Re: FW: Microsoft gets the Most Secure Operating Systems award
The One. The one gonad. Get a proper email account you cowardly faggot.
Re: FW: Microsoft gets the Most Secure Operating Systems award
On Fri, Sep 21, 2007 at 08:53:02AM +0100, Craig Skinner wrote: The One. The one gonad. Get a proper email account you cowardly faggot. Lets not get into WW II morale-boosting songs :) Doug.
Re: Mailing list issues (was: Microsoft gets the Most Secure Operating Systems award)
Tony Abernethy wrote: Dunno about anyone else, but that seems like some kind of poetic justice. Preserving the pseudo-integrity of garbage seems like it should be very low on the list of priorities. I'm not entirely sure what you mean, but I do think that persuading the mailing list server not to send malformed email messages is an entirely reasonable goal... -- David Given [EMAIL PROTECTED]
Re: Microsoft gets the Most Secure Operating Systems award
On 9/19/07, Peter N. M. Hansteen [EMAIL PROTECTED] wrote: The One [EMAIL PROTECTED] writes: Security is one of the concerns Leopard will solve. **BLAM** Security is never, ever a completely solved problem. Your world just isn' that simple. Do NOT pass GO. I sincerely hope never to hear such nonsense on misc, ever again. Sure, the next release is always better. But you won't hear me saying that OpenBSD 4.3 is your solution to all ills. At the moment, both Leopard and OpenBSD 4.3 are clouds of virtual unobtanium, not to be confused with the final solution to anything. Don't bother following up, I won't be listening. Or maybe I will, and I might even venture out from under my rock again before 4.4 ships. If anyone can solve security, whether it is with Leopard or in the future, Apple definitely can. In my opinion, Apple performs 100% in the software field, and 90% in the hardware field, which is due to, as I explained in my previous messages, depending off of factories in third-world countries that are not even Apple operated! But Apple has done so much with software, it is obvious that, in the end, Apple will reach the goal. Even when personal computers are replaced with a different technology, Apple will be on top.
Re: Microsoft gets the Most Secure Operating Systems award
On Fri, Sep 21, 2007 at 12:08:55AM +1000, The One wrote: If anyone can solve security, whether it is with Leopard or in the future, Apple definitely can. In my opinion, Apple performs 100% in the software field, and 90% in the hardware field, which is due to, as I explained in my previous messages, depending off of factories in third-world countries that are not even Apple operated! But Apple has done so much with software, it is obvious that, in the end, Apple will reach the goal. Even when personal computers are replaced with a different technology, Apple will be on top. Stop sending this stuff to misc@openbsd.org, it is totally irrelevant here, and your email address tags you as a Troll as well.
Re: Microsoft gets the Most Secure Operating Systems award
On 9/20/07, The One [EMAIL PROTECTED] wrote: Don't bother following up, I won't be listening. Or maybe I will, and I might even venture out from under my rock again before 4.4 ships. If anyone can solve security, whether it is with Leopard or in the future, Apple definitely can. In my opinion, Apple performs 100% in the software field, and 90% in the hardware field, which is due to, as I explained in my previous messages, depending off of factories in third-world countries that are not even Apple operated! But Apple has done so much with software, it is obvious that, in the end, Apple will reach the goal. Even when personal computers are replaced with a different technology, Apple will be on top. You're either incredibly naive, have been drinking too much aqua-colored koolaid, or are just joking. Good one. DS
Re: Microsoft gets the Most Secure Operating Systems award
On 9/20/07, The One [EMAIL PROTECTED] wrote: On 9/19/07, Peter N. M. Hansteen [EMAIL PROTECTED] wrote: The One [EMAIL PROTECTED] writes: Security is one of the concerns Leopard will solve. **BLAM** Security is never, ever a completely solved problem. Your world just isn' that simple. Do NOT pass GO. I sincerely hope never to hear such nonsense on misc, ever again. Sure, the next release is always better. But you won't hear me saying that OpenBSD 4.3 is your solution to all ills. At the moment, both Leopard and OpenBSD 4.3 are clouds of virtual unobtanium, not to be confused with the final solution to anything. Don't bother following up, I won't be listening. Or maybe I will, and I might even venture out from under my rock again before 4.4 ships. If anyone can solve security, whether it is with Leopard or in the future, Apple definitely can. In my opinion, Apple performs 100% in the software field, and 90% in the hardware field, which is due to, as I explained in my previous messages, depending off of factories in third-world countries that are not even Apple operated! But Apple has done so much with software, it is obvious that, in the end, Apple will reach the goal. Even when personal computers are replaced with a different technology, Apple will be on top. Okay so you've stopped top-posting. Thanks for that. But what are you? Are you some sort of Apple employee, out to spread the good word? Or are you just someone who has no idea how technology works in reality, your head so far up Apple's... cloud.. that you have never really realized what you're doing? Your opinion is nice, but useless. Opinions mean nothing, only facts. See, my opinion is, if anyone can solve security, OpenBSD definitely can. Now go away. -Nick
Re: Microsoft gets the Most Secure Operating Systems award
Sorry but I am just disagreed with Theo saying that OS X is buggy and insecure. On 9/21/07, Marc Espie [EMAIL PROTECTED] wrote: On Fri, Sep 21, 2007 at 12:08:55AM +1000, The One wrote: If anyone can solve security, whether it is with Leopard or in the future, Apple definitely can. In my opinion, Apple performs 100% in the software field, and 90% in the hardware field, which is due to, as I explained in my previous messages, depending off of factories in third-world countries that are not even Apple operated! But Apple has done so much with software, it is obvious that, in the end, Apple will reach the goal. Even when personal computers are replaced with a different technology, Apple will be on top. Stop sending this stuff to misc@openbsd.org, it is totally irrelevant here, and your email address tags you as a Troll as well.
Re: Microsoft gets the Most Secure Operating Systems award
The One [EMAIL PROTECTED] writes: In my opinion, In my opinion, you're simply a source of off-topic noise for this mailing list. There has to be dozens of mailing lists, web forums and the like where your fruit worship is welcome. Please go there. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: Microsoft gets the Most Secure Operating Systems award
On Fri, Sep 21, 2007 at 01:00:11AM +1000, The One wrote: Sorry but I am just disagreed with Theo saying that OS X is buggy and insecure. Whatever. BORED already. Go troll elsewhere.
