It would be nice to find a Linux hardware/software vendor who could stay in business long enough to support their customers. Part of this forest we're all searching for trees in is that *WE* as the LUG are that "end-user" support in Linux that Windows users don't have. (groups like CC excluded). This still all revolves around what I'm talking about even if these issues are parallel and not co-joined. I remember the day when you couldn't own a computer without a good solid tech *somewhere* in town you could rely on when things got deep. Also recall, this era didn't have the problems with system/service compromises we do today. A qwkmail login for offline reading/replying didn't give anyone time or concern to compromise your box. You weren't online long enough to use your machine as a DDOS node. Just to add a hard drive, you needed to know debug and have full documentation on both your drive and hard disk controller...just so your *TECH* could do the work for you. Suddenly, in the era of ubiquitous high-bandwidth with the "my computer should be like a TV" mentality, people don't want to do anything to protect themselves (and Vendors simply don't care to know about it) from the nasties out there. Sure, if you're running a Linux box, it's a good idea to update to the latest versions of commonly exploited programs (a.k.a. Sendmail, Bind, Apache). What newbie user (Win *OR* Linux) will know this? What Vendor (PC builder/Maker) will take the time to teach their customers this? For free? In this day and age? *I* say it is the responsibility of those of us evangelizing our preferred OS to the masses. I know that even as a newbie, I wouldn't spend $35-65/hr to have some guy explain all the extra work I have to do just to keep up my machine. Plug it in and it works? Certainly not. Do 10 hours of maintenance a month? No to this idea too. There is a happy medium which can consist of a combination of user groups, vendors, joe pc reseller, and documentation to guide new users to mecca, but we're all too busy updating our own machines to be worried with it. (present authors excepted) A lot of you didn't deal with people asking you how a mouse works, or "Can I shut off the fan in my pc: It's too loud" questions. Only through the efforts of user groups and helpful local pc-shop techs have a lot of these problems just gone away. Many times, I sat on tables at the CC meetings going over and editing people's Autoexec.bat files and Config.sys files so they could get the most memory under 640k and could run Application X in dos. After years (12-14) of supporting these folks on a daily basis through user groups, BBS message bases, and face to face help, the least common denominator among PC users has risen greatly. THis problem we're facing today is a *good* problem to have, I'll wager. Eventually, the end user will demand good product and generally will receive it (given it's a large enough problem that significant numbers storm vendor doors looking for it). What we have now is a new era where each PC is a power-user system. (remember the days when only *some* users would get a full applicaiton or OS install?) They each have features/applications which can be both helpful and harmful at the same time. Are they necessary? Probably not, but we griped an moaned at Microcrap for so many years, that they just started putting everything in (however poorly implemented) the system we have been griping for. IMHO, this is progress. We can sit back and bitc# about the problem, complain that someone else isn't doing *ENOUGH* about the problem, or do the right thing and fix the problem ourselves. Can we do it all by our little brlug lonesome? Probably not. We can make a dent, though: Install parties at all the major computer shops. Advertisement in CC newsletters and creation of SIGs therein. (Yes, Virginia...this implies some sort of LUG income...dues?) Special LSU tables at registration and in the Union. Creation of a "newbie task force" of sorts to help those folks out who are new. Inclusion of the opportunity for advanced users to join Sage and further their education Splitting up list discussions to a BB system or some such beast open to the public for support questions In short: Be everywhere and let people know you exist. We've all sat in our little coding caves for years now (what, 10 years?) and took the hacker's moral high ground by providing superior code with little marketing. Just as there was open-source programming, there must now be an open-source user-focused initiative geared toward gaining as much momentum and as large a user base as possible. This can only be done by the sacrifice of time and resources of members of an active user-oriented group. Sure, it's fun to go and talk about advanced topics and figure out how to do our jobs better, (or to hack CPM so it can run PONG) but we just won't get the user until we make overtures toward them. They won't become informed and a good netizen until we train them. And finally, they won't be the power user with a secure system until we've taught them how to do it. The more we do this (like the old autoexec/config tables at CC) the higher the Least Common Denominator