If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Rate Thread | Display Modes |
#61
|
|||
|
|||
Build 10031
On 03/12/2015 04:28 PM, GreyCloud wrote:
T wrote: On 03/12/2015 03:34 PM, Char Jackson wrote: On Thu, 12 Mar 2015 20:30:54 +0100, A wrote: Char Jackson wrote: On Wed, 11 Mar 2015 12:37:45 -0700, T wrote: You are deceiving yourself if you think Linux is not more secure. It is open for anyone to look at. No back doors. World wide code checkers. I've heard that repeated many times over the years, and yet there have been several openSSL issues that have recently come to light, one or more of which is said to have existed for over a decade. Just because people *can* check the source doesn't necessarily mean that anyone does. Linux isn't bulletproof but it's more secure than Windows. If only it had a decent office suite. Alas, maybe some day. A lot of that I think has to do with Linux users being more tech savvy as a whole than Windows users as most users are compromised by being tricked into either clicking on something they shouldn't or by being persuaded to part with their money or both. "More secure", yes, but I was primarily knocking the assumption that a lot of eyes are looking at the code because it's open source. I don't really think that's true. Hi Char, The kernel gets the most scrutiny. But anything dealing with security does to. It is not perfect, but it gets you there a lot faster. Just out of curiosity, how often do you have to tell your Windows customers to turn their computers off at night? Why waste power when you aren't using it? I turn mine off every night. I used to leave my old iMac G5 on all the time, till one morning I woke up to a burnt capacitor smell. After I got the power supply replaced I turned it off at night to preserve my machine. Not a good idea for the home user. Industrial strength machines that need to stay on 24/7 are a bit more pricey. Hi Grey Cloud, The more you use it, the sooner it wears out. 30 years ago power supplies surged and burned stuff out. So, folks learned never to turn anything off. But that hasn't been the case for a lot of years now. Also, some Windows users are so virused up (malware to the speech police), the can't get their computer to boot back up. -T |
Ads |
#62
|
|||
|
|||
Build 10031
On Thu, 12 Mar 2015 16:32:14 -0700, T wrote:
Just out of curiosity, how often do you have to tell your Windows customers to turn their computers off at night? Why waste power when you aren't using it? I turn mine off every night. I used to leave my old iMac G5 on all the time, till one morning I woke up to a burnt capacitor smell. After I got the power supply replaced I turned it off at night to preserve my machine. Not a good idea for the home user. Industrial strength machines that need to stay on 24/7 are a bit more pricey. Hi Grey Cloud, The more you use it, the sooner it wears out. 30 years ago power supplies surged and burned stuff out. So, folks learned never to turn anything off. But that hasn't been the case for a lot of years now. Also, some Windows users are so virused up (malware to the speech police), the can't get their computer to boot back up. The concept of switching things off when not in use was drummed into children by sensible parents sixty years ago, and in those days we had wireless sets that could take five minutes to warm up and TV sets that could take twice that. Now, in what is supposed to be a more energy conscious time, nobody seems to care. Some things have to be powered constantly to do their jobs, but a great many devices are left connected to the mains because they are not even provided with an easy way of switching off other than the low voltage output of the power supply. In theory a PSU doesn't consume anything when not loaded but in reality it must, and there are millions of them... Rod. |
#63
|
|||
|
|||
Build 10031
T wrote:
