Go Back   Hardware Canucks > SOFTWARE > O/S's, Drivers & General Software

    
Closed Thread
 
LinkBack Thread Tools Display Modes
  #21 (permalink)  
Old June 6, 2010, 02:10 PM
m1dget's Avatar
Allstar
 
Join Date: Nov 2008
Location: Terrebonne, Qc
Posts: 707

My System Specs

Default

Quote:
Originally Posted by chriskwarren View Post
If you argue that its secure or not, then you could easily argue that there is no security at all for any OS, as all of them have been compromised.

Security is more of a 'discouragement.' The more security you have, the harder it is to be hacked, but it is never possible to be secure if you only have two choices like you suggest M1dget. The world is not that simple thankfully.
For an OS some part of it are secure, some part are not and there's different layer of security to it so you can't go straight out and say that it's secure or not. It's layer and application dependant.
__________________
"NIX is a classic example of security through obscurity because there is no real monetary reward for crackers and hackers to break Linix" -AkG
  #22 (permalink)  
Old June 6, 2010, 03:13 PM
AkG's Avatar
AkG AkG is online now
Hardware Canucks Reviewer
 
Join Date: Oct 2007
Posts: 4,332
Default

dude you have a very interesting idea on what security means. There is no black and no white when it comes to the real world. By YOUR definition of security, the only truly secure system is one that is locked in a vault and never used and has no programs installed on it (as they are another attack vector). There are plenty of middle ground areas where on a case by case basis a competent IT security admin has to look at and weigh the pros and cons. Once again you show your lack of real world understanding. Im sure in your world nix is wonderful and all its users are perfect....the rest of us live in the real world so the "people equation" actually matters. As it stands windows users are on the average a bit more savy then the avg apple user. I am completely discounting Linuix as it is a niche OS that really isnt big enough to have a real cross section of computer users. The avg nix user is most likely more tech savy then the avg windows user...but then again they HAVE to be.

NIX is a classic example of security through obscurity because there is no real monetary reward for crackers and hackers to break Linix. Why spend time and effort probing for a hole that will affect 2 or 3 people out of a hundred when you can do it for 90+. Once again no OS is secure. This is a fact. ANYTHING man made has flaws. There are plenty of ways to break nix systems just like any other OS. A lot of them just haven't been discovered because its not worth the time and effort to do so. If you think nix has no holes and thus needs no patching....LOL, not even going to go there as you seem bright enough to actually count above 10 w/out taking off your shoes ;)

I did intrusion detection for a living so unlike you I know what I am talking about when it comes to security. Im not a dilettante, or arm chair general. Im sure your OS gives you warm fuzzy wuzzies at night, but you are sadly mistaken if you think that its this uber perfect system that cant be hacked. Before windows, Unix was the only "real" OS out there for servers and yes they did get cracked. Just like Novel did and was hacked. If you were around back then you would know this. Obviously you werent. Obviously your ideas need a few more years of real world experience to temper your enthusiasm. Me I think all OS's and ALL users are royal pain in the arse (especially the "power user" who thinks he knows it all...they are the worst) and we'd be much better off with out them....just need to figure out how to invent sentient AI.
__________________
"If you ever start taking things too seriously, just remember that we are talking monkeys on an organic spaceship flying through the universe." -JR

“if your opponent has a conscience, then follow Gandhi. But if you enemy has no conscience, like Hitler, then follow Bonhoeffer.” - Dr. MLK jr

Last edited by AkG; June 6, 2010 at 03:18 PM.
  #23 (permalink)  
Old June 6, 2010, 03:46 PM
SneakySnake's Avatar
MVP
F@H
 
Join Date: Mar 2009
Location: Waterloo
Posts: 296

My System Specs

Default

Quote:
Originally Posted by m1dget View Post
None of them are secure.

Though one is harder to crack than the other. Little difference here.
I would consider that more secure, but that's just me.
  #24 (permalink)  
Old June 7, 2010, 01:55 AM
m1dget's Avatar
Allstar
 
Join Date: Nov 2008
Location: Terrebonne, Qc
Posts: 707

My System Specs

Default

Quote:
Originally Posted by AkG View Post
that is locked in a vault and never used and has no programs installed on it (as they are another attack vector)
Well if I quote (from memory) a security book I read a while ago that had the best example of what I mean: You can install whatever you want on it, but as long as the server is hidden in a fortress guarded by an armed guard (and maybe a tank) and dug deep below the ground in a concrete box with 2 feet thick reeinforced concrete wall while not being plugged or connected to a network and having, your box can't be considered truly secure.

