People who run Windows usually trust Microsoft. Assuming this, their security model makes sense! You can do anything you want on a computer by using Microsoft tools and Microsoft software. (It will of course cost you much more money than going to alternate vendors or using free software however). You don't trust Microsoft, so the security model makes no sense to you.
I need to point something out about Debian's package management system -- and that is the ability to add non-debian package repositories to the APT system. A good example of a problem with this model is with Ubuntu not having MP3 support by default...and forcing you to select outside package repositories to download such things as libmikmod2 (required for XMMS if you have a NVIDIA card, for example). Do you manually walk through each .deb on your system to ensure it doesn't have any exploits in it? Andrew Baudouin Applications Programmer AWC, Incorporated [EMAIL PROTECTED] -----Original Message----- From: Will Hill [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 22, 2004 7:19 PM To: [email protected] Subject: Re: [brlug-general] How can I trust Firefox On Tuesday 21 December 2004 08:16 am, Scott Harney wrote: > > Relevance of Torr's comments to Linux is that the distribution methodology > for Firefox is similar to the way most OSS is distributed. What a poor choice of FUD Microsoft has chosen. Their model of "trust" and distribution are so obviously inferior, you wonder how they have the nerve to promote their methods. When it comes to trust, the guys who publish their code, don't arbitrarily limit my use of the software or make other obtuse demands obviously win. For trust in software installs, Microsoft obviously losses. What are they thinking? My response to the distribution concern is remarkably similar to the M$ response, "one of the ways you can reduce the risks of getting unwanted software on your machine is to only accept digitally signed software from vendors that you trust." I trust my distribution or I don't run it and my browser does not install software. Debian is a great example. Having everything pass through package maintainers who abide by a social contract assures me that every piece of software has been checked over by an honest person. I can compare this to the non free world, where "reputable" companies have been caught using spyware, where no independent checks are possible, EULAs have demanded read write access to your hard drive and the track record for security is miserable. All non free software represents a "random" risk, signed or not. Free software does not have to be a risk at all. Bill Gates himself can tell me that a piece of software is AOK, and I would not trust it. _______________________________________________ General mailing list [email protected] http://brlug.net/mailman/listinfo/general_brlug.net
