| |||||||
| | | |
 |
| | LinkBack | Thread Tools | Display Modes |
June 6, 2010, 02:10 PM
| ||||
| ||||
 Quote:
__________________ "NIX is a classic example of security through obscurity because there is no real monetary reward for crackers and hackers to break Linix" -AkG |
|
June 6, 2010, 03:13 PM
| ||||
| ||||
|
dude you have a very interesting idea on what security means. There is no black and no white when it comes to the real world. By YOUR definition of security, the only truly secure system is one that is locked in a vault and never used and has no programs installed on it (as they are another attack vector). There are plenty of middle ground areas where on a case by case basis a competent IT security admin has to look at and weigh the pros and cons. Once again you show your lack of real world understanding. Im sure in your world nix is wonderful and all its users are perfect....the rest of us live in the real world so the "people equation" actually matters. As it stands windows users are on the average a bit more savy then the avg apple user. I am completely discounting Linuix as it is a niche OS that really isnt big enough to have a real cross section of computer users. The avg nix user is most likely more tech savy then the avg windows user...but then again they HAVE to be. NIX is a classic example of security through obscurity because there is no real monetary reward for crackers and hackers to break Linix. Why spend time and effort probing for a hole that will affect 2 or 3 people out of a hundred when you can do it for 90+. Once again no OS is secure. This is a fact. ANYTHING man made has flaws. There are plenty of ways to break nix systems just like any other OS. A lot of them just haven't been discovered because its not worth the time and effort to do so. If you think nix has no holes and thus needs no patching....LOL, not even going to go there as you seem bright enough to actually count above 10 w/out taking off your shoes ;) I did intrusion detection for a living so unlike you I know what I am talking about when it comes to security. Im not a dilettante, or arm chair general. Im sure your OS gives you warm fuzzy wuzzies at night, but you are sadly mistaken if you think that its this uber perfect system that cant be hacked. Before windows, Unix was the only "real" OS out there for servers and yes they did get cracked. Just like Novel did and was hacked. If you were around back then you would know this. Obviously you werent. Obviously your ideas need a few more years of real world experience to temper your enthusiasm. Me I think all OS's and ALL users are royal pain in the arse (especially the "power user" who thinks he knows it all...they are the worst) and we'd be much better off with out them....just need to figure out how to invent sentient AI. 
__________________ "If you ever start taking things too seriously, just remember that we are talking monkeys on an organic spaceship flying through the universe." -JR “if your opponent has a conscience, then follow Gandhi. But if you enemy has no conscience, like Hitler, then follow Bonhoeffer.” - Dr. MLK jr Last edited by AkG; June 6, 2010 at 03:18 PM. |
|
June 6, 2010, 03:46 PM
| ||||
| ||||
| Quote:
|
|
June 7, 2010, 01:55 AM
| ||||
| ||||
| Quote:
...but for the real world there is OpenBSD which is considered secure on many levels + that thing YouTube - The UK's most secure datacenter "The Bunker" Kent. Quote:
 Here's what you should have done the first time I quoted you on it Security through obscurity - Wikipedia, the free encyclopedia (I find it funny to see further down that you were possibly a pentester and think that unix is security by obscurity  )Quote:
Quote:
Sure UNIX is not perfect, nothing is, but still it's way better than about all the alternatives out there and has everything you can need to secure and make a machine completely secure. It's a bit of work but with custom tools and programs beleive me it can a be a fortress (from about all point of view). As an example... for the almighty OpenBSD and remote holes. There are simply none. You might say again that nobody checked or tested the code, but that would be plain wrong. Go download all their source and read a bit of the code and you will see that a bunch of very qualified people went over it and audited it several time. And to conclude... I have nothing to prove to you or anyone here (else than potential clients) but you really think I am just a lil undesirable and annoying "superuser" with a big mouth? Well let me just tell you that you are not the only one that works/worked in the computer security field. I have a small company (under NDA) in that domain and I am required to know in depth about all there is to know about either software, network and OS security (including audits like you did even if we are a software company and it's not our primary goal) because if not, well we are basically ****ed if I may use that term I like to have conversation with you guys, but please don't treat me like an imbecile as I am not one. I think you should have had figured it out sooner than after nearly 500 posts on my part.