...but for the real world there is OpenBSD which is considered secure on many levels + that thing YouTube - The UK's most secure datacenter "The Bunker" Kent.


Quote:
Originally Posted by AkG View Post
NIX is a classic example of security through obscurity because there is no real monetary reward for crackers and hackers to break Linix.
Seriously man, I feel bad reading your definition of security through obscurity

Here's what you should have done the first time I quoted you on it Security through obscurity - Wikipedia, the free encyclopedia

(I find it funny to see further down that you were possibly a pentester and think that unix is security by obscurity )


Quote:
Originally Posted by AkG View Post
Why spend time and effort probing for a hole that will affect 2 or 3 people out of a hundred when you can do it for 90+. Once again no OS is secure. This is a fact. ANYTHING man made has flaws. There are plenty of ways to break nix systems just like any other OS. A lot of them just haven't been discovered because its not worth the time and effort to do so. If you think nix has no holes and thus needs no patching....LOL, not even going to go there as you seem bright enough to actually count above 10 w/out taking off your shoes ;)
Well sure there's less apparent effort on the part of linux/unix developper for virtually anything, but it's false. Though if you are a developper for -let say- KDE, well you won't even care about kernel level security or remote hole patching.

Quote:
Originally Posted by AkG View Post
I did intrusion detection for a living so unlike you I know what I am talking about when it comes to security. Im not a dilettante, or arm chair general. Im sure your OS gives you warm fuzzy wuzzies at night, but you are sadly mistaken if you think that its this uber perfect system that cant be hacked. Before windows, Unix was the only "real" OS out there for servers and yes they did get cracked. Just like Novel did and was hacked. If you were around back then you would know this. Obviously you werent. Obviously your ideas need a few more years of real world experience to temper your enthusiasm. Me I think all OS's and ALL users are royal pain in the arse (especially the "power user" who thinks he knows it all...they are the worst) and we'd be much better off with out them....just need to figure out how to invent sentient AI.
I just can't beleive I'm having this conversation with a (possible) pentester... seriously I wtf am I witnessing here

Sure UNIX is not perfect, nothing is, but still it's way better than about all the alternatives out there and has everything you can need to secure and make a machine completely secure. It's a bit of work but with custom tools and programs beleive me it can a be a fortress (from about all point of view).

As an example... for the almighty OpenBSD and remote holes. There are simply none. You might say again that nobody checked or tested the code, but that would be plain wrong. Go download all their source and read a bit of the code and you will see that a bunch of very qualified people went over it and audited it several time.

And to conclude... I have nothing to prove to you or anyone here (else than potential clients) but you really think I am just a lil undesirable and annoying "superuser" with a big mouth? Well let me just tell you that you are not the only one that works/worked in the computer security field. I have a small company (under NDA) in that domain and I am required to know in depth about all there is to know about either software, network and OS security (including audits like you did even if we are a software company and it's not our primary goal) because if not, well we are basically ****ed if I may use that term

I like to have conversation with you guys, but please don't treat me like an imbecile as I am not one. I think you should have had figured it out sooner than after nearly 500 posts on my part.
__________________
"NIX is a classic example of security through obscurity because there is no real monetary reward for crackers and hackers to break Linix" -AkG

Last edited by m1dget; June 7, 2010 at 02:00 AM.
  #25 (permalink)  
Old June 7, 2010, 09:04 AM
AkG's Avatar
AkG AkG is online now
Hardware Canucks Reviewer
 
Join Date: Oct 2007
Posts: 4,332
Default

Im not treating you like an idiot. Just a fanboi. Its a small difference but there is a difference.

As for your mighty unix. Now instead of lumping SOHO and server enviro into one group lets be fair and break it into its two camps. Both server different niches and both are just as important.
On the home user end almost all attacks occour along the social engineering attack vector. Now lets say you want to make your own spambot. The easiest simple way regardless of OS to do this is make a little program, lets call it 99SmileyFaceFontPack_virus.exe It doesnt matter how many barriers you put up if joe schome wants to install that and get his "99 smiley faces" he will. Will he have to jump through an extra hoop or three on nix. Yup. Will he. Yup. Will he get pissed off if he cant do it right away. Yup. Windows, Apples,Nix...whatever stupid users are stupid users. Saying XYZ is more secure then another with users in the mix is foolish. You will be technically correct, but in the real world it wont matter.