FW: Microsoft gets the Most Secure Operating Systems award
The One [EMAIL PROTECTED] writes: If anyone can solve security, whether it is with Leopard or in the future, Apple definitely can. In my opinion, Apple performs 100% in the software field, and 90% in the hardware field, which is due to, as I explained in my previous messages, depending off of factories in third-world countries that are not even Apple operated! But Apple has done so much with software, it is obvious that, in the end, Apple will reach the goal. Even when personal computers are replaced with a different technology, Apple will be on top. Solve security? GEESH! Mr. The One I must humbly submit to you that you DO NOT KNOW WHEREFORE YOU SPEAK! There is no such thing as Solving Security. It does not exist. It could only exist in a perfect world and as you know, or at least should know, this is NOT a perfect world. My opinion is that Apple puts out a nice product for what it is. I love my MacBook, I use it to play online games and work my second job as an internet radio show personality. I use it when I don't want to think after a long day of thinking at work (thinking isn't my best subject after all). BUT! I do not delude myself into thinking that it is some great bastion of security or ever will be. At work, I use OpenBSD for firewalls, mail servers, (gulp) an FTP server, NIDS, time server, etc... etc... etc... Do I think that OpenBSD is the end-all-be-all of security? nope. A system, no matter how good it is, is only as good as the admin who sets it up. Some systems start out from a much better position than others, and my opinion is that OpenBSD is the very best at this, but ultimately, it has to be set up to do whatever job it needs to perform. No matter how perfect the base system is, there is no way to get around this. There is NO WAY an OS can SOLVE SECURITY. It is as impossible as making an ice machine that SOLVES the problem of ice melting. It is as idiotic as the belief that the Titanic was unsinkable. Please, do not put so much blind faith in a system that is built more for user experience than it is for security. Do not put so much blind faith in ANYTHING. Nothing is infallible, everything eventually crumbles. Even OpenBSD has had 2 remote exploits in the default install in the last 10 years. It happens, even to the very best. Nothing can, or ever will, be able to change this, it is an immutable fact. period. s
Re: FW: Microsoft gets the Most Secure Operating Systems award
On Thu, Sep 20, 2007 at 11:13:48AM -0400, stuart van Zee wrote: There is no such thing as Solving Security. It does not exist. It could only exist in a perfect world and as you know, or at least should know, this is NOT a perfect world. I have one absolutely secure computer. Actually I _had_ one: It is (was) a Pentium 75. It died. I took it apart and had it recycled. Since the drive didn't die (using it right now), it doesn't count. I can guarantee that nobody can do a remote exploit on that computer. :)) Other than that, I agree totally with Stuart. Doug.
Re: Microsoft gets the Most Secure Operating Systems award
On 09/19/07 13:07, Die Gestalt wrote: On 9/19/07, Daniel Ouellet [EMAIL PROTECTED] wrote: I think in German, it's call Chaise or something very close to that I believe, but I am absolutely sure the spelling is not good. .. ScheiC e? Merde? Using non-ASCII characters in e-mail is also: Scheisse! Wow misc is becoming cultural. OpenBSD and siblings are Definitely Pieces of Art. The craftsmanship with which the OpenBSD community handles software is comparable to painters handling materials, light and space a couple of hundred years ago. +++chefren p.s. Of course we have digital photographs and high res motion video these days... p.p.s. It was so good to see the recent stories of hacking iPhones: The first serious software they installed was OpenSSH!
Re: FW: Microsoft gets the Most Secure Operating Systems award
On 9/21/07, stuart van Zee [EMAIL PROTECTED] wrote: The One [EMAIL PROTECTED] writes: If anyone can solve security, whether it is with Leopard or in the future, Apple definitely can. In my opinion, Apple performs 100% in the software field, and 90% in the hardware field, which is due to, as I explained in my previous messages, depending off of factories in third-world countries that are not even Apple operated! But Apple has done so much with software, it is obvious that, in the end, Apple will reach the goal. Even when personal computers are replaced with a different technology, Apple will be on top. Solve security? GEESH! Mr. The One I must humbly submit to you that you DO NOT KNOW WHEREFORE YOU SPEAK! There is no such thing as Solving Security. It does not exist. It could only exist in a perfect world and as you know, or at least should know, this is NOT a perfect world. My opinion is that Apple puts out a nice product for what it is. I love my MacBook, I use it to play online games and work my second job as an internet radio show personality. I use it when I don't want to think after a long day of thinking at work (thinking isn't my best subject after all). BUT! I do not delude myself into thinking that it is some great bastion of security or ever will be. At work, I use OpenBSD for firewalls, mail servers, (gulp) an FTP server, NIDS, time server, etc... etc... etc... Do I think that OpenBSD is the end-all-be-all of security? nope. A system, no matter how good it is, is only as good as the admin who sets it up. Some systems start out from a much better position than others, and my opinion is that OpenBSD is the very best at this, but ultimately, it has to be set up to do whatever job it needs to perform. No matter how perfect the base system is, there is no way to get around this. There is NO WAY an OS can SOLVE SECURITY. It is as impossible as making an ice machine that SOLVES the problem of ice melting. It is as idiotic as the belief that the Titanic was unsinkable. Please, do not put so much blind faith in a system that is built more for user experience than it is for security. Do not put so much blind faith in ANYTHING. Nothing is infallible, everything eventually crumbles. Even OpenBSD has had 2 remote exploits in the default install in the last 10 years. It happens, even to the very best. Nothing can, or ever will, be able to change this, it is an immutable fact. period. s Hi Stuart, Of course, nothing can ever be immune! Sorry for allowing you to have such a misconception about myself! :) But, as I have said before, Apple has virtually never failed in software, why should it fail in security? The One.
Re: Microsoft gets the Most Secure Operating Systems award
On 9/20/07, The One [EMAIL PROTECTED] wrote: Sorry but I am just disagreed with Theo saying that OS X is buggy and insecure. Who gives a shit? This tread is more then FIVE months old and didnt even belong here in the first place. Just stop. --- Lars Hansson
Re: Microsoft gets the Most Secure Operating Systems award
Many people are in agreement over this. Is it possible for someone in charge of the list to either ban or somehow stop The One [EMAIL PROTECTED] from continuing this particular thread/subject? Thank you! On Fri, Sep 21, 2007 at 11:36:34AM +0800, Lars Hansson wrote: On 9/20/07, The One [EMAIL PROTECTED] wrote: Sorry but I am just disagreed with Theo saying that OS X is buggy and insecure. Who gives a shit? This tread is more then FIVE months old and didnt even belong here in the first place. Just stop. --- Lars Hansson -- http://mpec.net/gsd.asc
Re: Microsoft gets the Most Secure Operating Systems award
