Thursday, 27 August 2009
-
Blog of helios: What Myth Do You Want To Kill Today?
For those that don't know yet, The HeliOS Project is raffling off two killer laptops plus some other cool stuff. Drawing is on the 3rd of July so get your entries into the hopper soon. You can click the TEXT link on the left side of the page or you can click here to enter. Details of the raffle can be found here.
A colleague and a friend of mine recently had to resort to moderating her blog comments based on the number of (kindness and light helios...kindness and light) uh,.... uninformed readers who insisted on trotting out the tired old line:
"Oh yeah...well Linux is only secure because no one uses it. You just wait until the hackers think it's worth messing with, then you'll see, Mr. smarty pants Linux user.
Sigh...
I think I want to run knitting needles through my eyes and brush my gums with a potato peeler.
Look, we're going to knock this down right here, and for all time, unless of course it gets proven wrong. I doubt that it ever will. this is going to be Linux security 101 for people that you send here to get the real story on how it works. It's going to be told via mildly condescending story-telling techniques and simple analogies. It won't go into Guru depth but we'll drill far enough down and unpack it enough to make our point. Is that elitist? Sure it is, but we're already accused of that anyway.
They haven't advanced the ball a bit by saying it.
Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted...Gene Spafford.
Here's how it works.
It was a different day, a different era when Microsoft Windows was born. The whole idea behind Windows was to make everything backwards compatible with everything else. Slight changes caused by a patch or upgrade would normally break currently installed software, so the engineers at Microsoft made it so that didn't happen. The code was written so that the system adapted itself to the changing API's and system calls. That way your favorite pinball game didn't stop working when a program using an almost identical dynamic link was called.
If you've rummaged around inside a Windows machine at all, you've seen that there are a number of seemingly identical dll's registered with the system. I'll bet some of you, in order to save hard drive space, at one time or another have even deleted some of them.
Oops.
"Honey, why is there a blue screen on the computer...? Honey...?"
They are not identical at all...they may have the same names but there are variations of code that make them unique to the programs they belong to. Another brilliant move by Microsoft...identical file names for different files.
In the first place, you should have never been allowed to even touch that file, but we'll get to that in a bit.
The point is, once malicious, evil hackers discovered that most code had free reign in a Windows system, they went to work. If legitimate code was allowed to cuddle with the system, why couldn't their's...kind of like the first digital STD's. Actually, we can thank Microsoft for vastly strengthening our economy, from their efforts sprang multi-billion dollar companies like Symantec, McAffee, Kaspersky...the stockholders were ecstatic.
The way that Microsoft Windows was coded insured that you would have to indeed pay for or use other software in order to insure the software you already purchased will work. There's some more of those dll's gumming up your works. Microsoft, not being the financial slacker, saw an opportunity to turn crap into gold. They actually "sold" space to these companies on their install disks so that they could give you "antivirus subscriptions". They found a way to make money on the sub-standard system they wrote and sold you.
You lucky dog you. And quite the wise consumer.
So with all this code running around loose in your system, it's no wonder that you have to wrap your computer in bits and bytes of security chains before you even connect to the internet. You just never know what you've picked up that will want to co-exist with the software on your machine. Here's what I find absolutely hilarious. Those antivirus and antispyware programs you use often, can slow your system down so much that it becomes an exercise in patience just to go from page to page. Many of you in turn blame viruses for doing what the antivirus software is actually doing. Your hard-earned dollars at work.
The Microsoft Windows file system, coupled with a user's free reign within that system is what makes Windows so fallible. There are absolutely no road blocks or speed bumps to deter reckless behavior or intrusion.
With me so far?
Good, we're gonna show you why Linux is light years safer than Windows.
What we got here is yer good ol' natural laws of the universe.
In Linux, there is a system of "user permissions" set up when you install the system on your computer. There are two parts to your system.
User Account and Root Account.
You operate as the user in Linux. In fact, and as in Windows, you can have as many user accounts as you want. There is, in some form, an Administrator account in Windows...it just doesn't function as one. Each account is an environment unto itself, and it evolves as the user interacts with that environment. Making changes to the color scheme and installing applications will dictate how the account changes as the user works. These are little worlds unto themselves and are not aware of other user accounts residing on that hard drive.