__________________ "NIX is a classic example of security through obscurity because there is no real monetary reward for crackers and hackers to break Linix" -AkG Last edited by m1dget; June 7, 2010 at 02:00 AM. |
|
June 7, 2010, 09:04 AM
| ||||
| ||||
|
Im not treating you like an idiot. Just a fanboi. Its a small difference but there is a difference. As for your mighty unix. Now instead of lumping SOHO and server enviro into one group lets be fair and break it into its two camps. Both server different niches and both are just as important. On the home user end almost all attacks occour along the social engineering attack vector. Now lets say you want to make your own spambot. The easiest simple way regardless of OS to do this is make a little program, lets call it 99SmileyFaceFontPack_virus.exe It doesnt matter how many barriers you put up if joe schome wants to install that and get his "99 smiley faces" he will. Will he have to jump through an extra hoop or three on nix. Yup. Will he. Yup. Will he get pissed off if he cant do it right away. Yup. Windows, Apples,Nix...whatever stupid users are stupid users. Saying XYZ is more secure then another with users in the mix is foolish. You will be technically correct, but in the real world it wont matter. On the server end of things. Unix rules the roost always has always will. Its certainly more secure, but if you think that you dont need Intrusion Detection services and hardware to monitor and keep hackers out...your living in a dream world. If someone wants in, they probably will get in. Its a matter of finding them before they breech ALL your rings of security and blocking them, and not a case of its running unix so they cant get in BS. It really is managing your ease of use vs risk. But what you are saying is that everything but *nix is not secure and nix IS secure because its HARDER to get into it. As I said....there is no black and white. If you ever get into the field and blindly start recommending one piece of software as the alpha and omega....you will be laughed out of the industry. You can easily harden any OS with good software and hardware monitoring. Its actually easier on windows then nix as more companies are competing for that market and peeps like you are still incorrectly thinking "it run nix so therefore we dont need added security". That is why Im calling you a fanboi as you want it both ways. You want to not include the user into your equation on unix end of the spectrum BUT at the same time WANT to include all the virus and malware that rely on users to get on the system on the Windows end of the spectrum. Cant have it both ways. So yes if you want to act like a fanboi, expect to be treated like one. And maybe its just my experience as i was breaking unix systems probably since you were born. So I dont think its perfect. Id rather have a slightly less secure system that everyone KNOWS is not perfect then a imperfect os that peeps treat like it IS perfect. The peeps are always the weak link. education cuts both ways. Praising nix as the be all and end all.....is falling right into the hackers hands. IF it every becomes a big enough market share....Apple is in for a tough go of it. This is actually where a lot of my loathing of apple comes from. As they are brainwashing their peeps into believing the kool-aid isnt cyanide flavoured. YMMV Oh and btw I am retired and dont wear my black, gray or even white hat anymore. it lost all its excitement years ago. you can harden it all you want, spend as muc time as you want...but if "I" or someone like me came along wearing my black hat....it didnt matter because of the "user factor". Now Im just a wee old hardware reviewer who runs a non IT business in the real world. i build systems and that keeps me from wanting to scream at stupid users (not all are..just too damn many). MUCH less stressful now ;)
__________________ "If you ever start taking things too seriously, just remember that we are talking monkeys on an organic spaceship flying through the universe." -JR “if your opponent has a conscience, then follow Gandhi. But if you enemy has no conscience, like Hitler, then follow Bonhoeffer.” - Dr. MLK jr Last edited by AkG; June 7, 2010 at 09:22 AM. |
|
June 7, 2010, 11:42 AM
| ||||
| ||||
| |
|
June 7, 2010, 02:09 PM
| ||||||||||
| ||||||||||
| Quote:
Quote:
Heck one guy even wanted to sue the shop I worked for because he entered his credit card number in a false anti-virus and claimed that -I- installed it and stole his money  Quote:
 Quote:
For my example with OpenBSD, I don't say it's harder to get in, I'm just saying that currently we can say that it's simply impossible. So that part of the OS can be considered secure. Quote:
Quote:
Quote:
Quote:
 Quote:
Quote:
And no I am not changing my opinion to fit the conversation. This is pointless.
__________________ "NIX is a classic example of security through obscurity because there is no real monetary reward for crackers and hackers to break Linix" -AkG Last edited by m1dget; June 7, 2010 at 05:12 PM. |
|
June 7, 2010, 02:18 PM
| |||
| |||
| Quote:
But isn't this chest beat^H^H^H^H... debate on which OS is more secure kind of moot? Windows has come a long way since the days of Download.ject. Deployment and user issues are now the weakest link, not which OS. If Apple/*Nix systems are not updated because the patches break custom apps are they any more secure than XP? If Apple/*Nix users believe that they are immune to malware will they not fall into the same traps as Windows users who believe AVs and firewalls will protect them from everything? Quote:
 Quote:
__________________ iK © |
|
June 7, 2010, 03:03 PM
| ||||
| ||||
| Quote:
 |
|
June 7, 2010, 05:03 PM
| ||||
| ||||
| Quote:
Quote:
I have stayed out of this until now but those two comments that show me you must have your head in the sand. Not to mention if you/your company where making products in this field for me I would seriously consider someone else if I heard talk like this. Nothing is impossible, certainly when it comes to security. Not saying things aren't hard but they are not impossible. And as for perfection? Give me a break, there is no such thing and if you think you can fix something to perfection you are seriously deluded. Any system/software can be hacked. Some are harder than others but in the end everything can be hacked and cracked.
__________________ "Nothing sucks more than that moment during an argument when you realize you're wrong." |
|
« Previous Thread
|
Next Thread »
| Thread Tools | |
| Display Modes | |
Linear Mode
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Hehe... | m1dget | Mac | 77 | May 2, 2010 04:14 PM |
Copyright © 2006-2012, HardwareCanucks.com. All Rights Reserved. Terms & Conditions