But if OS X Tiger was to gain 100 % market share, I honestly believe that my Mac would not be affected by any viruses or hacking, whatsoever. Of course, there may be some flaws discovered if such an event were to occur, but I am a very careful being. And with Safari's Private Browsing and helpful settings in System Preferences, my Mac would be completely secure! :) By the way, Apple makes sure to release security updates in relatively quick amounts of time! ;) With that in mind, and a stronger Leopard coming soon, what can possibly occur in a negative connotation? -The One On 9/19/07, The One [EMAIL PROTECTED] wrote: What I meant to say was that Leopard's release will solve every current problem prevailant in OS X Tiger and people's opinions about the Macintosh platform, although their current, so-called opinions have no evidence behind them, whatsoever. Security is one of the concerns Leopard will solve. I was, in a way, issuing a final statement about the stance of operating systems and general computers, at least OS X and Windows-wise. OpenBSD and Linux both have functions that make them unique. The simple fact is that the Windows OS has nothing unique about it whatsoever ... except for the fact that it is the only flawed OS to gain massive poularity ... temporarily -The One On 9/18/07, Nick Guenther [EMAIL PROTECTED] wrote: Why are you still talking? Why are you topposting? Why does it matter to the world at all what your one random friend does? And the standard: What does this have to do with OpenBSD? On 9/17/07, The One [EMAIL PROTECTED] wrote: Apple will, undoubtedly, implement some of these basic techniques for Leopard. But market share has completely NOTHING to do with OS X's security. Apple always has and will be 100 % when it comes to their software for OS X and OS X itself. Only time will tell. Leopard's release will solve every Mac user's concerns and PC fanboys idiocy! Even my friend, who uses a PC, is considering the purchase of a Mac. I told him to wait until October, which is very near, to buy one. That way he will not have to pay extra for Leopard! ;) On 9/5/07, Nick Shank [EMAIL PROTECTED] wrote: The One wrote: But how would it spread? There have been 2 OS X viruses, yet they spread terribly. And Apple has already fixed the issue. :) -The One On 9/2/07, Kennith Mann III [EMAIL PROTECTED] wrote: On 9/1/07, The One [EMAIL PROTECTED] wrote: On 3/23/07 2:53 AM, Theo de Raadt wrote: Symantec have been trying to demonise OS X for a long while. And it is going to work soon. Because OS X has no Propolice-like compiler stack protection, nor anything like W^X which makes parts of the address space non-executable, nor anything like address space randomization which makes certain attacks very difficult, especially with the previous two techniques. So when they have a bug, it is exploitable just like bugs are on any other powerpc or i386 machine running some other operating system. These days even operating systems like Vista have the above 3 security technologies. First of all, bugs and viruses are two different things. Second, OS X does not need third-party protection. All of the protection is built into the OS! If Vista is so secure, then why does one need to download virus/spyware protection when it can simply be built into the OS? -The One I don't have virus/spyware protection and I've been fine before with Vista and XP. Perhaps you mean to say why do users who install things they shouldn't need virus/spyware protection? which I would argue that the OS doesn't matter. I could write a script that asks for rootly permission in OS X and start nuking stuff with the promise of prettier icons for their desktop or IM client. If you were to argue for worms and things of the like, then I would agree. The only virus I will probably ever catch is some zero-day that hits the world and gets in my work network (won't happen at my house -- I live alone) Here we hit the heart of the issue. The virus and spyware detection software for Windows isn't really to protect to the OS. It's to protect the user from themselves.
Re: Microsoft gets the Most Secure Operating Systems award
What I meant to say was that Leopard's release will solve every current problem prevailant in OS X Tiger and people's opinions about the Macintosh platform, although their current, so-called opinions have no evidence behind them, whatsoever. Security is one of the concerns Leopard will solve. I was, in a way, issuing a final statement about the stance of operating systems and general computers, at least OS X and Windows-wise. OpenBSD and Linux both have functions that make them unique. The simple fact is that the Windows OS has nothing unique about it whatsoever ... except for the fact that it is the only flawed OS to gain massive poularity ... temporarily -The One On 9/18/07, Nick Guenther [EMAIL PROTECTED] wrote: Why are you still talking? Why are you topposting? Why does it matter to the world at all what your one random friend does? And the standard: What does this have to do with OpenBSD? On 9/17/07, The One [EMAIL PROTECTED] wrote: Apple will, undoubtedly, implement some of these basic techniques for Leopard. But market share has completely NOTHING to do with OS X's security. Apple always has and will be 100 % when it comes to their software for OS X and OS X itself. Only time will tell. Leopard's release will solve every Mac user's concerns and PC fanboys idiocy! Even my friend, who uses a PC, is considering the purchase of a Mac. I told him to wait until October, which is very near, to buy one. That way he will not have to pay extra for Leopard! ;) On 9/5/07, Nick Shank [EMAIL PROTECTED] wrote: The One wrote: But how would it spread? There have been 2 OS X viruses, yet they spread terribly. And Apple has already fixed the issue. :) -The One On 9/2/07, Kennith Mann III [EMAIL PROTECTED] wrote: On 9/1/07, The One [EMAIL PROTECTED] wrote: On 3/23/07 2:53 AM, Theo de Raadt wrote: Symantec have been trying to demonise OS X for a long while. And it is going to work soon. Because OS X has no Propolice-like compiler stack protection, nor anything like W^X which makes parts of the address space non-executable, nor anything like address space randomization which makes certain attacks very difficult, especially with the previous two techniques. So when they have a bug, it is exploitable just like bugs are on any other powerpc or i386 machine running some other operating system. These days even operating systems like Vista have the above 3 security technologies. First of all, bugs and viruses are two different things. Second, OS X does not need third-party protection. All of the protection is built into the OS! If Vista is so secure, then why does one need to download virus/spyware protection when it can simply be built into the OS? -The One I don't have virus/spyware protection and I've been fine before with Vista and XP. Perhaps you mean to say why do users who install things they shouldn't need virus/spyware protection? which I would argue that the OS doesn't matter. I could write a script that asks for rootly permission in OS X and start nuking stuff with the promise of prettier icons for their desktop or IM client. If you were to argue for worms and things of the like, then I would agree. The only virus I will probably ever catch is some zero-day that hits the world and gets in my work network (won't happen at my house -- I live alone) Here we hit the heart of the issue. The virus and spyware detection software for Windows isn't really to protect to the OS. It's to protect the user from themselves.