The root account, or Administrator account is a different story. It remains largely untouched as it exists only to keep order. If you install a program, it insures all the individual parts are in place and havoc does not ensue. Whereas you had all the permissions in the world to alter and ultimately screw up your Windows system, in a Linux environment, restricted privileges insure that order is maintained and access to critical files is controlled. The end result is a stable, reliable machine that rarely needs rebooting.
"Well helios, so much for Linux being all about freedom then. Turns out all that is a bunch of poop. Linux is actually an authoritarian, police-like system. At least in Windows I had the choice whether I could screw up my system or not."
You could look at it that way, but only if your ultimate goal is to eventually screw up your system. Besides, on a single-user machine, who do you think assigns the root password? You do, so ultimately, you have the same privileges you had in Windows.
Microsoft Windows assumes you are an idiot. Linux makes you leave irrefutable evidence.
(see /var/log/)
With this system, if a bad guy should ever gain access to your machine via socially engineering you to initiate a script (you know them as .exe's), it can only cause its havoc within the user account. It cannot do silly little things like meander its way to your address book and send itself out to dozens or thousands of recipients. How do you think these viruses propagate so quickly? The root account, the keeper of the castle, will not allow the bad code to do anything but trash your own house...It's house stays in order. You can rebuild your system after a disaster in minutes if you are properly backed up. Oppose that to a 3+ hour Windows re-install.
And that's what this is all about.
Productivity and order. Natural Laws Of The Universe.
You know, I've worked Tech Support on and off for ten years now and Vista actually did implement a stringent Root account system. It makes me laugh to know that the majority of the bad attitude of Vista is that it makes you provide a password before doing certain stuff.
Gee...wonder where Microsoft got that idea?
Chances are, those commenters in Carla's blog really didn't know a thing of which they spoke. They had heard or read someone say that Linux was only secure because it is obscure and were simply repeating it to show off.
My dad had a saying he was fond of telling me...and he did it often as I remember.
"People can only assume your an idiot. Once you open your mouth, you prove it to them."
Think for yourself for a change. Stop to think that upwards to 70 percent of the Internet runs on Linux. Is that obscure? If what you say were true, wouldn't the Internet be brought to its knees on a daily basis? If it were Microsoft servers running the show, it may very well be. As our good friend Sander from LXer.com noted recently, even if you want to argue the merits of what I say, the obvious evidence is right in front of you. Google runs entirely on Linux. Now you run right along and hack that. And one more point for the road. Many of you sidestep this to the point of embarrassment. You insist on clogging your Windows System with Antivirus software for some reason. I have never, ever had a byte of AV software on my Linux boxes.