On 03/11/2015 03:18 PM, Slimer wrote: Instability however, is another issue. Windows 7 is NOT unstable. Hi Slimer, Ask yourself why Windows 7 has restore points and roll back features. This is an attempt to control the inherent instability of the OS. Linux and OSx don't have such an animal because they don't need it. WrongO, dude. Think of the environments a bit first. Windows: Open to user driver fiddling. Users can and do add hardware. Open to poorly tested security patches (some brick the machine). Users can install just about anything, drivers without WHQL certification, open source software they compiled with MinGW or Visual Studio. It's completely open season. Why *wouldn't* you have Restore Points in such an environment, even if they don't cover all possible use cases ? Linux: Drivers are mostly included. Brick-age can happen when people install NVidia or ATI tainted drivers. There's probably been the odd occasion I've done something like that, and just reinstalled to clear up the mess. That was the fastest resolution. Applications sit in a pre-compiled Repository. That's a curated environment. My experience, is the quality there is a little better than Windows. Since it's curated, there is less that can go wrong. Many times, I've accepted a kernel update in a Linux VM, and it doesn't boot. As long as I know there is a menu where I can move back to the previous kernel and boot, no problemO. A Linux user can download an open source package (as source), compile it and install it in /usr. But, when that Linux user is honest, ask them how much trouble that caused. How much maintenance is required to keep it running (when the next version of Ubuntu comes along, and you update from 12.04 to 14.04). That's really no different than the kinds of exposures in Windows. The average Linux user (not you), just isn't that adventurous. OSX: Drivers are for the most part, under Apple control. On modern Apple, there may not be a lot of hardware slots, to go adding PC hardware. Back in the day, I used to add a couple .kext modules, to support an IDE card in my SCSI Mac machine. And that could cause "sleep" issues. It was less common to "tip over" an Apple with a .kext, because the supplier had tested it a bit. You can still have problems with third-party utilities, but then, only the utility is busted. And Apple has Time Machine, so they haven't exactly abandoned the user. They're at least providing a hint that you should do something. On Linux, there is little in the way of hints about disaster planning or what a "best-practice" might be for keeping data safe or preparing for some catastrophic event. Windows has provided some feeble attempts at it, so users at least know there is a word called "backup". For example, I have a complete backup of this Windows machine, sitting on a 3TB disk. And the disk is left disconnected from the computer. It's there, because of my concern over cryptolocker. Not that I expect it'll actually happen to me, but because I want to look "less stupid" when it does happen. ******* I can de-stabilize any OS, if you let me get my hands on it. Would I appreciate it if an automatic disaster recovery procedure was present ? Yes. Paul |
#64
|
|||
|
|||
Build 10031
T wrote:
That was not the point. The point was that M$ marketing department has stated that W7 is far more secure than XP and that is one of the best reasons to upgrade. The statement is false. Yes and no. There are two aspects to the statement. 1) Microsoft developers add ASLR (Address Space Layout Randomization). They've added a feature to "plug" a certain kind of exploit. They can then boast that they've made the OS "more secure", by plugging a perceived entry point. There is EMET. There is AppLocker (defined in next link). http://en.wikipedia.org/wiki/List_of...ows_components And for some of those, the implementation is more complete on a later OS. 2) The other side of the coin, is "measuring" the infection rate. I haven't seen a measurement or anecdotal story yet that didn't contain a bias. You simply can't make blanket statements, because the "threat landscape" moves over time. Say I'm a malware guy, and I write all my malware for Windows 8, ignoring Windows 7. Todd notices three infections on his Win8 machine, and only two infections on the Win7 machine. Do we conclude Win8 is less secure, or that nobody cares about Win7 (when writing malware) ? You would need to do some analysis of the "class" of attacks, see whether there are attacks that only could have happened on Windows 8 (new attack surface), to conclude it was less secure. And Microsoft has made absolutely no attempt to remove attack surfaces like ActiveX, allowing Java on the machine, letting people play Flash videos, and so on. The areas that an attack can come from, are not changing. And in that sense, the security yardstick hasn't moved at all. And the thing is, Microsoft doesn't even control all the attack surfaces. Adobe can add attack vectors, faster than Microsoft can plug them. And since when does anyone trust what a marketing person says ? :-) Let's consider the addition of Metro tiles to Windows 8. Is anyone aware of an attack through that vector ? Well, the tiles all come from the Application Store, so there's an opportunity to check them. Whereas if the Metro tiles could be downloaded from CNET, who knows what would get into the machine. The Metro tile is pretty flabby, involving HTML or Javascript, so if we could get our hands on it, it would likely tip over real easy. Curation is what makes the difference there. And someone has to check those 200,000 applications in the store (or whatever the number is today), to make sure no "evil" sneaks in. Paul |