Re: Microsoft gets the Most Secure Operating Systems award
The One [EMAIL PROTECTED] writes: Security is one of the concerns Leopard will solve. **BLAM** Security is never, ever a completely solved problem. Your world just isn' that simple. Do NOT pass GO. I sincerely hope never to hear such nonsense on misc, ever again. Sure, the next release is always better. But you won't hear me saying that OpenBSD 4.3 is your solution to all ills. At the moment, both Leopard and OpenBSD 4.3 are clouds of virtual unobtanium, not to be confused with the final solution to anything. Don't bother following up, I won't be listening. Or maybe I will, and I might even venture out from under my rock again before 4.4 ships. And by the way, top posting *is* silly. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: Microsoft gets the Most Secure Operating Systems award
* The One [EMAIL PROTECTED] [2007-09-19 11:17]: What I meant to say was that Leopard's release will solve every current problem prevailant in OS X Tiger and people's opinions about the Macintosh platform, although their current, so-called opinions have no evidence behind them, whatsoever. Well, I think that OS X is an insecure piece of shit. Does that matter for this list? no. Do I keep posting that here? no. Should you? no. Now please go away. -- Henning Brauer, [EMAIL PROTECTED], [EMAIL PROTECTED] BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg Amsterdam
Re: Microsoft gets the Most Secure Operating Systems award
Henning Brauer wrote: * The One [EMAIL PROTECTED] [2007-09-19 11:17]: What I meant to say was that Leopard's release will solve every current problem prevailant in OS X Tiger and people's opinions about the Macintosh platform, although their current, so-called opinions have no evidence behind them, whatsoever. Well, I think that OS X is an insecure piece of shit. WOW. I don't see Henning replying with such an unusual American type of grace so often. (; You got me smiling men. I think in German, it's call Chaise or something very close to that I believe, but I am absolutely sure the spelling is not good. But, I am however sure that with a few seconds of thinking you will understand it. Kind of pronounce in Francais / using English for a Germen word. Best, Daniel
Mailing list issues (was: Microsoft gets the Most Secure Operating Systems award)
Die Gestalt wrote: [...] ScheiC[1F]e? Merde? Incidentally, from Gestalt's headers: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit I've been noticing for a while that openbsd-misc appears to be unilaterally changing the transfer-encoding header to 7bit without actually reencoding the message body, which is just not on. Gestalt's message arrived with a 0x1F control code in it because of this, which is extremely antisocial. (I changed that in the quoted text above!) I appreciate the sentiment in trying to keep the messages clean, but if people want to change the transfer encoding or charset, they really *have to* reencode while they're at it, or the result is nonsense --- you can see that Gestalt's message is billed as 7bit UTF-8. Not to mention that it's deeply unfriendly to anyone who doesn't speak us-ascii. What mailing list software does the list use? -- David Given [EMAIL PROTECTED]
Re: Mailing list issues (was: Microsoft gets the Most Secure Operating Systems award)
Dunno about anyone else, but that seems like some kind of poetic justice. Preserving the pseudo-integrity of garbage seems like it should be very low on the list of priorities. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Given Sent: Wednesday, September 19, 2007 7:28 AM To: obsd-misc Subject: Mailing list issues (was: Microsoft gets the Most Secure Operating Systems award) Die Gestalt wrote: [...] ScheiC[1F]e? Merde? Incidentally, from Gestalt's headers: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit I've been noticing for a while that openbsd-misc appears to be unilaterally changing the transfer-encoding header to 7bit without actually reencoding the message body, which is just not on. Gestalt's message arrived with a 0x1F control code in it because of this, which is extremely antisocial. (I changed that in the quoted text above!) I appreciate the sentiment in trying to keep the messages clean, but if people want to change the transfer encoding or charset, they really *have to* reencode while they're at it, or the result is nonsense --- you can see that Gestalt's message is billed as 7bit UTF-8. Not to mention that it's deeply unfriendly to anyone who doesn't speak us-ascii. What mailing list software does the list use? -- David Given [EMAIL PROTECTED]
Re: Microsoft gets the Most Secure Operating Systems award
Apple will, undoubtedly, implement some of these basic techniques for Leopard. But market share has completely NOTHING to do with OS X's security. Apple always has and will be 100 % when it comes to their software for OS X and OS X itself. Only time will tell. Leopard's release will solve every Mac user's concerns and PC fanboys idiocy! Even my friend, who uses a PC, is considering the purchase of a Mac. I told him to wait until October, which is very near, to buy one. That way he will not have to pay extra for Leopard! ;) On 9/5/07, Nick Shank [EMAIL PROTECTED] wrote: The One wrote: But how would it spread? There have been 2 OS X viruses, yet they spread terribly. And Apple has already fixed the issue. :) -The One On 9/2/07, Kennith Mann III [EMAIL PROTECTED] wrote: On 9/1/07, The One [EMAIL PROTECTED] wrote: On 3/23/07 2:53 AM, Theo de Raadt wrote: Symantec have been trying to demonise OS X for a long while. And it is going to work soon. Because OS X has no Propolice-like compiler stack protection, nor anything like W^X which makes parts of the address space non-executable, nor anything like address space randomization which makes certain attacks very difficult, especially with the previous two techniques. So when they have a bug, it is exploitable just like bugs are on any other powerpc or i386 machine running some other operating system. These days even operating systems like Vista have the above 3 security technologies. First of all, bugs and viruses are two different things. Second, OS X does not need third-party protection. All of the protection is built into the OS! If Vista is so secure, then why does one need to download virus/spyware protection when it can simply be built into the OS? -The One I don't have virus/spyware protection and I've been fine before with Vista and XP. Perhaps you mean to say why do users who install things they shouldn't need virus/spyware protection? which I would argue that the OS doesn't matter. I could write a script that asks for rootly permission in OS X and start nuking stuff with the promise of prettier icons for their desktop or IM client. If you were to argue for worms and things of the like, then I would agree. The only virus I will probably ever catch is some zero-day that hits the world and gets in my work network (won't happen at my house -- I live alone) Here we hit the heart of the issue. The virus and spyware detection software for Windows isn't really to protect to the OS. It's to protect the user from themselves.
Re: Microsoft gets the Most Secure Operating Systems award
Why are you still talking? Why are you topposting? Why does it matter to the world at all what your one random friend does? And the standard: What does this have to do with OpenBSD? On 9/17/07, The One [EMAIL PROTECTED] wrote: Apple will, undoubtedly, implement some of these basic techniques for Leopard. But market share has completely NOTHING to do with OS X's security. Apple always has and will be 100 % when it comes to their software for OS X and OS X itself. Only time will tell. Leopard's release will solve every Mac user's concerns and PC fanboys idiocy! Even my friend, who uses a PC, is considering the purchase of a Mac. I told him to wait until October, which is very near, to buy one. That way he will not have to pay extra for Leopard! ;) On 9/5/07, Nick Shank [EMAIL PROTECTED] wrote: The One wrote: But how would it spread? There have been 2 OS X viruses, yet they spread terribly. And Apple has already fixed the issue. :) -The One On 9/2/07, Kennith Mann III [EMAIL PROTECTED] wrote: On 9/1/07, The One [EMAIL PROTECTED] wrote: On 3/23/07 2:53 AM, Theo de Raadt wrote: Symantec have been trying to demonise OS X for a long while. And it is going to work soon. Because OS X has no Propolice-like compiler stack protection, nor anything like W^X which makes parts of the address space non-executable, nor anything like address space randomization which makes certain attacks very difficult, especially with the previous two techniques. So when they have a bug, it is exploitable just like bugs are on any other powerpc or i386 machine running some other operating system. These days even operating systems like Vista have the above 3 security technologies. First of all, bugs and viruses are two different things. Second, OS X does not need third-party protection. All of the protection is built into the OS! If Vista is so secure, then why does one need to download virus/spyware protection when it can simply be built into the OS? -The One I don't have virus/spyware protection and I've been fine before with Vista and XP. Perhaps you mean to say why do users who install things they shouldn't need virus/spyware protection? which I would argue that the OS doesn't matter. I could write a script that asks for rootly permission in OS X and start nuking stuff with the promise of prettier icons for their desktop or IM client. If you were to argue for worms and things of the like, then I would agree. The only virus I will probably ever catch is some zero-day that hits the world and gets in my work network (won't happen at my house -- I live alone) Here we hit the heart of the issue. The virus and spyware detection software for Windows isn't really to protect to the OS. It's to protect the user from themselves.
