> </em> </small> </body> </html>
