[olug] OT: security through antiquity

Will Langford unfies at gmail.com
Thu Nov 6 03:56:47 UTC 2008


On Wed, Nov 5, 2008 at 9:50 PM, DYNATRON tech <dynatron at gmail.com> wrote:

> i think it's better to find a balance.
>
>
> code that's been around for a few days has many more bugs than code that's
> been around a few months.
>
> code that's been around for a few months has many more exploits than code
> that's been around a few days.
>

I'm thinking it's more along the lines of 'known knowns, known unknowns, and
unknown unknowns'.  The bugs could be there, ya just wouldn't know.  etc.
 Annnnndddd... my original post was more concerned with "i have an older
distro that does all i need and has seemingly apparently patched and secure
goodness... is it more secure than running newer fangled stuff'.


i put a win98 (FE) on the internet once with no patches or protections. it
> was just a standard install. i left the house to go jogging in the park,
> and
> i got back to a desktop full of porn links, and a start menu full of the
> same. when i say full, i mean full.       elapsed time: 2hrs.
>
> i would suggest not using legacy OS's. everyone knows how to crack them,
> including the zillions of zombie-bots out there.
>

I... can't imagine the last time I've ever put any OS nekkid on the internet
other than something that was intended to be a gateway/nat/router.

Would things care if I put OS/2 warp or ecomstation raw on the net ? Or what
about the BEOS 5 Pro CD I've got sittin around the house ?  I imagine that's
all fine with the exception of any cross-platform applications that have
application-specific problems :) (sendmail ?)

-Will



More information about the OLUG mailing list