Re: Microsoft gets the Most Secure Operating Systems award
But how would it spread? There have been 2 OS X viruses, yet they spread terribly. And Apple has already fixed the issue. :) -The One On 9/2/07, Kennith Mann III [EMAIL PROTECTED] wrote: On 9/1/07, The One [EMAIL PROTECTED] wrote: On 3/23/07 2:53 AM, Theo de Raadt wrote: Symantec have been trying to demonise OS X for a long while. And it is going to work soon. Because OS X has no Propolice-like compiler stack protection, nor anything like W^X which makes parts of the address space non-executable, nor anything like address space randomization which makes certain attacks very difficult, especially with the previous two techniques. So when they have a bug, it is exploitable just like bugs are on any other powerpc or i386 machine running some other operating system. These days even operating systems like Vista have the above 3 security technologies. First of all, bugs and viruses are two different things. Second, OS X does not need third-party protection. All of the protection is built into the OS! If Vista is so secure, then why does one need to download virus/spyware protection when it can simply be built into the OS? -The One I don't have virus/spyware protection and I've been fine before with Vista and XP. Perhaps you mean to say why do users who install things they shouldn't need virus/spyware protection? which I would argue that the OS doesn't matter. I could write a script that asks for rootly permission in OS X and start nuking stuff with the promise of prettier icons for their desktop or IM client. If you were to argue for worms and things of the like, then I would agree. The only virus I will probably ever catch is some zero-day that hits the world and gets in my work network (won't happen at my house -- I live alone)
Re: Microsoft gets the Most Secure Operating Systems award
Welcome to a really long time ago. --- Lars Hansson
Re: Microsoft gets the Most Secure Operating Systems award
The One wrote: But how would it spread? There have been 2 OS X viruses, yet they spread terribly. And Apple has already fixed the issue. :) -The One On 9/2/07, Kennith Mann III [EMAIL PROTECTED] wrote: On 9/1/07, The One [EMAIL PROTECTED] wrote: On 3/23/07 2:53 AM, Theo de Raadt wrote: Symantec have been trying to demonise OS X for a long while. And it is going to work soon. Because OS X has no Propolice-like compiler stack protection, nor anything like W^X which makes parts of the address space non-executable, nor anything like address space randomization which makes certain attacks very difficult, especially with the previous two techniques. So when they have a bug, it is exploitable just like bugs are on any other powerpc or i386 machine running some other operating system. These days even operating systems like Vista have the above 3 security technologies. First of all, bugs and viruses are two different things. Second, OS X does not need third-party protection. All of the protection is built into the OS! If Vista is so secure, then why does one need to download virus/spyware protection when it can simply be built into the OS? -The One I don't have virus/spyware protection and I've been fine before with Vista and XP. Perhaps you mean to say why do users who install things they shouldn't need virus/spyware protection? which I would argue that the OS doesn't matter. I could write a script that asks for rootly permission in OS X and start nuking stuff with the promise of prettier icons for their desktop or IM client. If you were to argue for worms and things of the like, then I would agree. The only virus I will probably ever catch is some zero-day that hits the world and gets in my work network (won't happen at my house -- I live alone) Here we hit the heart of the issue. The virus and spyware detection software for Windows isn't really to protect to the OS. It's to protect the user from themselves.
Re: Microsoft gets the Most Secure Operating Systems award
On 3/23/07 2:53 AM, Theo de Raadt wrote: Symantec have been trying to demonise OS X for a long while. And it is going to work soon. Because OS X has no Propolice-like compiler stack protection, nor anything like W^X which makes parts of the address space non-executable, nor anything like address space randomization which makes certain attacks very difficult, especially with the previous two techniques. So when they have a bug, it is exploitable just like bugs are on any other powerpc or i386 machine running some other operating system. These days even operating systems like Vista have the above 3 security technologies. First of all, bugs and viruses are two different things. Second, OS X does not need third-party protection. All of the protection is built into the OS! If Vista is so secure, then why does one need to download virus/spyware protection when it can simply be built into the OS? -The One
Re: Microsoft gets the Most Secure Operating Systems award
Thought you might be interested in this: http://www.omninerd.com/2007/03/26/articles/74 More or less a follow up to the Windows award... This time with FreeBSD in the comparison... 2007/3/24, Dan Farrell [EMAIL PROTECTED]: On 3/23/07, Darren Spruell [EMAIL PROTECTED] wrote: On 3/23/07, chefren [EMAIL PROTECTED] wrote: p.s. Maybe I was too harsh against Karel? Survey says: No. DS I agree :) Marius I'll bottom post just this once to add to this list of agreement. danno -- Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html
Re: Microsoft gets the Most Secure Operating Systems award
On 3/23/07 2:53 AM, Theo de Raadt wrote: Symantec have been trying to demonise OS X for a long while. And it is going to work soon. Because OS X has no Propolice-like compiler stack protection, nor anything like W^X which makes parts of the address space non-executable, nor anything like address space randomization which makes certain attacks very difficult, especially with the previous two techniques. Who says they don't have that all in their sleeves? Like OpenBSD OS X has a pretty clean and well maintained setup. I believe they can copy most of the defences without any problem from well tested OpenBSD and they would be pretty stupid if they didn't have done so already for testing. I presume they haven't put on those defenses to avoid problems with third party applications while there aren't serious security problems yet. So when they have a bug, it is exploitable just like bugs are on any other powerpc or i386 machine running some other operating system. These days even operating systems like Vista have the above 3 security technologies. But can we get back to OpenBSD discussions? Although misc carried quite some fluff lately, the implementation of more OpenBSD features in OS X is an interesting thought. +++chefren p.s. Maybe I was too harsh against Karel?
