Five Linux Security Myths
This is a discussion on Five Linux Security Myths within the Linux Security forums, part of the System Security and Security Related category; Hi! I'm doing an article for the Linux Pipeline (http://www.linuxpipeline.com/) on Linux Security: the Five Myths ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
03-22-2005
|
|||
|
|||
Five Linux Security Myths
Hi!
I'm doing an article for the Linux Pipeline (http://www.linuxpipeline.com/) on Linux Security: the Five Myths Of Linux Security. Any ideas? Thanks! Ross 
|
|
03-22-2005
|
|||
|
|||
|
Re: Five Linux Security Myths
On Tue, 22 Mar 2005 13:00:14 -0500, Ross M. Greenberg wrote:
> > I'm doing an article for the Linux Pipeline (http://www.linuxpipeline.com/) > on Linux Security: the Five Myths Of Linux Security. > Have you read Toxen's book "Real World Linux Security"? http://www.amazon.com/exec/obidos/tg...l/-/0130464562
|
|
03-22-2005
|
|||
|
|||
|
Re: Five Linux Security Myths
Already on order!
"HansF" <News.Hans@telus.net> wrote in message news:pan.2005.03.22.19.26.11.676458@telus.net... > On Tue, 22 Mar 2005 13:00:14 -0500, Ross M. Greenberg wrote: > > > > > I'm doing an article for the Linux Pipeline (http://www.linuxpipeline.com/) > > on Linux Security: the Five Myths Of Linux Security. > > > Have you read Toxen's book "Real World Linux Security"? > > http://www.amazon.com/exec/obidos/tg...l/-/0130464562
|
|
03-23-2005
|
|||
|
|||
|
Re: Five Linux Security Myths
Ross M. Greenberg wrote:
> I'm doing an article for the Linux Pipeline > (http://www.linuxpipeline.com/) on Linux Security: the Five Myths Of Linux > Security. > > Any ideas? If you've only progressed to the point of soliciting ideas on newsgroups, how on Earth do you know that the appropriate number is five? -- Peter Pearson To get my email address, substitute: nowhere -> spamcop, invalid -> net
|
|
03-23-2005
|
|||
|
|||
|
Re: Five Linux Security Myths
After takin a swig o' Arrakan spice grog, Peter Pearson <ppearson@nowhere.invalid> belched out:
> Ross M. Greenberg wrote: > >> I'm doing an article for the Linux Pipeline >> (http://www.linuxpipeline.com/) on Linux Security: the Five Myths Of Linux >> Security. >> >> Any ideas? > > If you've only progressed to the point of soliciting > ideas on newsgroups, how on Earth do you know that the > appropriate number is five? There's a reasonable explanation for that... People tend to be able to hold 7 plus-or-minus 2 separate things in mind at any given time. (Add more things and something generally falls out...) But the editor, who decided the number, knows that his readership are less skillful than the average, and therefore chose 5. - Having more than five items would make the article too long - Having more than five items would confuse the readers - Having more than five items would prevent the author from writing a followup article with another five... -- output = reverse("moc.liamg" "@" "enworbbc") http://linuxdatabases.info/info/wp.html Mental health is overrated!!
|
|
03-23-2005
|
|||
|
|||
|
Re: Five Linux Security Myths
Actually, my editor came up with the proposed title.
"Peter Pearson" <ppearson@nowhere.invalid> wrote in message news:yP20e.6792$Fq1.6698@fe06.lga... > Ross M. Greenberg wrote: > > > I'm doing an article for the Linux Pipeline > > (http://www.linuxpipeline.com/) on Linux Security: the Five Myths Of Linux > > Security. > > > > Any ideas? > > If you've only progressed to the point of soliciting > ideas on newsgroups, how on Earth do you know that the > appropriate number is five? > > -- > Peter Pearson > To get my email address, substitute: > nowhere -> spamcop, invalid -> net >
|
|
03-23-2005
|
|||
|
|||
|
Re: Five Linux Security Myths
> > > > If you've only progressed to the point of soliciting > > ideas on newsgroups, how on Earth do you know that the > > appropriate number is five? > > There's a reasonable explanation for that... > > People tend to be able to hold 7 plus-or-minus 2 separate things in > mind at any given time. (Add more things and something generally > falls out...) > > But the editor, who decided the number, knows that his readership are > less skillful than the average, and therefore chose 5. Bingo! > > - Having more than five items would make the article too long Bingo! > > - Having more than five items would confuse the readers Bingo! > > - Having more than five items would prevent the author from writing a > followup article with another five... One can hope..Each article == $$$
|
|
03-30-2005
|
|||
|
|||
|
Re: Five Linux Security Myths
In article <1140n9fe9cum11b@corp.supernews.com>,
"Ross M. Greenberg" <greenber@catskill.net> writes: > Hi! > I'm doing an article for the Linux Pipeline (http://www.linuxpipeline.com/) > on Linux Security: the Five Myths Of Linux Security. > > Any ideas? > > Thanks! > I don't pretend to have read all of the other thread, but it seems to me that so far, there's been tons of debate and discussion, but no numbers. So, interpreting your "Five Myths..." in the way *I* wish to: Myth #1: Linux's security is only because it's a minority platform, if it had Windows' numbers, the story would be different. Simple answer: While Linux may not be bulletproof, it does have some fundamental design decisions that help it be better than Win9x. It also has a different attitude amoung its application developers so that only software that truly *requires* root must be run as root, unlike much WinNT-family software. Even though the WinNT family may have good security architecture, the software culture degrades it in practice. (BTW, from