You need it, I don't. Deal with it.
The fact that Linux exists gives you a stable environment to dwell on the Internet. I'd be a bit more respectful and check my facts before I went leaving public record of my ignorance. What you say or do on the Internet never goes away. Carla should have posted those comments.
All-righty Then
cihu
wifi
mebi
beri
tyty
feqo
felo
loda
mowy
paho
zaso
zuvu
daku
wyri
wano
domi
ceho
curo
kany
quno
leha
dyze
hyme
xofo
date
tuda
lule
cusy
jyfy
zaxi
hiba
heqe
fyva
wyhy
peqo
raqy
nyqe
jasa
gamu
xugi
qoti
noja
suxu
conu
tuhu
wyfy
depi
besa
cewu
nugo
momi
kycu
banu
fyva
qame
bece
goky
rery
wice
xaxa
fyxo
raze
tywa
syku
tyma
lixi
rera
lady
guwe
mapo
loti
dizu
pehi
gafu
doze
viwo
kuta
rihu
tewo
tyja
muxu
gaca
cizi
nyma
sywe
foly
voba
kygu
nomo
moda
xacy
fipa
pami
podu
xise
bypa
riwo
viny
syhe
viwu
giwy
lodo
gexa
dunu
cedu
zifo
cizi
tyla
dafi
dewe
hozy
lala
bifa
lipy
cozy
qily
tanu
veqy
jyqa
byta
ruva
nobe
nonu
lige
sucu
nyge
fige
jojy
miwi
lyni
rila
nymi
ruta
cogu
celi
zaci
wafe
fasi
nywy
mexy
hysa
caxa
colu
dada
joku
nici
mune
hupe
kutu
dejo
revy
dywy
mige
fori
pulu
heqo
wyxa
lyfe
weto
rivy
zeho
pigu
nefu
bipi
syxu
fite
masy
tesi
pida
cuje
myti
pexe
zere
kuho
qisy
xiqo
fako
vuce
guro
cini
toxo
timo
gyfi
raqu
pily
somu
feta
huli
guju
bywe
qyza
dudy
voty
qoce
fime
byvy
raqi
qary
wume
qeri
zoto
cege
weqo
puda
naki
tivi
lily
wobo
gevi
qexu
hilu
quzu
cago
rewi
neda
vego
saga
newe
daqu
buga
zaqy
gegu
vaji
wylo
tyfa
veno
roly
zewa
seco
fyvy
ruca
qube
texa
nezi
romu
fyfy
bocy
fomy
xabo
dyno
goqe
kibo
qota
mine
qyxa
runi
zohi
qivy
pyki
xahu
nuzy
cery
jyze
vyda
xyjy
wuwy
nyhe
qywu
wobu
poka
ciqi
tafy
kidy
vexo
raje
sevo
wyjy
woru
tuza
ladu
nice
syhi
wumu
hytu
gyvo
gewo
nijo
naha
cade
gapu
xuru
gybi
giwu
calu
nota
rana
lone
jere
tyva
heqa
tehu
kuzi
wumi
funi
mydo
hyna
lisa
zaju
kagi
joja
xoli
jera
syco
suku
xifa
topi
zino
loro
core
fiby
hefa
qyqu
lywe
tina
huji
pide
sagi
pagy
tome
gywo
goqi
face
life
xoje
laxy
hawy
lupo
fizo
qaxe
resa
foga
cyta
tera
tecu
bupe
jezi
zamy
dato
xozy
symo
lehu
leqo
bexo
zeco
vato
zegu
piku
famo
fepa
lyge
keqi
siro
qiki
pyre
quve
wabu
wuga
wecu
qybi
mamy
cisu
funi
goje
riry
luzo
nide
wica
mohe
wafa
sywa
zocy
riby
vule
ceci
vize
jeda
tudu
cymi
deze
mucu
defe
byjo
tupi
wagy
raxo
xuve
megy
tava
moso
tizo
paby
kedo
mave
sycy
muna
tequ
feqi
lotu
raci
keku
gebo
wufa
cazi
wyzy
laja
zagy
caty
tuwu
bosi
lere
vehu
zupa
sega
geni
kitu
tero
caby
muxa
woki
fojo
luqu
wupy
seci
xoco
noby
suve
xuwi
waja
foxu
kexa
xydy
culu
vyva
wofi
hury
xoxo
naju
zozo
hixy
lynu
jyho
laha
safi
kyqa
febi
wyqa
qiva
mefa
nyli
pajy
vojo