among users will rise. <p>Jerald Sheets <p><p>----- Original Message ----- From: "Dustin Puryear" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, July 03, 2001 1:57 PM Subject: Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ... <p><em>> Well, I don't see this as a Microsoft-thing. Like I said earlier, raw <em>> sockets have been available for a long time just about everywhere. And <em>> there is little doubt that, ignoring trojans, a base RH 6.2 or even RH 7 <em>> install is much more hackable than a base Windows NT or definately a <em>> Windows 9x box. So can't it be said that UNIX and Linux vendors should <em>> be held just as responsible? <em>> <em>> Regards, Dustin <em>> <em>> John Hebert wrote: <em>> <em>> > Dustin, <em>> > <em>> > IMHO, this is exactly why Steve Gibson is in a huff. <em>> > He's basically saying that M$ irresponsibility <em>> > concerning security in XP is going to cause a huge <em>> > increase in DDOS attacks. <em>> > <em>> > This is going to be seen as another point of <em>> > competition between OSs, because your typical home <em>> > user will be pretty upset when they find out their <em>> > machine has been hacked. This is not an apocalyptic <em>> > scenario, it will instead cause some good changes, in <em>> > that lots of people will start to learn about security <em>> > for the first time. I'm looking forward to seeing the <em>> > M$ propaganda campaign to convince the user it is his <em>> > fault. <em>> > <em>> > I say let M$ innovate. When the Internet starts to <em>> > come to a crawl, we will either make hackers into <em>> > terrorists or blame Microsoft. Either one is <em>> > interesting with far reaching implications. <em>> > <em>> > John <em>> > <em>> > <em>> > --- Dustin Puryear <[EMAIL PROTECTED]> wrote: <em>> > <em>> >>john beamon wrote: <em>> >> <em>> >> <em>> >>>I don't look to make Linux any "easier" for new <em>> >>> <em>> >>users. I look for new <em>> >> <em>> >>>users who will at least recognize problems and <em>> >>> <em>> >>devote a few minutes a <em>> >> <em>> >>>week to staying on top of their updates. <em>> >>> <em>> >> <em>> >>Well, here is a fundamental difference in opinion on <em>> >>what users should <em>> >>and should not need to do. I don't feel a computer <em>> >>should be like a car <em>> >>where users need extensive training to use them. <em>> >>Rather, a computer <em>> >>should be like a TV where it can be turned on and <em>> >>just work. <em>> >> <em>> >>Users will not "devote a few minutes a week" to <em>> >>installing updates. <em>> >>Hell, who has the time? Users should just do their <em>> >>jobs and use <em>> >>computers like they use any other work-related tool. <em>> >>Vendors and <em>> >>administrators have the responsibility of properly <em>> >>configuring and <em>> >>maintaining systems. <em>> >> <em>> >>As far as home users, vendors should properly <em>> >>configure their products <em>> >>with reasonable security. Home users may be required <em>> >>to do more <em>> >>maintenance work than a business user, but only a <em>> >>little more. It should <em>> >>not be a daily or weekly task to check a vendor's <em>> >>website, download <em>> >>patches, backup system, install patches, check <em>> >>patches, ad nauseum. <em>> >> <em>> >>Regards, Dustin <em>> >> <em>> >> <em>> >> <em>> >>>-j <em>> >>> <em>> >>>On Tue, 3 Jul 2001, Ricky Salmon wrote: <em>> >>> <em>> >>> <em>> >>> <em>> >>>>Date: Tue, 3 Jul 2001 09:31:33 -0500 <em>> >>>>From: Ricky Salmon <[EMAIL PROTECTED]> <em>> >>>>Reply-To: [EMAIL PROTECTED] <em>> >>>>To: [EMAIL PROTECTED] <em>> >>>>Subject: RE: [brluglist] Fw: Steve Gibson's <em>> >>>> <em>> >>July/2001 News from GRC.COM <em>> >> <em>> >>>> ... <em>> >>>> <em>> >>>>Well, to give M$ a little credit (duck), XP is <em>> >>>> <em>> >>supposed to have a fair <em>> >> <em>> >>>>amount of security by default. <em>> >>>> <em>> >>>>But, there's always that relationship between <em>> >>>> <em>> >>Security and Usability (is <em>> >> <em>> >>>>that a word?). I'm sure some <em>> >>>>developers/admins will love the fact that they <em>> >>>> <em>> >>finally get to use Raw <em>> >> <em>> >>>>Sockets, but that in turn decreases <em>> >>>>some amount of security. As people continue to <em>> >>>> <em>> >>add these new features, you <em>> >> <em>> >>>>can't always an "Idiot Proofing" mechanism that <em>> >>>> <em>> >>works well... It's a nice <em>> >> <em>> >>>>double edged sword... <em>> >>>> <em>> >>>>As for current windows machines, a million and one <em>> >>>> <em>> >>trojans already exist. <em>> >> <em>> >>>>So my question is, is it the responsibly of the <em>> >>>> <em>> >>Vendor to make sure the <em>> >> <em>> >>>>users know how to use a computer, or is it the <em>> >>>> <em>> >>responsibility of the user to <em>> >> <em>> >>>>know how to use a computer? <em>> >>>> <em>> >>>>As much as I love that certain vendor (sarcasm), <em>> >>>> <em>> >>their main focus is to put <em>> >> <em>> >>>>out more productive products with a fair amount of <em>> >>>> <em>> >>security. There aren't <em>> >> <em>> >>>>enough resources in the world to make sure that <em>> >>>> <em>> >>every Joe Blow isn't leaving <em>> >> <em>> >>>>themselves