Re: Microsoft gets the Most Secure Operating Systems award
On 3/23/07, chefren [EMAIL PROTECTED] wrote: p.s. Maybe I was too harsh against Karel? Survey says: No. DS
Re: Microsoft gets the Most Secure Operating Systems award
On 3/23/07, Darren Spruell [EMAIL PROTECTED] wrote: On 3/23/07, chefren [EMAIL PROTECTED] wrote: p.s. Maybe I was too harsh against Karel? Survey says: No. DS I agree :) Marius
Re: Microsoft gets the Most Secure Operating Systems award
On 3/23/07, Jeff Rollin [EMAIL PROTECTED] wrote: On 22/03/07, Greg Thomas [EMAIL PROTECTED] wrote: On 3/22/07, Jeff Rollin [EMAIL PROTECTED] wrote: On 22/03/07, Marc Espie [EMAIL PROTECTED] wrote: On Thu, Mar 22, 2007 at 03:28:29PM -0400, Douglas Allan Tutty wrote: Their challenge is that they need to provide choice so they have what they call reasonable defaults. No, they don't need to provide choice. At least not that many. They decide to do so. That's most of what's wrong with OS stuff these days. Too many choices. Too many knobs. Every day, I see people shoot themselves in the foot, not managing to administer boxes and networks in a simple way, making stupid decisions that don't serve any purpose. ACL, enforced security policies, reverse proxy setups, user accounts, network user groups, PAM, openldap, reiserfs, ext3fs, ext2fs... so many choices. So many wrong choices. Multiple user accounts and a journalling facility on a filesystem == wrong: Interesting perspective. At some point, the people who package the software need to make editorial decisions. Remove knobs. Provide people with stuff that just works. Remove options. Or definitely give them the means to do the trade-off correctly. Okay, it's a losing battle. I'm an old grumpy fart. Okay, a lot of IT people are just earning their wages by managing the incredibly too complex setups we face nowadays (and not screwing too badly in front of a multitude of stupide innane choices). Linux is the `culture of choice'. Provide ten MTA, ten MUA. Twenty window managers. Never decide which one you want to install, never give you a default installation that just works. Cater to the techy, nerdy culture of people who want to spend *days* just making choices. Wrong. Unix is the culture of choice, and that includes Linux and OpenBSD. How many MTAs, MUAs, http servers, text editors, DNS servers, FTP servers, etc. are included with OpenBSD? Never counted 'em, but that's not the point. Well, that was Marc's point. I choose OpenBSD because there isn't alot of extra crap. The point is that OpenBSD is a Unix-like operating system, and that therefore if you don't like the way OpenBSD does things you can move relatively easily to NetBSD, FreeBSD, DragonFlyBSD, Solaris, AIX, Linux... any or all of which may, and any and all of which are free to, include more or less choices in MTAs, MUAs and the rest than OpenBSD. Whether I can choose other OSes is completely irrelevant to the above point. The point was why I choose OpenBSD over the others. Greg
Re: Microsoft gets the Most Secure Operating Systems award
On 3/23/07, Darren Spruell [EMAIL PROTECTED] wrote: On 3/23/07, chefren [EMAIL PROTECTED] wrote: p.s. Maybe I was too harsh against Karel? Survey says: No. DS I agree :) Marius I'll bottom post just this once to add to this list of agreement. danno
Microsoft gets the Most Secure Operating Systems award
Hi, http://www.internetnews.com/security/article.php/3667201 Just for some entertainment, no troll :-) --Siju
Re: Microsoft gets the Most Secure Operating Systems award
Nice, let's all now switch our servers to Windows!!! Oh but it doesn't run on ultrasparc... Nevermind... :D 2007/3/23, Siju George [EMAIL PROTECTED]: Hi, http://www.internetnews.com/security/article.php/3667201 Just for some entertainment, no troll :-) --Siju -- Please avoid sending me Word or PowerPoint attachments. See http://www.gnu.org/philosophy/no-word-attachments.html
Re: Microsoft gets the Most Secure Operating Systems award
On Thu, 22 Mar 2007 18:58:31 +0530, Siju George [EMAIL PROTECTED] wrote: Hi, http://www.internetnews.com/security/article.php/3667201 From the article: Microsoft is doing better overall than its leading commercial competitors. ^^ No wonder. they stacked the deck before doing the comparison Just for some entertainment, no troll :-) --Siju --- Ben Calvert Flying Walrus Communications
Re: Microsoft gets the Most Secure Operating Systems award
Siju George wrote: Hi, http://www.internetnews.com/security/article.php/3667201 Just for some entertainment, no troll :-) --Siju IMHO it's not a fair comparison, most linux distributions ship with alot more software than microsoft windows does, and most bugreports indicate an issue with third-party software.
Re: Microsoft gets the Most Secure Operating Systems award
On 3/22/07, Ben Calvert [EMAIL PROTECTED] wrote: Microsoft is doing better overall than its leading commercial competitors. ^^ No wonder. they stacked the deck before doing the comparison doesn't this mean that they now have more coders on payroll to fix stuff than they do to write the os? kinda scary.
Re: Microsoft gets the Most Secure Operating Systems award
On Thursday 22 March 2007 11:29 am, RedShift wrote: Siju George wrote: Hi, http://www.internetnews.com/security/article.php/3667201 Just for some entertainment, no troll :-) --Siju IMHO it's not a fair comparison, most linux distributions ship with alot more software than microsoft windows does, and most bugreports indicate an issue with third-party software. If you read the article past the summary, they mention that. While Windows had far fewer bugs than say Red Hat, Red Hat only had 2 (out of 208) considered high/severe. Windows had a very high percentage of its bugs labelled as high or severe (12 out of 39). Similarly, I'm sure if you looked at the time-to-fix for just the high and severe bugs from each side, you'd see that the Microsoft ones were slower to get patched. I'm just betting that the 200+ less unimportant bugs included many that really just didn't warrant any priority to fix. Unfortunately, the article doesn't really show this in the light that suggests the findings of Windows being the most secure commercial OS might be false, but it's not too hard to read between the lines. 78% of statistics are made up and 103% of statistics can say the exact opposite of what you think they should mean. -- Regards, Neil Schelly Senior Systems Administrator W: 978-667-5115 x213 M: 508-410-4776 OASIS Open http://www.oasis-open.org Advancing E-Business Standards Since 1993
Re: Microsoft gets the Most Secure Operating Systems award
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Siju George Sent: Thursday, March 22, 2007 8:29 AM To: OpenBSD Misc Subject: Microsoft gets the Most Secure Operating Systems award Hi, http://www.internetnews.com/security/article.php/3667201 Just for some entertainment, no troll :-) --Siju I think I'll print out this article for use any time my boss gets a wild hair up his ass and wants to convert to windows. The stats for number of vulnerabilities and turn around time have always been abysmal for windows and this article just proves that nothing has changed. Maybe I could admit that this is marginally better than previous windows versions (maybe) but it is still very sloppy when compared to OpenBSD. A special thanks to Theo and the OpenBSD team for making me look so good all these years. stuart
Re: Microsoft gets the Most Secure Operating Systems award
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of RedShift Sent: Thursday, March 22, 2007 10:30 AM To: misc@openbsd.org Subject: Re: Microsoft gets the Most Secure Operating Systems award Siju George wrote: Hi, http://www.internetnews.com/security/article.php/3667201 Just for some entertainment, no troll :-) --Siju IMHO it's not a fair comparison, most linux distributions ship with alot more software than microsoft windows does, and most bugreports indicate an issue with third-party software. First, these types of articles (generally) have nothing to do with making a fair compairison. They are made up by marketing guys for marketing reasons. Second, It just goes to show that an OS that doesn't ship with a bunch of extra fluff that most people aren't going to need anyway is always the best choice. That was one of the first things that attracted me to OpenBSD. I remember saying to myself What? You have to enable the web server? It isn't on right out of the box? WOW! What a concept! Needless to say, I threw away my Red Hat CDs and haven't looked back.