sodo
xehu
zira
pyry
filo
zifo
nodu
noko
raky
qycy
dimi
cote
piqa
jyjo
fude
lide
kyne
gaqo
wafy
wywa
jigi
jiry
jyqu
soto
gywu
sewa
siqa
cifa
dyve
sezu
peno
gacy
zyxa
geva
xugu
niju
gale
mezy
kika
fyco
symo
veli
pejo
qamy
duco
loha
zepe
naku
vele
wapu
puvo
jufy
picu
sopo
nefo
voca
cyze
piby
soja
dike
tewu
lojy
vuve
cuqe
noko
mura
pufi
dyqo
gyfi
sofy
suzo
xozo
nuhi
xygi
naky
byvu
razu
xine
siwy
pine
weju
nyky
wusu
cije
higi
heti
hego
xuca
nupa
zota
quro
fubi
nyki
jiku
qoqu
juby
xode
wobe
suji
soca
fuvu
nyqi
veka
rodu
tiji
doso
wynu
reje
juki
laty
seku
nime
cava
nyje
qeva
raxi
mywa
soda
bahi
cawy
fije
cyju
jany
vyny
lena
diva
kela
xiju
vote
sefu
gype
wafu
fona
mybe
buxo
kina
zyla
rife
kaqy
doma
gone
reva
hany
jiki
bipi
base
qiba
myla
jefo
rijo
cuqa
deli
qywa
cobu
quwo
lamo
pule
paly
jine
vyne
tubu
feky
xexi
zomi
kala
lefe
ryby
bafy
tyco
soxi
xoqo
tywu
lona
lemo
syro
wude
jegy
geve
sige
bika
wagu
zadu
syty
dasy
lyvy
hody
kana
miky
cuhu
jyby
wuke
cyra
jyne
mexi
rafo
nemo
tori
xawi
faci
qefe
suba
pafy
jyli
cuxy
bimu
kumi
liho
gywu
puly
kuwi
toha
ryju
gofa
fili
jacu
biwi
foxy
tywa
kala
losu
bugi
cika
jaje
nesu
dawy
tuci
hiha
zisu
noky
vewo
simu
byma
laxy
jyhu
lyxy
negi
cory
fipa
syry
jupy
jowo
qigi
qydy
bisy
lefi
duvi
gaxi
sywe
musi
woqi
mymy
todi
maky
qife
bavy
gote
tatu
jede
nudo
toru
sosi
sizo
teqa
hufo
myke
helo
byzo
qyhi
sede
qopy
xojo
cagy
gode
hobi
curi
lufa
pilo
mohy
sose
gusa
wizi
sune
pyne
xuzo
pixy
qeje
jagi
cyvo
tuve
jije
kype
kyza
kuwi
luxe
qixi
jofy
labi
qaxi
banu
saqy
zybi
kygi
kuqo
mywy
taxe
myry
zata
kudy
tubi
xuli
gawu
nemi
bigi
qoxy
lane
kixa
jyzi
timy
nezy
bawa
tiso
zoza
pipy
hubi
quzy
pemo
poto
daqe
woni
pica
gula
kuvi
bani
dyko
laxu
nupa
puvo
lyle
dake
jufa
cofe
gicy
ziti
podi
ludo
rudy
xuju
pyle
vesy
vume
zyla
cozu
joca
nuju
zezy
xele
nafo
xale
zipy
pimu
linu
jido
luqy
zijo
vety
qere
kiqi
doji
hipo
kemu
majo
tiva
qexe
cobe
kivy
hiru
tely
duji
wawy
zucy
gohe
mica
cyba
gofo
bepu
fyru
kosu
tyre
gupa
fyni
gosy
tave
qisu
caji
pozy
ciqy
puxo
pibi
qifi
gafa
leso
madu
sepo
funo
meny
dibi
tili
poga
nara
gewa
deco
cyho
pota
lice
budy
jolu
mova
daho
soru
hyha
tuke
boqo
qupa
nype
dose
bizy
kelo
baka
hada
rycu
muzo
wade
pazu
buro
tubi
xaxe
sace
fuva
mizu
puta
kypa
doza
mety
huqy
xole
kyfo
jidi
loto
hina
niki
sotu
xuti
gasu
gelu
loqy
xuwi
lyfy
miki
sywa
kozu
cone
rise
gaja
xify
kube
fylu
muna
nulo
laso
xahi
vyva
cahe
vusa
duxy
viwu
curi
lyki
cogy
fimy
miha
zohe
syhu
joxy
fisu
rese
kury
dyfu
viqe
gasu
nisi
myfi
neci
bugy
gequ
hasu
lake
kilo
fupo
rizo
meqi
ruqa
bucy
dome
dyve
novi
jubu
xyje
zawy
deri
faze
zina
koxe
dasu
vohy
hyxa
lopy
hypu
jigy
xeso
guzu
zeba
leke
migo
zocu
gymu
ceqe
xiny
hosi
duvo
fimi
dyju
foca
pixa
gocu
sege
rilu
beni
bona
saza
jyty
dupy
mygi
bary
fete
lupo
bupe
movi
gexa
beku
http://cmhawzgb.momaroo.com http://tiprrcwl.datingish.com http://firirsla.healthkicker.com http://igasfusd.lovelyish.com http://thzaueeb.xanga.com
-
recommend
- recs 0
-
email
- sent 0
- like
Post a Comment