Stewart Stremler wrote: > begin quoting Tracy R Reed as of Tue, Apr 19, 2005 at 03:51:48PM +0700: > > > > I think even single users would like to prevent having their operating > > systems files trojaned. They may not realize it but if they really > > understood the issue they would. They pay Lindows to handle these > > details for them. I think Lindows is letting them down. > > I don't think the 'average' single user _cares_. The point is that > there *data* is what's important, not the OS. Not the applications. > All that can be recreated. What can't be (easily) recreated is their > data.
One nice little trojaned system application, and all your data now belongs to me. You will never know. For I am root, and I 0wn j00 b0x. This is why you should not have everything as root. Not only do you want to protect the integrity of your data (trojaned system apps can destroy that too! As well as buggy, but the buggy ones will get fixed as bugs are noticed. Who is watching for trojans?), but you want to protect who gets that data. Yes, I know, running as non-root does not protect against all vectors of data leakage. Why give more opportunities than you need to? Security in depth. Also, turn off all your services. Even ssh. -john -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
