Well, I don't see this as a Microsoft-thing. Like I said earlier, raw sockets have been available for a long time just about everywhere. And there is little doubt that, ignoring trojans, a base RH 6.2 or even RH 7 install is much more hackable than a base Windows NT or definately a Windows 9x box. So can't it be said that UNIX and Linux vendors should be held just as responsible? Regards, Dustin John Hebert wrote: <em>> Dustin, <em>> <em>> IMHO, this is exactly why Steve Gibson is in a huff. <em>> He's basically saying that M$ irresponsibility <em>> concerning security in XP is going to cause a huge <em>> increase in DDOS attacks. <em>> <em>> This is going to be seen as another point of <em>> competition between OSs, because your typical home <em>> user will be pretty upset when they find out their <em>> machine has been hacked. This is not an apocalyptic <em>> scenario, it will instead cause some good changes, in <em>> that lots of people will start to learn about security <em>> for the first time. I'm looking forward to seeing the <em>> M$ propaganda campaign to convince the user it is his <em>> fault. <em>> <em>> I say let M$ innovate. When the Internet starts to <em>> come to a crawl, we will either make hackers into <em>> terrorists or blame Microsoft. Either one is <em>> interesting with far reaching implications. <em>> <em>> John <em>> <em>> <em>> --- Dustin Puryear <[EMAIL PROTECTED]> wrote: <em>> <em>>>john beamon wrote: <em>>> <em>>> <em>>>>I don't look to make Linux any "easier" for new <em>>>> <em>>>users. I look for new <em>>> <em>>>>users who will at least recognize problems and <em>>>> <em>>>devote a few minutes a <em>>> <em>>>>week to staying on top of their updates. <em>>>> <em>>> <em>>>Well, here is a fundamental difference in opinion on <em>>>what users should <em>>>and should not need to do. I don't feel a computer <em>>>should be like a car <em>>>where users need extensive training to use them. <em>>>Rather, a computer <em>>>should be like a TV where it can be turned on and <em>>>just work. <em>>> <em>>>Users will not "devote a few minutes a week" to <em>>>installing updates. <em>>>Hell, who has the time? Users should just do their <em>>>jobs and use <em>>>computers like they use any other work-related tool. <em>>>Vendors and <em>>>administrators have the responsibility of properly <em>>>configuring and <em>>>maintaining systems. <em>>> <em>>>As far as home users, vendors should properly <em>>>configure their products <em>>>with reasonable security. Home users may be required <em>>>to do more <em>>>maintenance work than a business user, but only a <em>>>little more. It should <em>>>not be a daily or weekly task to check a vendor's <em>>>website, download <em>>>patches, backup system, install patches, check <em>>>patches, ad nauseum. <em>>> <em>>>Regards, Dustin <em>>> <em>>> <em>>> <em>>>>-j <em>>>> <em>>>>On Tue, 3 Jul 2001, Ricky Salmon wrote: <em>>>> <em>>>> <em>>>> <em>>>>>Date: Tue, 3 Jul 2001 09:31:33 -0500 <em>>>>>From: Ricky Salmon <[EMAIL PROTECTED]> <em>>>>>Reply-To: [EMAIL PROTECTED] <em>>>>>To: [EMAIL PROTECTED] <em>>>>>Subject: RE: [brluglist] Fw: Steve Gibson's <em>>>>> <em>>>July/2001 News from GRC.COM <em>>> <em>>>>> ... <em>>>>> <em>>>>>Well, to give M$ a little credit (duck), XP is <em>>>>> <em>>>supposed to have a fair <em>>> <em>>>>>amount of security by default. <em>>>>> <em>>>>>But, there's always that relationship between <em>>>>> <em>>>Security and Usability (is <em>>> <em>>>>>that a word?). I'm sure some <em>>>>>developers/admins will love the fact that they <em>>>>> <em>>>finally get to use Raw <em>>> <em>>>>>Sockets, but that in turn decreases <em>>>>>some amount of security. As people continue to <em>>>>> <em>>>add these new features, you <em>>> <em>>>>>can't always an "Idiot Proofing" mechanism that <em>>>>> <em>>>works well... It's a nice <em>>> <em>>>>>double edged sword... <em>>>>> <em>>>>>As for current windows machines, a million and one <em>>>>> <em>>>trojans already exist. <em>>> <em>>>>>So my question is, is it the responsibly of the <em>>>>> <em>>>Vendor to make sure the <em>>> <em>>>>>users know how to use a computer, or is it the <em>>>>> <em>>>responsibility of the user to <em>>> <em>>>>>know how to use a computer? <em>>>>> <em>>>>>As much as I love that certain vendor (sarcasm), <em>>>>> <em>>>their main focus is to put <em>>> <em>>>>>out more productive products with a fair amount of <em>>>>> <em>>>security. There aren't <em>>> <em>>>>>enough resources in the world to make sure that <em>>>>> <em>>>every Joe Blow isn't leaving <em>>> <em>>>>>themselves open... <em>>>>> <em>>>>>My 2 cents... <em>>>>> <em>>>>>Ricky <em>>>>> <em>>>>> <em>>>>> <em>>>>>-----Original Message----- <em>>>>>From: [EMAIL PROTECTED] <em>>>>> <em>>>[mailto:[EMAIL PROTECTED] <em>>> <em>>>>>Behalf Of John Hebert <em>>>>>Sent: Tuesday, July 03, 2001 9:02 AM <em>>>>>To: [EMAIL PROTECTED] <em>>>>>Subject: Re: [brluglist] Fw: Steve Gibson's <em>>>>> <em>>>July/2001 News from GRC.COM <em>>> <em>>>>>... <em>>>>> <em>>>>> <em>>>>> <em>>>>>--- Dustin Puryear <[EMAIL PROTECTED]> wrote: <em>>>>> <em>>>>> <em>>>>>>Hmm. Is this about the raw socket deal with <em>>>>>> <em>>>Windows <em>>> <em>>>>>>XP? Raw sockets have <em>>>>>>been available in the UNIX world for a while, so <em>>>>>> <em>>>I <em>>> <em>>>>>>guess that means UNIX <em>>>>>>vendors are no better? <em>>>>>> <em>>>>>> <em>>>>>>From my understanding of Gibson's writings, he <em>>>>> <em>>>says <em>>> <em>>>>>that raw sockets are a problem in Windows XP <em>>>>> <em>>>because <em>>> <em>>>>>most people use M$ Windows operating systems <em>>>>>(well, duh) AND M$ doesn't seem to have its act <em>>>>>together when it comes to network security (hmmm, <em>>>>>he's got a point). So, distributing M$ Windows XP <em>>>>>with raw sockets for home users who don't properly <em>>>>>secure their machines will only give DDOS script <em>>>>>kiddies more platforms to attack from. <em>>>>> <em>>>>>:P <em>>>>> <em>>>>>John <em>>>>> <em>>>>>__________________________________________________ <em>>>>>Do You Yahoo!? <em>>>>>Get personalized email addresses from Yahoo! Mail <em>>>>>http://personal.mail.yahoo.com/ <em>>>>>================================================ <em>>>>>BRLUG - The Baton Rouge Linux User Group <em>>>>>Visit http://www.brlug.net for more information. <em>>>>>Send email to [EMAIL PROTECTED] to change <em>>>>>your subscription information. <em>>>>>================================================ <em>>>>> <em>>>>>================================================ <em>>>>>BRLUG - The Baton Rouge Linux User Group <em>>>>>Visit http://www.brlug.net for more information. <em>>>>>Send email to [EMAIL PROTECTED] to change <em>>>>>your subscription information. <em>>>>>================================================ <em>>>>> <em>>>>> <em>>>>> <em>>>>================================================ <em>>>>BRLUG - The Baton Rouge Linux User Group <em>>>>Visit http://www.brlug.net for more information. <em>>>>Send email to [EMAIL PROTECTED] to change <em>>>>your subscription information. <em>>>>================================================ <em>>>> <em>>>> <em>>>> <em>>>> <em>>> <em>>>-- <em>>>Dustin Puryear <[EMAIL PROTECTED]> <em>>>http://members.telocity.com/~dpuryear <em>>>In the beginning the Universe was created. <em>>>This has been widely regarded as a bad move. - <em>>>Douglas Adams <em>>> <em>>>================================================ <em>>>BRLUG - The Baton Rouge Linux User Group <em>>>Visit http://www.brlug.net for more information. <em>>>Send email to [EMAIL PROTECTED] to change <em>>>your subscription information. <em>>>================================================ <em>>> <em>> <em>> <em>> __________________________________________________ <em>> Do You Yahoo!? <em>> Get personalized email addresses from Yahoo! Mail <em>> http://personal.mail.yahoo.com/ <em>> ================================================ <em>> BRLUG - The Baton Rouge Linux User Group <em>> Visit http://www.brlug.net for more information. <em>> Send email to [EMAIL PROTECTED] to change <em>> your subscription information. <em>> ================================================ <em>> <em>> <em>> <p> -- Dustin Puryear <[EMAIL PROTECTED]> http://members.telocity.com/~dpuryear In the beginning the Universe was created. This has been widely regarded as a bad move. - Douglas Adams ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================
<!-- body="end" --> <hr noshade> <ul> <li><strong>Next message:</strong> Dustin Puryear: "Re: [brluglist] Utopia" <li><strong>Previous message:</strong> Jerald Sheets: "[brluglist] Utopia" <li><strong>In reply to:</strong> John Hebert: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Next in thread:</strong> Jerald Sheets: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Reply:</strong> Jerald Sheets: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Reply:</strong> john beamon: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Reply:</strong> John Hebert: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Messages sorted by:</strong> [ date ] [ thread ] [ subject ] [ author ] [ attachment ] </ul> <hr noshade> <small> <em> This archive was generated by hypermail 2.1.2 : <em>Thu Sep 06 2001 - 11:10:54 CDT</em> </em> </small> </body> </html>