#65
|
|||
|
|||
Build 10031
On 03/12/2015 04:29 PM, Slimer wrote:
"More secure", yes, but I was primarily knocking the assumption that a lot of eyes are looking at the code because it's open source. I don't really think that's true. One word: OpenSSL. The "many eyes" of open-source disregard a critical bug in there for the largest part of a decade. Who knows what other holes they'll find in the Linux can of worms? Hi Slimer, That would be the speck in Linux eye versus the board in Windows eye. When discovered, it was announced and fixed immediately. And I really, really mean IMMEDIATELY. No one was harmed by the vulnerability or the resulting patch. No one's system even had to be rebooted. The system worked. The patch did not have to wait years for someone to write a virus based on it (like the Blaster virus). -T |
#66
|
|||
|
|||
Build 10031
On 03/12/2015 04:23 PM, GreyCloud wrote:
T wrote: On 03/12/2015 12:11 PM, Char Jackson wrote: On Wed, 11 Mar 2015 12:37:45 -0700, T wrote: You are deceiving yourself if you think Linux is not more secure. It is open for anyone to look at. No back doors. World wide code checkers. I've heard that repeated many times over the years, and yet there have been several openSSL issues that have recently come to light, one or more of which is said to have existed for over a decade. Just because people *can* check the source doesn't necessarily mean that anyone does. Hi Char, Of course. And when they are identified, they are fixed immediately. That is one of the reasons why Linux is far more secure (in this instance, a program running on Linux). You are completely missing the point. The Open SSL issues and the way they were handled is a triumph of how the system works. Remember the Blaster virus? The vulnerability was know and published for years. The jerk that wrote the Blaster virus simply looked up what vulnerabilities had not been patched and wrote a virus for it. The scoundrels at M$ didn't patch it until someone wrote a virus for it! There is a *HUGE* difference in the way these things handled by open source and by M$. M$ would have ignored it until they were embarrassed by it, as in the blaster virus. By the way, on Mozilla's or Red Hat's bugzilla, if you check of "security", the attention you get can only be described as OH HOLY CRAP!!! (I just put a bug in on how to seize Linux and they figured out it was a security bug on their own and oh did they respond!) In Linux, if you fix a bug and write a "respectful" well documents bug report (the the appropriate Bugzilla), you get it fixed. In M$ world, who do you even report it to? "How many copies did you buy?" And yes, there are exceptions. If you have heard of the Las Vegas DEFCON conventions, then you'll be happy to hear that it is a hackers convention to see how long it takes to break into operating systems. Linux was broken in from the outside in under 20 minutes. Windows was broken into from the outside in under 5 minutes. Solaris UNIX was broken into in an hour. OpenVMS took over 2 days. Hi GreyCloud, Which Linux? Was it security hardened Fedora with SE Linux? Or Ubuntu (which is not hardened)? And, how about Free BSD? So there really is no such thing as a totally secure operating system, it is just that some are harder to break in than others. That is the best you can expect. -T |
#67
|
|||
|
|||
Build 10031
On 03/12/2015 04:19 PM, GreyCloud wrote:
T wrote: On 03/11/2015 03:18 PM, Slimer wrote: Instability however, is another issue. Windows 7 is NOT unstable. Hi Slimer, Ask yourself why Windows 7 has restore points and roll back features. This is an attempt to control the inherent instability of the OS. Linux and OSx don't have such an animal because they don't need it. On win7 I use restore point with 3rd party software in case the vendor screwed up royally. It is much easier to use a restore point than to go in there to remove the trailings left all over the hard drive. On OS X, I use Time Machine to restore a machine to an earlier point in time and can be quite selective in what you want restored... in case a user somehow screws up his user account directory in a terminal by typing in rm *, you can just go into Time Machine and just click on the User/name and click restore. Same thing for all earlier computer systems, such as VMS, backing up files to a tape transport. Hi Grey Cloud, Time machine is sweet. I use plain old command line Dump and Restore on Linux. Backs everything up perfectly. It ain't pretty like time machine, but I have used it on several occasions to restore entire systems. You can pull single files out pretty easy too. Backing up Windows drives me nuts with the system and file locks. I love when my Windows virtual machines crash, I just restore their hard drives from my latest Dump. I control my "roll back" instability problems on my Windows OS'es by making a gold copy of my VM's (virtual Machines) hard drives and just restoring the whole thing when I need to. And I have two separate VM's of XP (also unstable) to cope if I am in a hurry and have customers waiting on me. I have no such problem with my Linux base system or any of my Linux VM's. When I was using OpenSuse 11.3, for some reason during updates to software, it couldn't find the repository, but continued on anyway. It thoroughly hosed the system and wouldn't boot. That's when I ditched it for RedHat. The thing I love about Red Hat is their professionalism. I am the one that found the "cut a DVD, destroy your hard drive" problem. Red Hat jumped on it immediately and fix it for me. And I am from the "community" too, meaning I don't own a RHEL license. They said the bug was pretty obscure. I still use Solaris 10 in a VM because of their superior compilers. One issue with gcc (current) is that it won't compile older software that uses this piece of code at Global scope: FILE *Output = stdout; It don't like it, but Suns C compiler handles it. Neither does MS C compiler like it. Neither does OS X compiler like it. Other than that, I like Visual Studio the best. Back in the day, I learned Modula 2. In hind sight, I should have learned C instead. Some day, maybe I will learn Perl. A new version is due out soon. -T What the story behind the choice of Grey Cloud for your name? |
#68
|
|||
|
|||
Build 10031
On 03/12/2015 04:20 PM, Slimer wrote:
On 2015-03-12 5:29 PM, T wrote: On 03/11/2015 03:18 PM, Slimer wrote: Instability however, is another issue. Windows 7 is NOT unstable. Hi Slimer, Ask yourself why Windows 7 has restore points and roll back features. This is an attempt to control the inherent instability of the OS. Linux and OSx don't have such an animal because they don't need it. Linux is adopting btrfs which, as of right now, is an incredibly unstable filesystem but when complete, will allow Linux users to roll back the operating system to when it last worked. Is that evidence of Linux being unstable too? Hypocrite. Wow! You really aught to do some research before you make statements like that. And, you really need to develop some manners. Red Hat has adopted XFS for their file system. It is very mature and very stable. Red hat tested the hell out of it for YEARS. It also support EXT4 with is also stable and mature. I use EXT4 *ALL THE TIME*. I have played with XFS. XFS is better at HUGE files in HUGE databases. What the hell is "btrfs"? I control my "roll back" instability problems on my Windows OS'es by making a gold copy of my VM's (virtual Machines) hard drives and just restoring the whole thing when I need to. And I have two separate VM's of XP (also unstable) to cope if I am in a hurry and have customers waiting on me. I have no such problem with my Linux base system or any of my Linux VM's. You do, you just pretend that they're not there and lie whenever anyone asks you about them. You are essentially lying for LIEnux. I am very chatty. Ask me anything you like. Be a gentleman and avoid name calling. Be a decent human being and stop lying. I have said one lie. You are just being insulting for whatever private agenda you have. -T It ain't what you don't know that gets you into trouble. It's what you know for sure that just ain't so. --Mark Twain |
#69
|
|||
|
|||
Build 10031
On 03/12/2015 05:15 PM, Paul wrote:
T wrote: On 03/11/2015 03:18 PM, Slimer wrote: Instability however, is another issue. Windows 7 is NOT unstable. Hi Slimer, Ask yourself why Windows 7 has restore points and roll back features. This is an attempt to control the inherent instability of the OS. Linux and OSx don't have such an animal because they don't need it. WrongO, dude. Think of the environments a bit first. Windows: Open to user driver fiddling. Users can and do add hardware. Open to poorly tested security patches (some brick the machine). Users can install just about anything, drivers without WHQL certification, open source software they compiled with MinGW or Visual Studio. It's completely open season. Why *wouldn't* you have Restore Points in such an environment, even if they don't cover all possible use cases ? Linux: Drivers are mostly included. Brick-age can happen when people install NVidia or ATI tainted drivers. There's probably been the odd occasion I've done something like that, and just reinstalled to clear up the mess. That was the fastest resolution. Applications sit in a pre-compiled Repository. That's a curated environment. My experience, is the quality there is a little better than Windows. Since it's curated, there is less that can go wrong. Many times, I've accepted a kernel update in a Linux VM, and it doesn't boot. As long as I know there is a menu where I can move back to the previous kernel and boot, no problemO. A Linux user can download an open source package (as source), compile it and install it in /usr. But, when that Linux user is honest, ask them how much trouble that caused. How much maintenance is required to keep it running (when the next version of Ubuntu comes along, and you update from 12.04 to 14.04). That's really no different than the kinds of exposures in Windows. The average Linux user (not you), just isn't that adventurous. OSX: Drivers are for the most part, under Apple control. On modern Apple, there may not be a lot of hardware slots, to go adding PC hardware. Back in the day, I used to add a couple .kext modules, to support an IDE card in my SCSI Mac machine. And that could cause "sleep" issues. It was less common to "tip over" an Apple with a .kext, because the supplier had tested it a bit. You can still have problems with third-party utilities, but then, only the utility is busted. And Apple has Time Machine, so they haven't exactly abandoned the user. They're at least providing a hint that you should do something. On Linux, there is little in the way of hints about disaster planning or what a "best-practice" might be for keeping data safe or preparing for some catastrophic event. Windows has provided some feeble attempts at it, so users at least know there is a word called "backup". For example, I have a complete backup of this Windows machine, sitting on a 3TB disk. And the disk is left disconnected from the computer. It's there, because of my concern over cryptolocker. Not that I expect it'll actually happen to me, but because I want to look "less stupid" when it does happen. ******* I can de-stabilize any OS, if you let me get my hands on it. Would I appreciate it if an automatic disaster recovery procedure was present ? Yes. Paul Hi Paul, Go with the Red Hat for anything critical. And sign up for support. You will not believe the professionalism. I have notes on how to restore X11 when a new nVidia driver hits. Pain in the ass when that happens. Supposedly, they have that fixed now. (We will see!) In Linux, I have tools available to me that are not available in Windows. Have you discovered ctrlaltf1 and ctrlaltf2 yet? On my Linux servers, I leave the back up drives disconnect when not in use. Not because of crypto locker, but for something worse: meddling, worthless, no-account, know-it-all, boss' sons. I have restored entire Linux servers, including my own twice, when I discovered the DVD error, with my backups from Dump. Got great notes on it, if you want them. Haven't found a good way to disconnect a backup drive from the command line in Windows yet. There are ways, I just don't like them. And lately, I do full (Linux) drive encryptions on the base system and the backup drives. That is a pain in the ass with Windows. I also encrypt a lot of flash drives with EXT4 and LUKS. You can read them in Windows with Free OTFE, but the 64 bit driver signing problem is a pain in the ass. As I have stated before the OS you use is the one that meets your needs. -T |
#70
|
|||
|
|||
Build 10031
On 03/12/2015 05:51 PM, Paul wrote:
T wrote: That was not the point. The point was that M$ marketing department has stated that W7 is far more secure than XP and that is one of the best reasons to upgrade. The statement is false. Yes and no. There are two aspects to the statement. 1) Microsoft developers add ASLR (Address Space Layout Randomization). Hi Paul, I have read about this. Can you tell if it improved anything or just plugged an obscure vector the bad guys weren't using anyway? They've added a feature to "plug" a certain kind of exploit. They can then boast that they've made the OS "more secure", by plugging a perceived entry point. There is EMET. There is AppLocker (defined in next link). http://en.wikipedia.org/wiki/List_of...ows_components And for some of those, the implementation is more complete on a later OS. 2) The other side of the coin, is "measuring" the infection rate. I haven't seen a measurement or anecdotal story yet that didn't contain a bias. You simply can't make blanket statements, because the "threat landscape" moves over time. Say I'm a malware guy, and I write all my malware for Windows 8, ignoring Windows 7. Todd notices three infections on his Win8 machine, and only two infections on the Win7 machine. Do we conclude Win8 is less secure, or that nobody cares about Win7 (when writing malware) ? You would need to do some analysis of the "class" of attacks, see whether there are attacks that only could have happened on Windows 8 (new attack surface), to conclude it was less secure. And Microsoft has made absolutely no attempt to remove attack surfaces like ActiveX, allowing Java on the machine, letting people play Flash videos, and so on. The areas that an attack can come from, are not changing. And in that sense, the security yardstick hasn't moved at all. And the thing is, Microsoft doesn't even control all the attack surfaces. Adobe can add attack vectors, faster than Microsoft can plug them. And since when does anyone trust what a marketing person says ? :-) The PCI (credit card security) folks do. :'( I had to upgrade a bunch of perfectly functional XP Point of Sales system because of it. Oh well, as Bugs Bunny says, "It is a living!" Let's consider the addition of Metro tiles to Windows 8. Is anyone aware of an attack through that vector ? Well, the tiles all come from the Application Store, so there's an opportunity to check them. Whereas if the Metro tiles could be downloaded from CNET, who knows what would get into the machine. The Metro tile is pretty flabby, involving HTML or Javascript, so if we could get our hands on it, it would likely tip over real easy. Curation is what makes the difference there. And someone has to check those 200,000 applications in the store (or whatever the number is today), to make sure no "evil" sneaks in. Paul Everyone expect tings from the various M$ and Apple stores to be clean. I wonder how many are not. No fooling on the bias. The article I often quote from Forbes is "dripping". From what I have seen lately, their favorite vector is attachments in eMail. Like throwing infected flash drives in the parking lot of banks at night, only they throw it in the eMail. Here is a particular clever one: https://krebsonsecurity.com/2015/03/...a-tidy-profit/ -T |
#71
|
|||
|
|||
Build 10031
On 03/12/2015 04:27 PM, Slimer wrote:
On 2015-03-12 5:45 PM, T wrote: A rollback doesn't touch your documents at all. That is yet another blatant lie. Hi Shadow, You got my name wrong, your first lie in this post. What is with the name calling? Be a gentleman. If you want me to go into detail, just ask. I will give you a hint: I said nothing about documents being rolled back because I wasn't talking about documents. Think r-e-g-e-s-t-r-y. I was configuring things. Those configurations go into the registry. Goal post moved noted, lie #2. By all means, provide a link to a single one and make sure to quote the explanation as to _why_ they didn't. Look through Info Worlds archives, No evidence whatsoever to provide, lie #3. Another shameless lie. Mac OS X is by far the _slowest_ operating system I've ever used. On 4GB of RAM, Windows 7 is excellent. On 4GB of RAM, OS X is slow as molasses. I get superior performance on a Core i3 with 4GB RAM with Windows 7 running on NTFS than I could ever get on a Core i5 with 4GB RAM running OS X. Every single time I have to fix my parents' Mac Mini Core i5, I am ASTOUNDED by how slow it is. Again with the name calling. Liars deserve no less. I do not see a lot of macs, but I do see them. Their use of solid state hard drive means they kick butt speed wise over mechanical drive systems of any type. OSx is basically Posix UNIX with an (extremely) proprietary GUI on top of it. What you describe sounds like something is wrong. Do you have an Apple Store near by that you can take it to? The use of the SSD on OS X machines only allows it to run acceptably. Use that SSD with Windows and it'll fly. Apple is simply making up for horribly slow