what I hear, closest to that "bulletproof" are OpenBSD and VMS, at least for general-purpose Operating Systems. Myth #2: Linux can't really be secure for desktop usage, because it has no widespread anti-virus programs, and the like. Simple answer: Mostly not needed, thought this *may* change with a larger userbase. Currently Linux email programs are not sufficiently *integrated* to cause real problems, plus current users are pretty well educated not to simply click on attachments. Beyond that, because Linux users are not supposed to run as root, a virus would need to get executed by the user *and* have a priviledge escalation exploit handy in order to do real damange. It's late, it's been a long day. If nobody else comes up with 3, 4, and 5, or knocks some of mine down replacing them with better ones, maybe I can put up some more tomorrow. Dale
|
|
04-01-2005
|
|||
|
|||
|
Re: Five Linux Security Myths
dale@edgehp.invalid wrote:
> In article <1140n9fe9cum11b@corp.supernews.com>, > "Ross M. Greenberg" <greenber@catskill.net> writes: > >>Hi! >>I'm doing an article for the Linux Pipeline (http://www.linuxpipeline.com/) >>on Linux Security: the Five Myths Of Linux Security. >> >>Any ideas? >> >>Thanks! >> > > I don't pretend to have read all of the other thread, but it seems to > me that so far, there's been tons of debate and discussion, but no > numbers. So, interpreting your "Five Myths..." in the way *I* wish to: > > Myth #1: Linux's security is only because it's a minority platform, if > it had Windows' numbers, the story would be different. > > Simple answer: While Linux may not be bulletproof, it does have some > fundamental design decisions that help it be better than Win9x. It > also has a different attitude amoung its application developers so > that only software that truly *requires* root must be run as root, > unlike much WinNT-family software. Even though the WinNT family may > have good security architecture, the software culture degrades it > in practice. (BTW, from what I hear, closest to that "bulletproof" > are OpenBSD and VMS, at least for general-purpose Operating Systems. > > Myth #2: Linux can't really be secure for desktop usage, because it has > no widespread anti-virus programs, and the like. > > Simple answer: Mostly not needed, thought this *may* change with a > larger userbase. Currently Linux email programs are not sufficiently > *integrated* to cause real problems, plus current users are pretty > well educated not to simply click on attachments. Beyond that, > because Linux users are not supposed to run as root, a virus would > need to get executed by the user *and* have a priviledge escalation > exploit handy in order to do real damange. > > It's late, it's been a long day. If nobody else comes up with 3, 4, and > 5, or knocks some of mine down replacing them with better ones, maybe I > can put up some more tomorrow. > > Dale How about: Frequently changes passwords improves security and the related myth: Never write down passwords. -Wayne
|
|
04-02-2005
|
|||
|
|||
|
Re: Five Linux Security Myths
Thanks, Wayne!
Seems that, generally, all the actual myths regarding Linux Security have been adequately addressed by Linux itself! Now just to mention, and counter, them. Again, thanks. Ross "Wayne" <nospam@all.4me> wrote in message news:ww43e.21222$Pc.5693@tornado.tampabay.rr.com.. . > dale@edgehp.invalid wrote: > > In article <1140n9fe9cum11b@corp.supernews.com>, > > "Ross M. Greenberg" <greenber@catskill.net> writes: > > > >>Hi! > >>I'm doing an article for the Linux Pipeline (http://www.linuxpipeline.com/) > >>on Linux Security: the Five Myths Of Linux Security. > >> > >>Any ideas? > >> > >>Thanks! > >> > > > > I don't pretend to have read all of the other thread, but it seems to > > me that so far, there's been tons of debate and discussion, but no > > numbers. So, interpreting your "Five Myths..." in the way *I* wish to: > > > > Myth #1: Linux's security is only because it's a minority platform, if > > it had Windows' numbers, the story would be different. > > > > Simple answer: While Linux may not be bulletproof, it does have some > > fundamental design decisions that help it be better than Win9x. It > > also has a different attitude amoung its application developers so > > that only software that truly *requires* root must be run as root, > > unlike much WinNT-family software. Even though the WinNT family may > > have good security architecture, the software culture degrades it > > in practice. (BTW, from what I hear, closest to that "bulletproof" > > are OpenBSD and VMS, at least for general-purpose Operating Systems. > > > > Myth #2: Linux can't really be secure for desktop usage, because it has > > no widespread anti-virus programs, and the like. > > > > Simple answer: Mostly not needed, thought this *may* change with a > > larger userbase. Currently Linux email programs are not sufficiently > > *integrated* to cause real problems, plus current users are pretty > > well educated not to simply click on attachments. Beyond that, > > because Linux users are not supposed to run as root, a virus would > > need to get executed by the user *and* have a priviledge escalation > > exploit handy in order to do real damange. > > > > It's late, it's been a long day. If nobody else comes up with 3, 4, and > > 5, or knocks some of mine down replacing them with better ones, maybe I > > can put up some more tomorrow. > > > > Dale > > How about: Frequently changes passwords improves security > and the related myth: Never write down passwords. > > -Wayne
|
Linear Mode
