Good points. However, I still believe that there is a large class of people that rightly don't care about how a computer works and just want to get to information. I guess that is my TV generation of users. Regarding BRLUG initiatives: I'm all for it. One final note regaring your aside about membership dues: I am vehemently opposed to them, and in fact I state that in the LUG FAQ. (BTW, the Clickers have actually expressed an interest a few times in BRLUG being a CC SIG, but I just don't that happening any time soon.) Regards, Dustin <p>Jerald Sheets wrote: <em>> It would be nice to find a Linux hardware/software vendor who could stay in <em>> business long enough to support their customers. <em>> <em>> Part of this forest we're all searching for trees in is that *WE* as the LUG <em>> are that "end-user" support in Linux that Windows users don't have. (groups <em>> like CC excluded). This still all revolves around what I'm talking about <em>> even if these issues are parallel and not co-joined. <em>> <em>> I remember the day when you couldn't own a computer without a good solid <em>> tech *somewhere* in town you could rely on when things got deep. Also <em>> recall, this era didn't have the problems with system/service compromises we <em>> do today. A qwkmail login for offline reading/replying didn't give anyone <em>> time or concern to compromise your box. You weren't online long enough to <em>> use your machine as a DDOS node. Just to add a hard drive, you needed to <em>> know debug and have full documentation on both your drive and hard disk <em>> controller...just so your *TECH* could do the work for you. <em>> <em>> Suddenly, in the era of ubiquitous high-bandwidth with the "my computer <em>> should be like a TV" mentality, people don't want to do anything to protect <em>> themselves (and Vendors simply don't care to know about it) from the nasties <em>> out there. Sure, if you're running a Linux box, it's a good idea to update <em>> to the latest versions of commonly exploited programs (a.k.a. Sendmail, <em>> Bind, Apache). What newbie user (Win *OR* Linux) will know this? What <em>> Vendor (PC builder/Maker) will take the time to teach their customers this? <em>> For free? In this day and age? *I* say it is the responsibility of those of <em>> us evangelizing our preferred OS to the masses. I know that even as a <em>> newbie, I wouldn't spend $35-65/hr to have some guy explain all the extra <em>> work I have to do just to keep up my machine. Plug it in and it works? <em>> Certainly not. Do 10 hours of maintenance a month? No to this idea too. <em>> There is a happy medium which can consist of a combination of user groups, <em>> vendors, joe pc reseller, and documentation to guide new users to mecca, but <em>> we're all too busy updating our own machines to be worried with it. (present <em>> authors excepted) <em>> <em>> A lot of you didn't deal with people asking you how a mouse works, or "Can I <em>> shut off the fan in my pc: It's too loud" questions. Only through the <em>> efforts of user groups and helpful local pc-shop techs have a lot of these <em>> problems just gone away. Many times, I sat on tables at the CC meetings <em>> going over and editing people's Autoexec.bat files and Config.sys files so <em>> they could get the most memory under 640k and could run Application X in <em>> dos. After years (12-14) of supporting these folks on a daily basis through <em>> user groups, BBS message bases, and face to face help, the least common <em>> denominator among PC users has risen greatly. THis problem we're facing <em>> today is a *good* problem to have, I'll wager. Eventually, the end user <em>> will demand good product and generally will receive it (given it's a large <em>> enough problem that significant numbers storm vendor doors looking for it). <em>> <em>> What we have now is a new era where each PC is a power-user system. <em>> (remember the days when only *some* users would get a full applicaiton or OS <em>> install?) They each have features/applications which can be both helpful and <em>> harmful at the same time. Are they necessary? Probably not, but we griped <em>> an moaned at Microcrap for so many years, that they just started putting <em>> everything in (however poorly implemented) the system we have been griping <em>> for. IMHO, this is progress. <em>> <em>> We can sit back and bitc# about the problem, complain that someone else <em>> isn't doing *ENOUGH* about the problem, or do the right thing and fix the <em>> problem ourselves. Can we do it all by our little brlug lonesome? Probably <em>> not. We can make a dent, though: <em>> <em>> Install parties at all the major computer shops. <em>> Advertisement in CC newsletters and creation of SIGs therein. (Yes, <em>> Virginia...this implies some sort of LUG income...dues?) <em>> Special LSU tables at registration and in the Union. <em>> Creation of a "newbie task force" of sorts to help those folks out who are <em>> new. <em>> Inclusion of the opportunity for advanced users to join Sage and further <em>> their education <em>> Splitting up list discussions to a BB system or some such beast open to the <em>> public for support questions <em>> <em>> In short: Be everywhere and let people know you exist. We've all sat in <em>> our little coding caves for years now (what, 10 years?) and took the <em>> hacker's moral high ground by providing superior code with little marketing. <em>> Just as there was open-source programming, there must now be an open-source <em>> user-focused initiative geared toward gaining as much momentum and as large <em>> a user base as possible. This can only be done by the sacrifice of time and <em>> resources of members of an active user-oriented group. Sure, it's fun to go <em>> and talk about advanced topics and figure out how to do our jobs better, (or <em>> to hack CPM so it can run PONG) but we just won't get the user until we make <em>> overtures toward them. They won't become informed and a good netizen until <em>> we train them. And finally, they won't be the power user with a secure <em>> system until we've taught them how to do it. The more we do this (like the <em>> old autoexec/config tables at CC) the higher the Least Common Denominator <em>> among users will rise. <em>> <em>> <em>> Jerald Sheets <em>> <em>> <em>> <em>> ----- Original Message ----- <em>> From: "Dustin Puryear" <[EMAIL PROTECTED]> <em>> To: <[EMAIL PROTECTED]> <em>> Sent: Tuesday, July 03, 2001 1:57 PM <em>> Subject: Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ... <em>> <em>> <em>> <em>>>Well, I don't see this as a Microsoft-thing. Like I said earlier, raw <em>>>sockets have been available for a long time just about everywhere. And <em>>>there is little doubt that, ignoring trojans, a base RH 6.2 or even RH 7 <em>>>install is much more hackable than a base Windows NT or definately a <em>>>Windows 9x box. So can't it be said that UNIX and Linux vendors should <em>>>be held just as responsible? <em>>> <em>>>Regards, Dustin <em>>> <em>>>John Hebert wrote: <em>>> <em>>> <em>>>>Dustin, <em>>>> <em>>>>IMHO, this is exactly why Steve Gibson is in a huff. <em>>>>He's basically saying that M$ irresponsibility <em>>>>concerning security in XP is going to cause a huge <em>>>>increase in DDOS attacks. <em>>>> <em>>>>This is going to be seen as another point of <em>>>>competition between OSs, because your typical home <em>>>>user will be pretty upset when they find out their <em>>>>machine has been hacked. This is not an apocalyptic <em>>>>scenario, it will instead cause some good changes, in <em>>>>that lots of people will start to learn about security <em>>>>for the first time. I'm looking forward to seeing the <em>>>>M$ propaganda campaign to convince the user it is his <em>>>>fault. <em>>>> <em>>>>I say let M$ innovate. When the Internet starts to <em>>>>come to a crawl, we will either make hackers into <em>>>>terrorists or blame Microsoft. Either one is <em>>>>interesting with far reaching implications. <em>>>> <em>>>>John <em>>>> <em>>>> <em>>>>--- Dustin Puryear <[EMAIL PROTECTED]> wrote: <em>>>> <em>>>> <em>>>>>john beamon wrote: <em>>>>> <em>>>>> <em>>>>> <em>>>>>>I don't look to make Linux any "easier" for new <em>>>>>> <em>>>>>> <em>>>>>users. I look for new <em>>>>> <em>>>>> <em>>>>>>users who will at least recognize problems and <em>>>>>> <em>>>>>> <em>>>>>devote a few minutes a <em>>>>> <em>>>>> <em>>>>>>week to staying on top of their updates. <em>>>>>> <em>>>>>> <em>>>>>Well, here is a fundamental difference in opinion on <em>>>>>what users should <em>>>>>and should not need to do. I don't feel a computer <em>>>>>should be like a car <em>>>>>where users need extensive training to use them. <em>>>>>Rather, a computer <em>>>>>should be like a TV where it can be turned on and <em>>>>>just work. <em>>>>> <em>>>>>Users will not "devote a few minutes a week" to <em>>>>>installing updates. <em>>>>>Hell, who has the time? Users should just do their <em>>>>>jobs and use <em>>>>>computers like they use any other work-related tool. <em>>>>>Vendors and <em>>>>>administrators have the responsibility of properly <em>>>>>configuring and <em>>>>>maintaining systems. <em>>>>> <em>>>>>As far as home users, vendors should properly <em>>>>>configure their products <em>>>>>with reasonable security. Home users may be required <em>>>>>to do more <em>>>>>maintenance work than a business user, but only a <em>>>>>little more. It should <em>>>>>not be a daily or weekly task to check a vendor's <em>>>>>website, download <em>>>>>patches, backup system, install patches, check <em>>>>>patches, ad nauseum. <em>>>>> <em>>>>>Regards, Dustin <em>>>>> <em>>>>> <em>>>>> <em>>>>> <em>>>>>>-j <em>>>>>> <em>>>>>>On Tue, 3 Jul 2001, Ricky Salmon wrote: <em>>>>>> <em>>>>>> <em>>>>>> <em>>>>>> <em>>>>>>>Date: Tue, 3 Jul 2001 09:31:33 -0500 <em>>>>>>>From: Ricky Salmon <[EMAIL PROTECTED]> <em>>>>>>>Reply-To: [EMAIL PROTECTED] <em>>>>>>>To: [EMAIL PROTECTED] <em>>>>>>>Subject: RE: [brluglist] Fw: Steve Gibson's <em>>>>>>> <em>>>>>>> <em>>>>>July/2001 News from GRC.COM <em>>>>> <em>>>>> <em>>>>>>> ... <em>>>>>>> <em>>>>>>>Well, to give M$ a little credit (duck), XP is <em>>>>>>> <em>>>>>>> <em>>>>>supposed to have a fair <em>>>>> <em>>>>> <em>>>>>>>amount of security by default. <em>>>>>>> <em>>>>>>>But, there's always that relationship between <em>>>>>>> <em>>>>>>> <em>>>>>Security and Usability (is <em>>>>> <em>>>>> <em>>>>>>>that a word?). I'm sure some <em>>>>>>>developers/admins will love the fact that they <em>>>>>>> <em>>>>>>> <em>>>>>finally get to use Raw <em>>>>> <em>>>>> <em>>>>>>>Sockets, but that in turn decreases <em>>>>>>>some amount of security. As people continue to <em>>>>>>> <em>>>>>>> <em>>>>>add these new features, you <em>>>>> <em>>>>> <em>>>>>>>can't always an "Idiot Proofing" mechanism that <em>>>>>>> <em>>>>>>> <em>>>>>works well... It's a nice <em>>>>> <em>>>>> <em>>>>>>>double edged sword... <em>>>>>>> <em>>>>>>>As for current windows machines, a million and one <em>>>>>>> <em>>>>>>> <em>>>>>trojans already exist. <em>>>>> <em>>>>> <em>>>>>>>So my question is, is it the responsibly of the <em>>>>>>> <em>>>>>>> <em>>>>>Vendor to make sure the <em>>>>> <em>>>>> <em>>>>>>>users know how to use a computer, or is it the <em>>>>>>> <em>>>>>>> <em>>>>>responsibility of the user to <em>>>>> <em>>>>> <em>>>>>>>know how to use a computer? <em>>>>>>> <em>>>>>>>As much as I love that certain vendor (sarcasm), <em>>>>>>> <em>>>>>>> <em>>>>>their main focus is to put <em>>>>> <em>>>>> <em>>>>>>>out more productive products with a fair amount of <em>>>>>>> <em>>>>>>> <em>>>>>security. There aren't <em>>>>> <em>>>>> <em>>>>>>>enough resources in the world to make sure that <em>>>>>>> <em>>>>>>> <em>>>>>every Joe Blow isn't leaving <em>>>>> <em>>>>> <em>>>>>>>themselves open... <em>>>>>>> <em>>>>>>>My 2 cents... <em>>>>>>> <em>>>>>>>Ricky <em>>>>>>> <em>>>>>>> <em>>>>>>> <em>>>>>>>-----Original Message----- <em>>>>>>>From: [EMAIL PROTECTED] <em>>>>>>> <em>>>>>>> <em>>>>>[mailto:[EMAIL PROTECTED] <em>>>>> <em>>>>> <em>>>>>>>Behalf Of John Hebert <em>>>>>>>Sent: Tuesday, July 03, 2001 9:02 AM <em>>>>>>>To: [EMAIL PROTECTED] <em>>>>>>>Subject: Re: [brluglist] Fw: Steve Gibson's <em>>>>>>> <em>>>>>>> <em>>>>>July/2001 News from GRC.COM <em>>>>> <em>>>>> <em>>>>>>>... <em>>>>>>> <em>>>>>>> <em>>>>>>> <em>>>>>>>--- Dustin Puryear <[EMAIL PROTECTED]> wrote: <em>>>>>>> <em>>>>>>> <em>>>>>>> <em>>>>>>>>Hmm. Is this about the raw socket deal with <em>>>>>>>> <em>>>>>>>> <em>>>>>Windows <em>>>>> <em>>>>> <em>>>>>>>>XP? Raw sockets have <em>>>>>>>>been available in the UNIX world for a while, so <em>>>>>>>> <em>>>>>>>> <em>>>>>I <em>>>>> <em>>>>> <em>>>>>>>>guess that means UNIX <em>>>>>>>>vendors are no better? <em>>>>>>>> <em>>>>>>>> <em>>>>>>>> <em>>>>>>>>From my understanding of Gibson's writings, he <em>>>>>>> <em>>>>>>> <em>>>>>says <em>>>>> <em>>>>> <em>>>>>>>that raw sockets are a problem in Windows XP <em>>>>>>> <em>>>>>>> <em>>>>>because <em>>>>> <em>>>>> <em>>>>>>>most people use M$ Windows operating systems <em>>>>>>>(well, duh) AND M$ doesn't seem to have its act <em>>>>>>>together when it comes to network security (hmmm, <em>>>>>>>he's got a point). So, distributing M$ Windows XP <em>>>>>>>with raw sockets for home users who don't properly <em>>>>>>>secure their machines