and memory-hungry OS X is by bundling most of its machines with that technology. Use a typical hard disk and you'll feel the pain. I have to set up nightly reboot on Windows servers their quality is so bad. My brother-in-law handles Windows servers and he never restarts them. You're lying yet again. Did your mother ever teach you any manners? She did, and she admitted that liars such as yourself deserve none of them. And ask him. I commonly have mine restart at 2:00 in the morning automatically. So because you do it, it means that everyone does. Right? Complete bull****. My parents' Mac Mini, under my own recommendation, was never shut down. I believed bull**** like yours for so long that I actually thought OS X could perform well for weeks or months without shutting down. Meanwhile, it becomes disgusting pig on day 2. Before that, I had a G5 iMac, G4 Powerbook and G3 iBook also slowed to a crawl if not shut down every day. My Windows 8 laptop is never shut down and meanwhile remains fast at all times. It's not because I'm a magician either. Sounds to me like there is something wrong with it. Any Apple stores near by? It's not damaged. The hard disk and everything has been tested. The OS is just slow. My students' Mac is the same way and no amount of your lies has managed to speed it up so far. That was true for Windows 8. A shutdown option was indeed available but you needed to configure it in. However, everyone is running 8.1 since a while now and your statement is no longer correct. Like everything else you said, it's complete bull****. I have to configure it in 8.1 too. And sometimes the updates set it back. Anyone else see this? Only you. Maybe you have no idea how to install 8.1? Hint: it's not in the Windows Updates. Every Windows OS can be infected if stupid users are at the helm. Which is more impacted and which is less is inconsequential. That was not the point. The point was that M$ marketing department has stated that W7 is far more secure than XP and that is one of the best reasons to upgrade. The statement is false. And you are correct. The weakest security link is the user. I don't see any difference in security between XP and 7. Considering that only 8 allows for applications to run within a walled garden and even then, only for applications in the modern interface, I can't imagine what 7 provided in terms of additional security. It had a really crappy malware protection built-in. Perhaps that's what Microsoft was referring to? Slimer, You are an ass hole. I do not wish to know you or to ever have any future contact with you. I am kill filing you. -T |
#72
|
|||
|
|||
Build 10031
T wrote:
On 03/12/2015 12:30 PM, A wrote: If only it had a decent office suite. Hi A, Libre Office is starting to come into its own. I have a number of customers now running it (mostly in Windows, some Mac and some Linux). And they have probably fixed close to 50 bugs for me now. None of them miss M$O (M$ Office). I am not even sure most of them even realize they are not running M$O. And it didn't use to be this way. Back with Open Office (who never fixed anything), I had some secretaries get so upset that they went out and bought M$O with their own money. Things have changed since Libre Office. Now people ask me about Office and I tell them, I would love to sell it to you but Libre Office is free. See if you like LO, and if not, I will sell you a copy of M$O. As of about a year ago, not a single person has wanted to go to M$O. It use to be the other way around. The big deal killer I see the most often is miserable old Quick Books. Horrible stuff, but everyone has to have it. (I wonder if M$ regrets trying to kill Quick Books with their ill fated M$ Money. Quick Books keeps folks on Windows.) -T Have you tried the OSMO personal information manager? It is the hight of simplicity and it is sweet! https://sourceforge.net/projects/osmo-pim/ I have the latest Libre Office both in Windows and Linux. I suppose I should have wrote "a decent email program". Libre Office is fine but it doesn't come with an email program like Outlook and, yes, I've tried them all and none do the job like Outlook for me. -- A |
#73
|
|||
|
|||
Build 10031
GreyCloud wrote:
T wrote: On 03/12/2015 12:11 PM, Char Jackson wrote: On Wed, 11 Mar 2015 12:37:45 -0700, T wrote: You are deceiving yourself if you think Linux is not more secure. It is open for anyone to look at. No back doors. World wide code checkers. I've heard that repeated many times over the years, and yet there have been several openSSL issues that have recently come to light, one or more of which is said to have existed for over a decade. Just because people *can* check the source doesn't necessarily mean that anyone does. Hi Char, Of course. And when they are identified, they are fixed immediately. That is one of the reasons why Linux is far more secure (in this instance, a program running on Linux). You are completely missing the point. The Open SSL issues and the way they were handled is a triumph of how the system works. Remember the Blaster virus? The vulnerability was know and published for years. The jerk that wrote the Blaster virus simply looked up what vulnerabilities had not been patched and wrote a virus for it. The scoundrels at M$ didn't patch it until someone wrote a virus for it! There is a *HUGE* difference in the way these things handled by open source and by M$. M$ would have ignored it until they were embarrassed by it, as in the blaster virus. By the way, on Mozilla's or Red Hat's bugzilla, if you check of "security", the attention you get can only be described as OH HOLY CRAP!!! (I just put a bug in on how to seize Linux and they figured out it was a security bug on their own and oh did they respond!) In Linux, if you fix a bug and write a "respectful" well documents bug report (the the appropriate Bugzilla), you get it fixed. In M$ world, who do you even report it to? "How many copies did you buy?" And yes, there are exceptions. If you have heard of the Las Vegas DEFCON conventions, then you'll be happy to hear that it is a hackers convention to see how long it takes to break into operating systems. Linux was broken in from the outside in under 20 minutes. Windows was broken into from the outside in under 5 minutes. Solaris UNIX was broken into in an hour. OpenVMS took over 2 days. So there really is no such thing as a totally secure operating system, it is just that some are harder to break in than others. Were the break ins done remotely or did the hackers have physical access to the machines? -- A |
#74
|
|||
|
|||
Build 10031
On Thu, 12 Mar 2015 15:39:09 -0700, T wrote:
On 03/12/2015 03:34 PM, Char Jackson wrote: On Thu, 12 Mar 2015 20:30:54 +0100, A wrote: Char Jackson wrote: On Wed, 11 Mar 2015 12:37:45 -0700, T wrote: You are deceiving yourself if you think Linux is not more secure. It is open for anyone to look at. No back doors. World wide code checkers. I've heard that repeated many times over the years, and yet there have been several openSSL issues that have recently come to light, one or more of which is said to have existed for over a decade. Just because people *can* check the source doesn't necessarily mean that anyone does. Linux isn't bulletproof but it's more secure than Windows. If only it had a decent office suite. Alas, maybe some day. A lot of that I think has to do with Linux users being more tech savvy as a whole than Windows users as most users are compromised by being tricked into either clicking on something they shouldn't or by being persuaded to part with their money or both. "More secure", yes, but I was primarily knocking the assumption that a lot of eyes are looking at the code because it's open source. I don't really think that's true. Hi Char, The kernel gets the most scrutiny. But anything dealing with security does to. It is not perfect, but it gets you there a lot faster. Just out of curiosity, how often do you have to tell your Windows customers to turn their computers off at night? Never. Why do you ask? |
#75
|
|||
|
|||
Build 10031
On Thu, 12 Mar 2015 16:29:27 -0700, T wrote:
On 03/12/2015 03:53 PM, Char Jackson wrote: Maybe we should just agree to disagree then, because that looks like a perfect example that disproves the presumption that 'a lot of eyes can look at the source and therefore it's more secure.' You are looking at it wrong. When it was found (those extra pair of eyes), it was fixed and announced immediately. Not always the case with M$. I think you're completely missing the point, and since we've been around the barn at least twice by now, I have to think it's intentional. And, after the patch was applied, your system still worked. How many times have you had to hold your breath after applying M$ patches? ¡Ay, caramba! I'm not one of those people who hold their breath when applying updates, so the answer is never. Ask yourself. Which do you feel safer doing "on line banking". By far, I feel safer using the OS that I use every day. That's the OS that I know and understand. |
Thread Tools | |
Display Modes | Rate This Thread |
|
|