At 11:27 PM 5/4/2003 -0500, you wrote: >That sounds reason -SLAP- What was I thinking? > >You are pulling my leg, right Dustin? You compare this little DoS problem >to Windoze remote root exploits and up2date or apt-get to Windoze updater >and then declare "failure" of the free software desktop? There's no >comparison and your declaration of desktop security failure is premature.
You quoted me, but left out a significant portion of the quote. I said a failure in terms of security. Evolution seems to be riddled with problems these days. When considering other desktop software that has been known to cause issues, such as the X Windows System itself, I realize that Linux is falling into the same trap as any other operating system that operate in the desktop space. As an example, just last week I was troubleshooting a web server for a client when the vendor for some management software on the machine said "Wait. You have X installed on this? What are you doing?" The client had left the default install of X and both the vendor and I agreed that having X on the machine greatly increased its risk to attack. The key point here isn't that the risk was to a web server but that simply having X on the machine was a risk. ... >The proof is best seen on web servers, where Apache has a majority >share. The deployment is there and the targets are attractive. Do we see >the same kinds of break ins that we see on Microsoft as we do on >Apache? Responsible administrators can keep those up better than they can >Microsoft boxes and that's one of the big reasons for the move, isn't it? We are only discussing desktops and desktop software (i.e, X, Evolution, Gnome, KDE, xmms) at this point. There is a substantially different level of support and class of users when considering servers vs. desktops. >I'll be very surprised if free software does not overcome the problems >created by Microsoft's abusive closed source business. Microsoft has done >much to blame the user for faults in their software and in their system of >distribution. The charges will ring hollow as more people adopt free >software. The chances are high that corporate networks and home desktops >alike will be more frequently updated and more secure under free software. Perhaps. However, I do not think that the average open source software is any more secure than closed software. There is a [higher potential] for security, but that doesn't mean that there is a higher level of security for the average software. >On 2003.05.04 10:02 Dustin Puryear wrote: > > I read that there was another vulnerability found in Evolution: > > http://linux.oreillynet.com/pub/a/linux/2003/04/21/insecurities.html#xim > > > > It appears to me that the Linux desktop is quickly finding itself in the > > same position as the Windows desktop when it comes to security. Microsoft > > has done well recently in issuing patches for vulnerabilities and bugs, > but > > users typically don't apply them. Is the same going to be true for Linux > > users? And if so can we now compare the failure of the Linux desktop with > > the failure of the Windows desktop in terms of security as an apples to > > apples comparison? > > > > --- > > Dustin Puryear <[EMAIL PROTECTED]> > > Puryear Information Technology > > Windows, UNIX, and IT Consulting > > http://www.puryear-it.com > > > > > >_______________________________________________ >General mailing list >[email protected] >http://brlug.net/mailman/listinfo/general_brlug.net --- Dustin Puryear <[EMAIL PROTECTED]> Puryear Information Technology Windows, UNIX, and IT Consulting http://www.puryear-it.com