On the server end of things. Unix rules the roost always has always will. Its certainly more secure, but if you think that you dont need Intrusion Detection services and hardware to monitor and keep hackers out...your living in a dream world. If someone wants in, they probably will get in. Its a matter of finding them before they breech ALL your rings of security and blocking them, and not a case of its running unix so they cant get in BS. It really is managing your ease of use vs risk. But what you are saying is that everything but *nix is not secure and nix IS secure because its HARDER to get into it. As I said....there is no black and white. If you ever get into the field and blindly start recommending one piece of software as the alpha and omega....you will be laughed out of the industry. You can easily harden any OS with good software and hardware monitoring. Its actually easier on windows then nix as more companies are competing for that market and peeps like you are still incorrectly thinking "it run nix so therefore we dont need added security". That is why Im calling you a fanboi as you want it both ways. You want to not include the user into your equation on unix end of the spectrum BUT at the same time WANT to include all the virus and malware that rely on users to get on the system on the Windows end of the spectrum. Cant have it both ways. So yes if you want to act like a fanboi, expect to be treated like one.

And maybe its just my experience as i was breaking unix systems probably since you were born. So I dont think its perfect. Id rather have a slightly less secure system that everyone KNOWS is not perfect then a imperfect os that peeps treat like it IS perfect. The peeps are always the weak link. education cuts both ways. Praising nix as the be all and end all.....is falling right into the hackers hands. IF it every becomes a big enough market share....Apple is in for a tough go of it. This is actually where a lot of my loathing of apple comes from. As they are brainwashing their peeps into believing the kool-aid isnt cyanide flavoured.

YMMV

Oh and btw I am retired and dont wear my black, gray or even white hat anymore. it lost all its excitement years ago. you can harden it all you want, spend as muc time as you want...but if "I" or someone like me came along wearing my black hat....it didnt matter because of the "user factor".
Now Im just a wee old hardware reviewer who runs a non IT business in the real world. i build systems and that keeps me from wanting to scream at stupid users (not all are..just too damn many). MUCH less stressful now ;)
__________________
"If you ever start taking things too seriously, just remember that we are talking monkeys on an organic spaceship flying through the universe." -JR

“if your opponent has a conscience, then follow Gandhi. But if you enemy has no conscience, like Hitler, then follow Bonhoeffer.” - Dr. MLK jr

Last edited by AkG; June 7, 2010 at 09:22 AM.
  #26 (permalink)  
Old June 7, 2010, 11:42 AM
Perineum's Avatar
Hall Of Fame
F@H
 
Join Date: Mar 2009
Location: Surrey, B.C.
Posts: 4,039

My System Specs

Default

m1dget will not change his mind. He's seen varying responses from many people but he's always going to see things in his shade of color. The thing he doesn't understand is that while he is STUCK with the rose colored glasses on he's trying to convince everyone else to take (according to him) their blinders off.

End result: He's a fanboi. His arguments are endless and his opinions will change just enough to get out of a tight spot.

Security is a joke. The user is ALWAYS the weak link. The user limits the ability to use proper security in the first place. Security has to be made "easy" for the idiots to use it. Doesn't matter the OS. Windows will now ask you like 5 times now whether or not you want to install "THIS_IS_A_VIRUS.EXE" and people still install them. Then Apple makes fun of it via the "Mac is offering a salutation, Allow or Deny?" comedy advertisements they have. Funny thing is, they are actually making fun of the BRAINDEAD users that are actually the market Apple is looking for.... people who know nothing about computers at all.

Bah.

(P.S. Not all Mac fans are braindead, just for the record. Those ones are reasonable, you can talk to them. They'll actually mention something they don't like about the computer or the OS. The ones that have no complaints are the ones that scare me.)
  #27 (permalink)  
Old June 7, 2010, 02:09 PM
m1dget's Avatar
Allstar
 
Join Date: Nov 2008
Location: Terrebonne, Qc
Posts: 707

My System Specs

Default

Quote:
Originally Posted by AkG View Post
Im not treating you like an idiot. Just a fanboi. Its a small difference but there is a difference.
Well I won't blame you for thinking that as I don't think you see/know me clear enough here.


Quote:
Originally Posted by AkG View Post
As for your mighty unix. Now instead of lumping SOHO and server enviro into one group lets be fair and break it into its two camps. Both server different niches and both are just as important.
On the home user end almost all attacks occour along the social engineering attack vector. Now lets say you want to make your own spambot. The easiest simple way regardless of OS to do this is make a little program, lets call it 99SmileyFaceFontPack_virus.exe It doesnt matter how many barriers you put up if joe schome wants to install that and get his "99 smiley faces" he will. Will he have to jump through an extra hoop or three on nix. Yup. Will he. Yup. Will he get pissed off if he cant do it right away. Yup. Windows, Apples,Nix...whatever stupid users are stupid users. Saying XYZ is more secure then another with users in the mix is foolish. You will be technically correct, but in the real world it wont matter.
Believe me I know very well that factor. I worked before in a lil computer repair shop for a few months and I got frustrated to a point of saying "I'm done" and quit the same day after the worst wave of retarded windows zombie user came and argue with me on things they had no clue whatsoever about.
Heck one guy even wanted to sue the shop I worked for because he entered his credit card number in a false anti-virus and claimed that -I- installed it and stole his money


