[olug] Re: Linux??? [7:79346]

Michael Ray mikejodi68041 at yahoo.com
Thu Nov 27 07:14:39 UTC 2003 

Yes with this ---Microsoft Hot Dog Stand & Windows
Security Operations certificate could I serve fries
with that 

MR. Newbeeee
 
> , but you won't find any serious security neal
rauhauser <neal at lists.rauhauser.net> wrote:
> 
>    This looks like it might be trollwords, but then
> again maybe not
> supernet wrote:
> 
> > On 16 Nov 2003 at 17:59, supernet wrote:
> >> 
> >>1. I understand that Linux is open source. But
> isn't open source a
> >>security hole? A friend of mine who is a security
> expert said that 
> 
>    Open Source means code gets looked over by many
> eyes and in some 
> cases formally audited(OpenBSD comes to mind). It is
> *way* better than 
> some proprietary OS where you have to hope the
> vendor will repair the 
> problem.
> 
>    Your friend isn't much of a security expert,
> sounds like he might 
> have the Microsoft Hot Dog Stand & Windows Security
> Operations 
> certificate, but you won't find any serious security
> practitioner who 
> believes that anything M$ does is secure when
> attached to the public 
> internet - they tend to favor OpenBSD for high
> exposure environments and 
> will generally take *any* OpenSource/FreeSoftware
> system over Windows no 
> matter what the system's role will be.
> 
> > 
> >> Red Hat had whole lot more security patches than
> Microsoft. Is it true?
> 
>    Red Hat is one Linux distribution, and not a
> particularly good on in 
> my  opinion. If you want to compare security issues
> you must look at a 
> security specific OS like OpenBSD, rather than a
> general purpose desktop 
> or enterprise server centric OS like RedHat. I
> suppose if you *must* do 
> Linux rather than a BSD derivative I'd start with
> Gentoo or Debian.
> 
>    And it is foolish to count security patches -
> count incidents. Maybe 
> FreeBSD has double the security patches for M$, but
> are they counting 
> patches for the OS itself and the three THOUSAND
> packages that it can 
> install from ports? probably. Are they counting
> theoretical 
> vunerabilties related to buffer overflows that get
> fixed before there 
> are any exploits in the wild? probably.
> 
>    Incident wise over the last four years M$ has had
> many events where 
> their stuff got rooted all at once and caused global
> problems, while the 
> last time I can recall something like that happening
> with unix was the 
> famous Morris sendmail event of 1988.
> 
> 
> 
> 
> >>2. Since Linux is open source, it's much cheaper
> than other 
> > operating systems. But I always believe you get
> what you paid for. What if 
> > there s something wrong with it? What if something
> happens and your 
> 
> 
>     There are some distributions (RedHat, SuSe) that
> have companies that 
> provide support behind them. In general if you're
> using a front line 
> program on a mainline distribution you'll get
> excellent support. Note 
> that support in the open source/free software world
> does NOT mean 
> someone to shield you from the results of your
> ignorance. Unix is user 
> friendly, but its fussy about who it hangs out with
> - if you're clueless 
> I'd kindly suggest you stay with windows since
> you've got a.) support 
> and b.) an immediate goat when stuff doesn't work.
> 
> > CIO
> > 
> >>stands behind you? Who do you call for support?
> >> 
> >>3. I know some big companies, like IBM, are moving
> to Linux too. 
> > Are they going to use open source? If not, isn't
> it become another 
> > flavor of UNIX? Like SCO or Solaris?
> 
> 
>    *sigh*
> 
>     SCO is dead meat, Solaris might end up in the
> same boat if they 
> don't  figure out a new strategy, SGI is already on
> the death watch, and 
> the story is the same for the rest of the
> proprietary unix derivatives.
> 
>     A large portion of 'unix' these days is the GNU
> programs from the 
> Free Software Foundation. Linux is just a kernel
> that happens to get 
> bundled with distributions that use the GNU stuff.
> BSD and its 
> derivatives (FreeBSD, OpenBSD, NetBSD) all descend
> from the BSD code but 
> they include much stuff that is under the GPL (FSF
> license) rather than 
> under the BSD license.
> 
> 
>    Any more questions?
> 
> 
> _______________________________________________
> OLUG mailing list
> OLUG at olug.org
> http://lists.olug.org/mailman/listinfo/olug


__________________________________
Do you Yahoo!?
Free Pop-Up Blocker - Get it now
http://companion.yahoo.com/

More information about the OLUG mailing list