And another Ubuntu convert!
Derek Broughton
derek at pointerstop.ca
Sat Jan 24 02:01:31 UTC 2009
Mark Kirkwood wrote:
> Robert Parker wrote:
>>
>> I personally read stuff like:
>> http://linuxmafia.com/~rick/faq/index.php?page=virus
>>
>> It's written by a sysadmin whom I have followed for years.
Followed? Or chased out of town? He used to hang out on a list I was on,
and he was often wrong and always annoying. Eventually we'd had enough...
> I think we don't, instead:
>
> - use a firewall
Mostly not necessary either - if you don't have servers, you don't need a
firewall. Which is why Ubuntu Desktop versions don't install one.
> - use a script blocker like noscript in your browser
That's really, really, pointless. The fact is, if you turn off scripting,
you lose most of the functionality of the web. Even if you just make it
prompt before running scripts you'll be driven crazy. I'd far rather block
specific domains (like adblock).
> - make sure scripting if off in your mail client
Well, no mail client really needs that...
> The article also points to the behavioural aspects of security - common
> sense about what you do and where you go:
>
> - don't run your system as root (hard to do on Ubuntu, which is good)
Actually it's very easy, and you'd be surprised how many people always have
a terminal session opened with "sudo -i". I do agree with his "social
engineering" points.
More information about the ubuntu-users
mailing list