On Sat, 28 Apr 2001, Greg Kettmann wrote:
> You say however that Linux is OK for amateurs.
Actually, what I said was that Linux was no worse -- or better -- than
MS-Windows in this department. That I think one could make the case that
*neither* should be attached to the Internet by amateurs. And that we are
stuck with it at this point, since there are millions of unsecured systems,
Linux and MS-Windows both, on the Internet.
> However you expect that amateur to be able to properly secure their
> machine, after all they're responsible for it.
No, I don't expect that the amateur would be able to properly secure a
system.
But that does not mean they are not responsible for it.
Responsibility and ability are not the same thing.
Go back and read that a few more times, and maybe it will sink in.
> Windows may be a "brick" but at least it's not a tool to wreak havoc on
> the web, exactly as configured out of the box.
But it is. Look at all the viruses, worms, break-ins and other problems
being talked about in the news for the past two years. The fact that
MS-Windows users have come to expect security compromises does not mean they
do not happen.
And yes, a Windows computer can be subverted over the network and used to
wreak havoc, and yes, Media One will terminate that person's connection, and
no, they will not be able to get it back. Linux is not unique.
> Perhaps a warning on the Linux box ...
I think a warning on the computer would be far more appropriate.
I've had MS-Windows uses come to me after their hard drive crashed,
destroying years of work, and no, they had no backups. In at least one case,
the company that this happened to *went out of business* as a direct result.
I've had MS-Windows users come to me because their Exchange email system was
losing messages on a regular basis. In at least one case, a $10,000 sale was
lost as a direct result. I've had MS-Windows users come to me after a virus
wiped out every file on their system (again, without backups).
The fact of the matter is, computers are complex and hard-to-use, and people
who expect everything to work as if by magic are either ignorant, misinformed,
or just plain dumb. And there are a lot of people like that.
> And back to the cracker's please. Seems they're getting a free ride.
Seems to me *you* have done nothing to stop or catch them.
> No one wants any policing of the Internet but it's already happening, I
> just got kicked off didn't I.
No! Are you reading my messages at all?
*You* got kicked off of *Media One's private corporate network*. The fact
that you were depending on that *private network* to reach other Internet
sites is your problem.
> Is it such a stretch to suggest that we actually go after the bad guys?
Yes, actually, it is. I've detailed why several times. You're obviously
just not listening.
> However, instead of just kicking someone off the Internet for Port
> Scanning why don't you then run a trace on that machine and try to capture
> the offending behavior.
As far as M1 is concerned, that *is* the offending behavior. They really
couldn't care less that you *claim* you weren't doing it. For all they know,
you are lying and *were* doing it yourself.
> Your suggestion that the "users" will do it is absurd beyond
> comprehension.
The fact that the majority of users are not competent to operate their
network connected computer does not alleviate their responsibility to do so.
> Now, darn it, I want my Internet back.
Ah ah, we finally get to the point! Ultimately, you're not interested in
security, operating systems, responsibility, or anything else. You just want a
fast pipe, without any responsibility to take care of it. Sorry, Greg, no
such thing exists.
--
Ben Scott <[EMAIL PROTECTED]>
| The opinions expressed in this message are those of the author and do not |
| necessarily represent the views or policy of any other person, entity or |
| organization. All information is provided without warranty of any kind. |
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