Quote:
Originally Posted by AkG View Post
On the server end of things. Unix rules the roost always has always will. Its certainly more secure, but if you think that you dont need Intrusion Detection services and hardware to monitor and keep hackers out...your living in a dream world. If someone wants in, they probably will get in. Its a matter of finding them before they breech ALL your rings of security and blocking them, and not a case of its running unix so they cant get in BS. It really is managing your ease of use vs risk.
Oh believe me that I this just too well. You won't see me leave an important machine or network (even a crappy DMZ) without the protection it needs from the hostile internet. Paranoid PF and IDS doing deep packet inspection, tweaked kernel to reinforce the OS itself, tcpwrappers, public/private keys, vpns, jails (as in FreeBSD jails), my own network bot who always try to figure out what is going on in the network and control it (or users coming in), automatic network wide auditing, log files parser to update firewall rule intelligently, occasional honeypots here and there to have fun reading logs and seeing l33t skitties installing rootkits here and there or the awesome h4x0rs trying to do some l33t ftp commands in a hp. Why not have a lil fun in the process

Quote:
Originally Posted by AkG View Post
But what you are saying is that everything but *nix is not secure and nix IS secure because its HARDER to get into it. As I said....there is no black and white.
I don't want to repeat myself as you must know what is my opinion on security itself. But I think if you read a few posts back, that is what I said about wireless security for example.
For my example with OpenBSD, I don't say it's harder to get in, I'm just saying that currently we can say that it's simply impossible. So that part of the OS can be considered secure.

Quote:
Originally Posted by AkG View Post
If you ever get into the field and blindly start recommending one piece of software as the alpha and omega....you will be laughed out of the industry.
Well we are currently in the industry, but not your typical 'tiger team'... we're a software company and that's why I say that we need to know a bit more than you think I know is because let just say that we are "kind of making" some tools for you guys (pentesters) to work with to test and network admin to secure a network. (though can't say more... NDA)

Quote:
Originally Posted by AkG View Post
You can easily harden any OS with good software and hardware monitoring. Its actually easier on windows then nix as more companies are competing for that market and peeps like you are still incorrectly thinking "it run nix so therefore we dont need added security". That is why Im calling you a fanboi as you want it both ways. You want to not include the user into your equation on unix end of the spectrum BUT at the same time WANT to include all the virus and malware that rely on users to get on the system on the Windows end of the spectrum. Cant have it both ways. So yes if you want to act like a fanboi, expect to be treated like one.
Again not true, read what I wrote above.


Quote:
Originally Posted by AkG View Post
And maybe its just my experience as i was breaking unix systems probably since you were born. So I dont think its perfect. Id rather have a slightly less secure system that everyone KNOWS is not perfect then a imperfect os that peeps treat like it IS perfect. The peeps are always the weak link. education cuts both ways. Praising nix as the be all and end all.....is falling right into the hackers hands. IF it every becomes a big enough market share....Apple is in for a tough go of it.
I perfectly know it's not perfect, but again what is not perfect can be fixed to perfection if you know how. Third party tools, your own tools or simple fixing/patching and recompiling whatever piece of software you want.

Quote:
Originally Posted by AkG View Post
This is actually where a lot of my loathing of apple comes from. As they are brainwashing their peeps into believing the kool-aid isnt cyanide flavoured.
Can you blame them if it works? Isn't that the main purpose of marketting?

Quote:
Originally Posted by AkG View Post
Oh and btw I am retired and dont wear my black, gray or even white hat anymore. it lost all its excitement years ago. you can harden it all you want, spend as muc time as you want...but if "I" or someone like me came along wearing my black hat....it didnt matter because of the "user factor".
Now Im just a wee old hardware reviewer who runs a non IT business in the real world. i build systems and that keeps me from wanting to scream at stupid users (not all are..just too damn many). MUCH less stressful now ;)
Well I'm still young and I can still take the pressure so I love what I am doing... even if that means working about 100 hours a week to push out our products

Quote:
Originally Posted by Perineum View Post
m1dget will not change his mind. He's seen varying responses from many people but he's always going to see things in his shade of color. The thing he doesn't understand is that while he is STUCK with the rose colored glasses on he's trying to convince everyone else to take (according to him) their blinders off.