Re: Microsoft gets the Most Secure Operating Systems award
On 3/22/07, Neil Joseph Schelly [EMAIL PROTECTED] wrote: On Thursday 22 March 2007 11:29 am, RedShift wrote: Siju George wrote: Hi, http://www.internetnews.com/security/article.php/3667201 Just for some entertainment, no troll :-) --Siju IMHO it's not a fair comparison, most linux distributions ship with alot more software than microsoft windows does, and most bugreports indicate an issue with third-party software. If you read the article past the summary, they mention that. While Windows had far fewer bugs than say Red Hat, Red Hat only had 2 (out of 208) considered high/severe. Windows had a very high percentage of its bugs labelled as high or severe (12 out of 39). Similarly, I'm sure if you looked at the time-to-fix for just the high and severe bugs from each side, you'd see that the Microsoft ones were slower to get patched. I'm just betting that the 200+ less unimportant bugs included many that really just didn't warrant any priority to fix. Unfortunately, the article doesn't really show this in the light that suggests the findings of Windows being the most secure commercial OS might be false, but it's not too hard to read between the lines. 78% of statistics are made up and 103% of statistics can say the exact opposite of what you think they should mean. And *anyway*, measuring security by number of patches for bugs and time it takes to patch is silly. Every OS, even OpenBSD as we just saw, is probably full of undetected exploits that are constantly getting fixed indirectly as overall code quality is improved. -Nick
Re: Microsoft gets the Most Secure Operating Systems award
On Thu, 22 Mar 2007, RedShift wrote: Siju George wrote: http://www.internetnews.com/security/article.php/3667201 Just for some entertainment, no troll :-) IMHO it's not a fair comparison, most linux distributions ship with alot more software than microsoft windows does, and most bugreports indicate an issue with third-party software. It's even more bullshit than that. Among other things, it compares the number of 'patches', which for non-MS systems tend to be 1:1 or close to it whereas MS has be making a point of rolling as many vulnerabilities into a single patch as possible. The metrics are not described. Terms like 'patch', 'vulnerability', 'advisory' are intermingled in a most unclear manner. Patch 'development time' seems undefined as well. Symantic makes its living selling paper bailing cups in a leaky boat. The media actively participates in obfuscating the issues, the causes and the solutions by publicizing such crap from Symantic and MS. -Lars Lars NoodC)n ([EMAIL PROTECTED]) Ensure access to your data now and in the future http://opendocumentfellowship.org/about_us/contribute
Re: Microsoft gets the Most Secure Operating Systems award
Siju George wrote: Hi, http://www.internetnews.com/security/article.php/3667201 Just for some entertainment, no troll :-) --Siju IMHO it's not a fair comparison, most linux distributions ship with alot more software than microsoft windows does, and most bugreports indicate an issue with third-party software. I think it's a very fair comparison. Hmm. let's see, An OS that ships with a big pile of stinking garbage written quickly to dangle the prettiest shiny things in front of users little brains before anyone else does. Linux distros do the first to market and damn the consequences game just as well as Microsoft ever has. Third party software - in linux? fuck in Linux distributions everything in userland is third party software. Linux is a kernel. The operating system is then a collection of things put together by bundlers. Do I think either vendor does a good job, no, but is Microsoft doing a better job of it than say, Red Hat? Yep. You betcha. If you right now took a magic fairy wand and replaced windows in all the broadband connected machines out there with a full featured (and that means all the bells and whistles, not spending half a day turning all the shit off and un-setuiding all the inane shit that is setuid root) Red Hat install with similar tools, I'm pretty sure you'd have a virus and worm shitstorm that would make what we see now hitting our mailservers from windows machines look like a tiny little unoffensive fart - from a vegetarian at that. And yes a big chunk of the problem is the knuckle dragging mouth breather in front of the keyboard - thank god that's not OpenBSD's targeted userbase, although some days reading misc@ I wonder. -Bob
Re: Microsoft gets the Most Secure Operating Systems award
On Thu, Mar 22, 2007 at 08:12:23AM -0700, Ben Calvert wrote: On Thu, 22 Mar 2007 18:58:31 +0530, Siju George [EMAIL PROTECTED] wrote: Hi, http://www.internetnews.com/security/article.php/3667201 From the article: Microsoft is doing better overall than its leading commercial competitors. ^^ No wonder. they stacked the deck before doing the comparison As I see it they compared: Microsoft: 12 serious vulnerabilities in the OS Red Hat: 2 serious vulnerabilities in the kernel + packages Mac OS X:1 serious vulnerability in the OS HP-UX: ?? _serious_ out of 98 total Solaris:?? _serious_ out of 36 total for OS + third-party apps The article seems to rank by the number of patches. If a vendor waits and sends out a mega-patch even monthly, to fix more bugs than anyone else, then that's only two patches over a 6 month period. Its a poorly constructed survey. Doug.
Re: Microsoft gets the Most Secure Operating Systems award
On 3/22/07, Bob Beck [EMAIL PROTECTED] wrote: And yes a big chunk of the problem is the knuckle dragging mouth breather in front of the keyboard - thank god that's not OpenBSD's targeted userbase, Damn, I wonder how I stumbled onto OpenBSD then. Greg
Re: Microsoft gets the Most Secure Operating Systems award
On Thu, Mar 22, 2007 at 03:28:29PM -0400, Douglas Allan Tutty wrote: Their challenge is that they need to provide choice so they have what they call reasonable defaults. No, they don't need to provide choice. At least not that many. They decide to do so. That's most of what's wrong with OS stuff these days. Too many choices. Too many knobs. Every day, I see people shoot themselves in the foot, not managing to administer boxes and networks in a simple way, making stupid decisions that don't serve any purpose. ACL, enforced security policies, reverse proxy setups, user accounts, network user groups, PAM, openldap, reiserfs, ext3fs, ext2fs... so many choices. So many wrong choices. At some point, the people who package the software need to make editorial decisions. Remove knobs. Provide people with stuff that just works. Remove options. Or definitely give them the means to do the trade-off correctly. Okay, it's a losing battle. I'm an old grumpy fart. Okay, a lot of IT people are just earning their wages by managing the incredibly too complex setups we face nowadays (and not screwing too badly in front of a multitude of stupide innane choices). Linux is the `culture of choice'. Provide ten MTA, ten MUA. Twenty window managers. Never decide which one you want to install, never give you a default installation that just works. Cater to the techy, nerdy culture of people who want to spend *days* just making choices. We try not to be as bad, to provide default configs that work, and not so many choices.
