Greetings List Lurkers,
Matt Zimmerman wants to set the record strait. I say Merry Christmas to
all!!
...and thanks Matt!
Kindest Regards,
Paul Flint
(802) 479-2360
/************************************
Based upon email reliability concerns,
please send an acknowledgment in response to this note.
Paul Flint
Barre Open Systems Institute
17 Averill Street
Barre, VT
05641
http://www.bosivt.org
http://www.flint.com/home
skype: flintinfotech
Work: (202) 537-0480
Fax: (703) 852-7089
Consilium
gratuitum .~.
valet /V\
quanti /( )\
numerantur ^^-^^
---------- Forwarded message ----------
Date: Mon, 29 Dec 2008 17:19:02 +0000
From: Matt Zimmerman <[email protected]>
To: [email protected]
Cc: Vermont Area Group of Unix Enthusiasts <[email protected]>
Subject: Re: Vbox USB blues - philosophical rant IKMMKM
On Sat, Dec 27, 2008 at 12:41:08PM -0500, [email protected] wrote:
On Fri, 26 Dec 2008, Alvin ONeal wrote:
I run `apt-get install trojans virii malware` every few months just to see,
On a practical level it is important to understand that Zimmerman, back
when he managed Debian list security, re-wrote the aptitude system to
normally force digital signature of all '.deb' packages. The result of
this is that you need to be part of a rather extensive 'web of trust' in
order to contribute code to most repositories. BTW Merry Christmas Matt!
While I appreciate your praise, I am ethically obliged to point out that:
- I've never written a line of code for aptitude, which is the work of
Daniel Burrows
- I also didn't write the original signature checking code for APT itself
(that was done by Colin Walters and Isaac Jones)
- APT doesn't check signatures on .deb packages. While it's possible to
sign .debs directly, APT instead relies on an indirect chain of trust
which verifies the integrity of the package repository which contains the
.debs. This means that a .deb on its own is not trusted, only as part of
a trusted repository. This approach makes certain types of attacks more
difficult.
My contribution to all of this was, as maintainer of APT, to bring the code
up to date and make the changes I felt were necessary to get it into
mainline and into widespread use. Much of this was hammered out in the
early releases of Ubuntu, which first brought this security feature to the
masses.
The statement earlier in the thread is true: Ubuntu will generate more
attention from attackers as it grows in popularity and prominence. Even so,
some of its fundamental characteristics, such as providing most available
applications through a trusted repository, so that users have little need to
download programs from the web, make Ubuntu less vulnerable to attack. We
also try to stay ahead of the game with proactive security features provided
by hardware, the Linux kernel, and the compiler toolchain to make
vulnerabilities difficult or impossible to exploit, and release frequent
updates to correct them when they're discovered.
Hope this helps.
--
- mdz