End result: He's a fanboi. His arguments are endless and his opinions will change just enough to get out of a tight spot.

Security is a joke. The user is ALWAYS the weak link. The user limits the ability to use proper security in the first place. Security has to be made "easy" for the idiots to use it. Doesn't matter the OS. Windows will now ask you like 5 times now whether or not you want to install "THIS_IS_A_VIRUS.EXE" and people still install them. Then Apple makes fun of it via the "Mac is offering a salutation, Allow or Deny?" comedy advertisements they have. Funny thing is, they are actually making fun of the BRAINDEAD users that are actually the market Apple is looking for.... people who know nothing about computers at all.

Bah.

(P.S. Not all Mac fans are braindead, just for the record. Those ones are reasonable, you can talk to them. They'll actually mention something they don't like about the computer or the OS. The ones that have no complaints are the ones that scare me.)
Any monkey with basic understanding skill will understand in about one minute that the user is the weak link. We are talking about system security here. Not the same. Take the retarded users out of the equation.

And no I am not changing my opinion to fit the conversation. This is pointless.
__________________
"NIX is a classic example of security through obscurity because there is no real monetary reward for crackers and hackers to break Linix" -AkG

Last edited by m1dget; June 7, 2010 at 05:12 PM.
  #28 (permalink)  
Old June 7, 2010, 02:18 PM
Top Prospect
 
Join Date: Apr 2010
Location: Vancouver
Posts: 242
Default

Quote:
Originally Posted by m1dget View Post
Read a bit about Miller's background before putting him as a proof that OSX security is deficient.
If you knew anything about that guy you would never have put up his name near this thread.
I said it's *one* view of the state of things and I was sure others, like you, have another.

But isn't this chest beat^H^H^H^H... debate on which OS is more secure kind of moot? Windows has come a long way since the days of Download.ject. Deployment and user issues are now the weakest link, not which OS. If Apple/*Nix systems are not updated because the patches break custom apps are they any more secure than XP? If Apple/*Nix users believe that they are immune to malware will they not fall into the same traps as Windows users who believe AVs and firewalls will protect them from everything?

Quote:
Originally Posted by AkG View Post
If you want to think that its all a con job that apple's OS is always the first to be broken at those competitions (pwn2own, etc) then thats your right.
I've always thought that one factor in pwn2own was that the MacBooks are more desirable prizes.

Quote:
Originally Posted by SneakySnake View Post
More secure does exist. Hypothetical situation: I have to two bodyguards when I go shopping. You only have one. I am more secure
What if my one bodyguard is Yoda and your two are C3POs? <g,d&r>
__________________
iK ©
  #29 (permalink)  
Old June 7, 2010, 03:03 PM
SneakySnake's Avatar
MVP
F@H
 
Join Date: Mar 2009
Location: Waterloo
Posts: 296

My System Specs

Default

Quote:
Originally Posted by DCCV44.2223 View Post
What if my one bodyguard is Yoda and your two are C3POs? <g,d&r>
Hmm, you've got me their.
  #30 (permalink)  
Old June 7, 2010, 05:03 PM
ipaine's Avatar
Hall Of Fame
F@H
 
Join Date: Apr 2008
Location: Edmonton, AB
Posts: 2,059

My System Specs

Default

Quote:
Originally Posted by m1dget View Post
I don't want to repeat myself as you must know what is my opinion on security itself. But I think if you read a few posts back, that is what I said about wireless security for example.
For my example with OpenBSD, I don't say it's harder to get in, I'm just saying that currently we can say that it's simply impossible. So that part of the OS can be considered secure.
Quote:
Originally Posted by m1dget View Post
I perfectly know it's not perfect, but again what is not perfect can be fixed to perfection if you know how. Third party tools, your own tools or simple fixing/patching and recompiling whatever piece of software you want.

I have stayed out of this until now but those two comments that show me you must have your head in the sand. Not to mention if you/your company where making products in this field for me I would seriously consider someone else if I heard talk like this.

Nothing is impossible, certainly when it comes to security. Not saying things aren't hard but they are not impossible. And as for perfection? Give me a break, there is no such thing and if you think you can fix something to perfection you are seriously deluded.

Any system/software can be hacked. Some are harder than others but in the end everything can be hacked and cracked.
__________________
"Nothing sucks more than that moment during an argument when you realize you're wrong."


Closed Thread


Thread Tools
Display Modes

Similar Threads
Thread Thread Starter Forum Replies Last Post
Hehe... m1dget Mac 77 May 2, 2010 04:14 PM