Re: Microsoft gets the Most Secure Operating Systems award
On Thu, Mar 22, 2007 at 09:40:57PM +0100, Marc Espie wrote: On Thu, Mar 22, 2007 at 03:28:29PM -0400, Douglas Allan Tutty wrote: Their challenge is that they need to provide choice so they have what they call reasonable defaults. No, they don't need to provide choice. At least not that many. They decide to do so. That's most of what's wrong with OS stuff these days. Too many choices. Too many knobs. Every day, I see people shoot themselves in the foot, not managing to administer boxes and networks in a simple way, making stupid decisions that don't serve any purpose. ACL, enforced security policies, reverse proxy setups, user accounts, network user groups, PAM, openldap, reiserfs, ext3fs, ext2fs... so many choices. So many wrong choices. At some point, the people who package the software need to make editorial decisions. Remove knobs. Provide people with stuff that just works. Remove options. Or definitely give them the means to do the trade-off correctly. Okay, it's a losing battle. I'm an old grumpy fart. Okay, a lot of IT people are just earning their wages by managing the incredibly too complex setups we face nowadays (and not screwing too badly in front of a multitude of stupide innane choices). Linux is the `culture of choice'. Provide ten MTA, ten MUA. Twenty window managers. Never decide which one you want to install, never give you a default installation that just works. Cater to the techy, nerdy culture of people who want to spend *days* just making choices. We try not to be as bad, to provide default configs that work, and not so many choices. I agree with you that secure/sane defaults are very important, they are a big pro for OpenBSD. Featurism violates KISS and we all know that KISS is the only way to handle ever growing complexity. BUT choices are important as well, everything else is world domination tour aka dictatorship (and not the good kind). Imagine not having a choice in hardware, wait don't just imagine look at the high-end graphics card market. Sorry, but I just couldn't leave the one size HAS TO fit all alone without any restraints. Regards, ahb
Re: Microsoft gets the Most Secure Operating Systems award
On 3/22/07, Marc Espie [EMAIL PROTECTED] wrote: On Thu, Mar 22, 2007 at 03:28:29PM -0400, Douglas Allan Tutty wrote: Their challenge is that they need to provide choice so they have what they call reasonable defaults. No, they don't need to provide choice. At least not that many. They decide to do so. That's most of what's wrong with OS stuff these days. That's exactly why I switched long ago. Poking around at 1000 different little apps all doing the same thing was fun for awhile on Linux but I eventually realized that all the choices actually reduced my productivity. A second reason I switched was because of OS cohesion. Greg
Re: Microsoft gets the Most Secure Operating Systems award
On 22/03/07, Marc Espie [EMAIL PROTECTED] wrote: On Thu, Mar 22, 2007 at 03:28:29PM -0400, Douglas Allan Tutty wrote: Their challenge is that they need to provide choice so they have what they call reasonable defaults. No, they don't need to provide choice. At least not that many. They decide to do so. That's most of what's wrong with OS stuff these days. Too many choices. Too many knobs. Every day, I see people shoot themselves in the foot, not managing to administer boxes and networks in a simple way, making stupid decisions that don't serve any purpose. ACL, enforced security policies, reverse proxy setups, user accounts, network user groups, PAM, openldap, reiserfs, ext3fs, ext2fs... so many choices. So many wrong choices. Multiple user accounts and a journalling facility on a filesystem == wrong: Interesting perspective. At some point, the people who package the software need to make editorial decisions. Remove knobs. Provide people with stuff that just works. Remove options. Or definitely give them the means to do the trade-off correctly. Okay, it's a losing battle. I'm an old grumpy fart. Okay, a lot of IT people are just earning their wages by managing the incredibly too complex setups we face nowadays (and not screwing too badly in front of a multitude of stupide innane choices). Linux is the `culture of choice'. Provide ten MTA, ten MUA. Twenty window managers. Never decide which one you want to install, never give you a default installation that just works. Cater to the techy, nerdy culture of people who want to spend *days* just making choices. Wrong. Unix is the culture of choice, and that includes Linux and OpenBSD. It's been the same ever since Berkely includled csh. That, by the way, is why YOU have the option to run OpenBSD, and others have the option to run Linux. We try not to be as bad, to provide default configs that work, and not so many choices. I was happy with the choices in Linux ten years ago. Some still aren't happy with it. That's the nature of people these days. If you want to try to change their behaviour you have to provide for them in the meantime. Jeff -- Q: What will happen in the Aftermath? A: Impossible to tell, since we're still in the Beforemath. http://latedeveloper.org.uk
Re: Microsoft gets the Most Secure Operating Systems award
On 3/22/07, Jeff Rollin [EMAIL PROTECTED] wrote: On 22/03/07, Marc Espie [EMAIL PROTECTED] wrote: On Thu, Mar 22, 2007 at 03:28:29PM -0400, Douglas Allan Tutty wrote: Their challenge is that they need to provide choice so they have what they call reasonable defaults. No, they don't need to provide choice. At least not that many. They decide to do so. That's most of what's wrong with OS stuff these days. Too many choices. Too many knobs. Every day, I see people shoot themselves in the foot, not managing to administer boxes and networks in a simple way, making stupid decisions that don't serve any purpose. ACL, enforced security policies, reverse proxy setups, user accounts, network user groups, PAM, openldap, reiserfs, ext3fs, ext2fs... so many choices. So many wrong choices. Multiple user accounts and a journalling facility on a filesystem == wrong: Interesting perspective. At some point, the people who package the software need to make editorial decisions. Remove knobs. Provide people with stuff that just works. Remove options. Or definitely give them the means to do the trade-off correctly. Okay, it's a losing battle. I'm an old grumpy fart. Okay, a lot of IT people are just earning their wages by managing the incredibly too complex setups we face nowadays (and not screwing too badly in front of a multitude of stupide innane choices). Linux is the `culture of choice'. Provide ten MTA, ten MUA. Twenty window managers. Never decide which one you want to install, never give you a default installation that just works. Cater to the techy, nerdy culture of people who want to spend *days* just making choices. Wrong. Unix is the culture of choice, and that includes Linux and OpenBSD. How many MTAs, MUAs, http servers, text editors, DNS servers, FTP servers, etc. are included with OpenBSD? Greg
Re: Microsoft gets the Most Secure Operating Systems award
On 3/22/07, Bob Beck [EMAIL PROTECTED] wrote: snip from a vegetarian at that. The fallacy that is this clause undermines your broader argument. Promise yourself not to spread such falsity again, and you will be well served. -Todd
Re: Microsoft gets the Most Secure Operating Systems award
On 23/03/2007, at 3:19 AM, Lars D. Noodin wrote: Symantic makes its living selling paper bailing cups in a leaky boat. ;-) The media actively participates in obfuscating the issues, the causes and the solutions by publicizing such crap from Symantic and MS. Yes. Symantec make their money from a long-term open wound. Symantec then provides creative research that makes that open wound look best. Talk about a conflict of interest. Symantec have been trying to demonise OS X for a long while. Shane J Pearson shanejp netspace net au
Re: Microsoft gets the Most Secure Operating Systems award
Symantec have been trying to demonise OS X for a long while. And it is going to work soon. Because OS X has no Propolice-like compiler stack protection, nor anything like W^X which makes parts of the address space non-executable, nor anything like address space randomization which makes certain attacks very difficult, especially with the previous two techniques. So when they have a bug, it is exploitable just like bugs are on any other powerpc or i386 machine running some other operating system. These days even operating systems like Vista have the above 3 security technologies. But can we get back to OpenBSD discussions?
Re: Microsoft gets the Most Secure Operating Systems award
On 3/22/07, Marc Espie [EMAIL PROTECTED] wrote: On Thu, Mar 22, 2007 at 03:28:29PM -0400, Douglas Allan Tutty wrote: Their challenge is that they need to provide choice so they have what they call reasonable defaults. No, they don't need to provide choice. At least not that many. They decide to do so. That's most of what's wrong with OS stuff these days. Too many choices. Too many knobs. Every day, I see people shoot themselves in the foot, not managing to administer boxes and networks in a simple way, making stupid decisions that don't serve any purpose. ACL, enforced security policies, reverse proxy setups, user accounts, network user groups, PAM, openldap, reiserfs, ext3fs, ext2fs... so many choices. So many wrong choices. At some point, the people who package the software need to make editorial decisions. Remove knobs. Provide people with stuff that just works. Remove options. Or definitely give them the means to do the trade-off correctly. Security comes from this. As Bruce Schneier and Niels Ferguson write in ``Practical Cryptography'', on page 12, ``There are no complex systems that are secure. Complexity is the worst enemy of security, and it almost always comes in the form of features or options.'' We try not to be as bad, to provide default configs that work, and not so many choices. Again, from the same book, ``One of the things we have tried to do in this book is to define simple interfaces for cryptographic primitives. No features, no options, no special cases, no extra things to remember.'' The fact that an OpenBSD system is secure out of the box is the main reason I started using it.
