Question Regarding Ubuntu Linux Security vis-a-vis other O.S.s
Matt Burkhardt
mlb at imparisystems.com
Sun Aug 30 17:20:58 BST 2009
I think it's very interesting that both links in that posting are
invalid. Microsoft often pays people to post in blogs promoting their
software - sometimes those people think misinformation is the same.
On Sat, 2009-08-29 at 17:00 -0400, Craig Younkins wrote:
> >
> > "The very first computer worm affected Unix exclusively, and Linux machines
> > are particularly easy to penetrate -- MUCH easier than Vista boxes -- when
> > you know how to do it - especially since its all open source code which
> > makes it easier to hack!"
>
>
> Short answer: No, you don't have much to worry about.
>
> What type of attack?
> - Network based attack: Ubuntu ships with no open ports, unlike Windows. How
> do you attack a machine without any open ports?
> - Browser based attack: First, there must be an exploit in the browser, so
> it depends on the browser. Firefox is a lot more secure than IE. After
> exploitation of the browser, the attacker has privileges of the running
> user, bringing me to...
> - Any attack: To do something serious on a *nix machine, you need root
> access. To sudo, this requires the user's password. On XP, the default user
> is administrator, who can do serious damage to the system.
>
> As for the "open source" comment - this guy seems to think that you can hack
> anything where the source code is known. Of course, this is completely
> false. The most secure systems are open so that many people can *try* and
> break it. Researchers analyze open security systems to find bugs and
> possible, even theoretical exploits. There are many many bugs in
> closed-source software.
>
> Consider this - In closed-source software, there is very little
> incentive/motivation to close security holes. Who's gonna know?
>
> --
>
> Craig Younkins
> Mobile: (301) 520-0463
> Website/Blog <http://cyounkins.blogspot.com/>
> Twitter<http://twitter.com/cyounkins>
> Facebook <http://www.facebook.com/profile.php?id=658596880>
> Please note: I have started using the Getting Things
> Done<http://www.amazon.com/Getting-Things-Done-Stress-Free-Productivity/dp/0142000280/>system,
> and no longer check my email like a madman. If it's important, call.
>
>
> On Sat, Aug 29, 2009 at 4:26 PM, Nathan Bahn <nathan.bahn at gmail.com> wrote:
>
> > Attention all--
> > In this forum<
> > http://voices.washingtonpost.com/securityfix/2009/08/snow_leopards_anti-malware_fea.html?hpid=news-col-blog
> > >a
> > user states that, "Linux machines are particularly easy to
> > penetrate...."
> > How concerned should I be about Linux malware?
> > --N.B.
> > --
> > Ubuntu-us-md mailing list
> > Ubuntu-us-md at lists.ubuntu.com
> > Modify settings or unsubscribe at:
> > https://lists.ubuntu.com/mailman/listinfo/ubuntu-us-md
> >
More information about the Ubuntu-us-md
mailing list