open... <em>> >>>> <em>> >>>>My 2 cents... <em>> >>>> <em>> >>>>Ricky <em>> >>>> <em>> >>>> <em>> >>>> <em>> >>>>-----Original Message----- <em>> >>>>From: [EMAIL PROTECTED] <em>> >>>> <em>> >>[mailto:[EMAIL PROTECTED] <em>> >> <em>> >>>>Behalf Of John Hebert <em>> >>>>Sent: Tuesday, July 03, 2001 9:02 AM <em>> >>>>To: [EMAIL PROTECTED] <em>> >>>>Subject: Re: [brluglist] Fw: Steve Gibson's <em>> >>>> <em>> >>July/2001 News from GRC.COM <em>> >> <em>> >>>>... <em>> >>>> <em>> >>>> <em>> >>>> <em>> >>>>--- Dustin Puryear <[EMAIL PROTECTED]> wrote: <em>> >>>> <em>> >>>> <em>> >>>>>Hmm. Is this about the raw socket deal with <em>> >>>>> <em>> >>Windows <em>> >> <em>> >>>>>XP? Raw sockets have <em>> >>>>>been available in the UNIX world for a while, so <em>> >>>>> <em>> >>I <em>> >> <em>> >>>>>guess that means UNIX <em>> >>>>>vendors are no better? <em>> >>>>> <em>> >>>>> <em>> >>>>>From my understanding of Gibson's writings, he <em>> >>>> <em>> >>says <em>> >> <em>> >>>>that raw sockets are a problem in Windows XP <em>> >>>> <em>> >>because <em>> >> <em>> >>>>most people use M$ Windows operating systems <em>> >>>>(well, duh) AND M$ doesn't seem to have its act <em>> >>>>together when it comes to network security (hmmm, <em>> >>>>he's got a point). So, distributing M$ Windows XP <em>> >>>>with raw sockets for home users who don't properly <em>> >>>>secure their machines will only give DDOS script <em>> >>>>kiddies more platforms to attack from. <em>> >>>> <em>> >>>>:P <em>> >>>> <em>> >>>>John <em>> >>>> <em>> >>>>__________________________________________________ <em>> >>>>Do You Yahoo!? <em>> >>>>Get personalized email addresses from Yahoo! Mail <em>> >>>>http://personal.mail.yahoo.com/ <em>> >>>>================================================ <em>> >>>>BRLUG - The Baton Rouge Linux User Group <em>> >>>>Visit http://www.brlug.net for more information. <em>> >>>>Send email to [EMAIL PROTECTED] to change <em>> >>>>your subscription information. <em>> >>>>================================================ <em>> >>>> <em>> >>>>================================================ <em>> >>>>BRLUG - The Baton Rouge Linux User Group <em>> >>>>Visit http://www.brlug.net for more information. <em>> >>>>Send email to [EMAIL PROTECTED] to change <em>> >>>>your subscription information. <em>> >>>>================================================ <em>> >>>> <em>> >>>> <em>> >>>> <em>> >>>================================================ <em>> >>>BRLUG - The Baton Rouge Linux User Group <em>> >>>Visit http://www.brlug.net for more information. <em>> >>>Send email to [EMAIL PROTECTED] to change <em>> >>>your subscription information. <em>> >>>================================================ <em>> >>> <em>> >>> <em>> >>> <em>> >>> <em>> >> <em>> >>-- <em>> >>Dustin Puryear <[EMAIL PROTECTED]> <em>> >>http://members.telocity.com/~dpuryear <em>> >>In the beginning the Universe was created. <em>> >>This has been widely regarded as a bad move. - <em>> >>Douglas Adams <em>> >> <em>> >>================================================ <em>> >>BRLUG - The Baton Rouge Linux User Group <em>> >>Visit http://www.brlug.net for more information. <em>> >>Send email to [EMAIL PROTECTED] to change <em>> >>your subscription information. <em>> >>================================================ <em>> >> <em>> > <em>> > <em>> > __________________________________________________ <em>> > Do You Yahoo!? <em>> > Get personalized email addresses from Yahoo! Mail <em>> > http://personal.mail.yahoo.com/ <em>> > ================================================ <em>> > BRLUG - The Baton Rouge Linux User Group <em>> > Visit http://www.brlug.net for more information. <em>> > Send email to [EMAIL PROTECTED] to change <em>> > your subscription information. <em>> > ================================================ <em>> > <em>> > <em>> > <em>> <em>> <em>> -- <em>> Dustin Puryear <[EMAIL PROTECTED]> <em>> http://members.telocity.com/~dpuryear <em>> In the beginning the Universe was created. <em>> This has been widely regarded as a bad move. - Douglas Adams <em>> <em>> ================================================ <em>> BRLUG - The Baton Rouge Linux User Group <em>> Visit http://www.brlug.net for more information. <em>> Send email to [EMAIL PROTECTED] to change <em>> your subscription information. <em>> ================================================ <em>> ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================ <!-- body="end" --> <hr noshade> <ul> <li><strong>Next message:</strong> john beamon: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Previous message:</strong> Dustin Puryear: "Re: [brluglist] Utopia" <li><strong>In reply to:</strong> Dustin Puryear: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Next in thread:</strong> Dustin Puryear: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Reply:</strong> Dustin Puryear: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Messages sorted by:</strong> [ date ] [ thread ] [ subject ] [ author ] [ attachment ] </ul> <hr noshade>
<small> <em> This archive was generated by hypermail 2.1.2 : <em>Thu Sep 06 2001 - 11:10:54 CDT</em> </em> </small> </body> </html>