will only give DDOS script <em>>>>>>>kiddies more platforms to attack from. <em>>>>>>> <em>>>>>>>:P <em>>>>>>> <em>>>>>>>John <em>>>>>>> <em>>>>>>>__________________________________________________ <em>>>>>>>Do You Yahoo!? <em>>>>>>>Get personalized email addresses from Yahoo! Mail <em>>>>>>>http://personal.mail.yahoo.com/ <em>>>>>>>================================================ <em>>>>>>>BRLUG - The Baton Rouge Linux User Group <em>>>>>>>Visit http://www.brlug.net for more information. <em>>>>>>>Send email to [EMAIL PROTECTED] to change <em>>>>>>>your subscription information. <em>>>>>>>================================================ <em>>>>>>> <em>>>>>>>================================================ <em>>>>>>>BRLUG - The Baton Rouge Linux User Group <em>>>>>>>Visit http://www.brlug.net for more information. <em>>>>>>>Send email to [EMAIL PROTECTED] to change <em>>>>>>>your subscription information. <em>>>>>>>================================================ <em>>>>>>> <em>>>>>>> <em>>>>>>> <em>>>>>>> <em>>>>>>================================================ <em>>>>>>BRLUG - The Baton Rouge Linux User Group <em>>>>>>Visit http://www.brlug.net for more information. <em>>>>>>Send email to [EMAIL PROTECTED] to change <em>>>>>>your subscription information. <em>>>>>>================================================ <em>>>>>> <em>>>>>> <em>>>>>> <em>>>>>> <em>>>>>> <em>>>>>-- <em>>>>>Dustin Puryear <[EMAIL PROTECTED]> <em>>>>>http://members.telocity.com/~dpuryear <em>>>>>In the beginning the Universe was created. <em>>>>>This has been widely regarded as a bad move. - <em>>>>>Douglas Adams <em>>>>> <em>>>>>================================================ <em>>>>>BRLUG - The Baton Rouge Linux User Group <em>>>>>Visit http://www.brlug.net for more information. <em>>>>>Send email to [EMAIL PROTECTED] to change <em>>>>>your subscription information. <em>>>>>================================================ <em>>>>> <em>>>>> <em>>>> <em>>>>__________________________________________________ <em>>>>Do You Yahoo!? <em>>>>Get personalized email addresses from Yahoo! Mail <em>>>>http://personal.mail.yahoo.com/ <em>>>>================================================ <em>>>>BRLUG - The Baton Rouge Linux User Group <em>>>>Visit http://www.brlug.net for more information. <em>>>>Send email to [EMAIL PROTECTED] to change <em>>>>your subscription information. <em>>>>================================================ <em>>>> <em>>>> <em>>>> <em>>>> <em>>> <em>>>-- <em>>>Dustin Puryear <[EMAIL PROTECTED]> <em>>>http://members.telocity.com/~dpuryear <em>>>In the beginning the Universe was created. <em>>>This has been widely regarded as a bad move. - Douglas Adams <em>>> <em>>>================================================ <em>>>BRLUG - The Baton Rouge Linux User Group <em>>>Visit http://www.brlug.net for more information. <em>>>Send email to [EMAIL PROTECTED] to change <em>>>your subscription information. <em>>>================================================ <em>>> <em>>> <em>> <em>> ================================================ <em>> BRLUG - The Baton Rouge Linux User Group <em>> Visit http://www.brlug.net for more information. <em>> Send email to [EMAIL PROTECTED] to change <em>> your subscription information. <em>> ================================================ <em>> <em>> <em>> <p> -- Dustin Puryear <[EMAIL PROTECTED]> http://members.telocity.com/~dpuryear In the beginning the Universe was created. This has been widely regarded as a bad move. - Douglas Adams ================================================ BRLUG - The Baton Rouge Linux User Group Visit http://www.brlug.net for more information. Send email to [EMAIL PROTECTED] to change your subscription information. ================================================
<!-- body="end" --> <hr noshade> <ul> <li><strong>Next message:</strong> Jerald Sheets: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Previous message:</strong> Dustin Puryear: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>In reply to:</strong> Jerald Sheets: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Next in thread:</strong> john beamon: "Re: [brluglist] Fw: Steve Gibson's July/2001 News from GRC.COM ..." <li><strong>Messages sorted by:</strong> [ date ] [ thread ] [ subject ] [ author ] [ attachment ] </ul> <hr noshade> <small> <em> This archive was generated by hypermail 2.1.2 : <em>Thu Sep 06 2001 - 11:10:54 CDT</em> </em> </small> </body> </html>
