On 04/08/2010 04:21 PM, Robert Holtzman wrote:
> On Thu, 8 Apr 2010, Basil Chupin wrote:
>
>
>> On 08/04/10 05:07, Robert Holtzman wrote:
>>
>>> On Wed, 7 Apr 2010, Basil Chupin wrote:
>>>
>>>
>>>
>>>> On 07/04/10 16:58, Robert Holtzman wrote:
>>>>
>>>>
>>>
>>>>> I don't pretend to be an authority on security but from what I
>>>>> understand malware can take advantage of holes in applications without
>>>>> having to crack the system password. Anyone want to correct me?
>>>>>
>>>>>
>>>>>
>>>> I am not a security expert either but what makes Linux 99.9999% more
>>>> secure than the "other" [ugh!] is that to do any damage to the system
>>>> one has to execute a program as ROOT - this is what the OP really meant
>>>> by the reference to 'password and name'. If some malware does get thru
>>>> and somehow gets activated then the only damage it may be able to do is
>>>> only to whatever is the user's HOME directory; want to do anything
>>>> outside your own HOME directory you need become root (using sudo for
>>>> example) and then also provide a password.
>>>>
>>>>
>>> That's the standard story when speaking of linux security
>>>
>>
>> But, but.....
>>
>>
>>
>>> and it's
>>> correct as far as it goes. The problem for a home user is that if your
>>> home directory where you keep personal data gets corrupted/trashed by
>>> malware and you don't have a ***recent*** backup you have a big problem.
>>>
>>>
>> ...this applies to every operating system and not just a Linux distro.
>>
>> Nevertheless, your chances of being 'hacked' by using a Linux distro are
>> negligible so you are already way ahead on points :-)
>>
> I never claimed otherwise.
>
>
>>> It's not a big deal to reload the OS and software but unbacked up
>>> personal data can be lost.
>>>
>>>
>> Firstly, you shouldn't have sensitive data sitting on your computer -
>> your computer doesn't have to be hacked for you to lose your data: the
>> computer could be stolen. And secondly, do backups of your data - the
>> only "sensitive data" which I have is my Thunderbird mail so I backup
>> this up at least daily (as well as the Firefox directory).
>>
> All very true. Care to take a guess about how many *average home users*
> do this? Also, all this came about because Karl was of the opinion that
> he didn't need no stinkin' security updates because his name (username?)
> and password kept him safe. Then someone (you?) agreed with him saying
> that *only* his home user account would be affected by malware. I was
> pointing out that the average user's user account was the most
> important one to him.
>
>
I have learned that 8.04 will continue to be updated through
2011. By then congress we hope will be Republican and we have a do
nothing government, the best kind.
73 Karl
--
Karl F. Larsen, AKA K5DI
Linux User
#450462 http://counter.li.org.
Key ID = 3951B48D