On February 23, 2004 09:17 am, Aaron J. Seigo wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On February 23, 2004 08:44, Jason Van Dellen wrote: > > The results were suprising to me, what do you think? > > > > http://slashdot.org/article.pl?sid=04/02/21/142239&mode=thread > > surprising unless you think about it for about 2 seconds. > > first off, the mi2g's "research" is flawed, as has been pointed out how > many times in the past in various places? here's the cheat sheet: > > o they don't discuss methodology, including what their sample set was. > this makes accurately interpreting their numbers impossible. > > o they dismiss automated attacks, as if those don't count. trust me, they > do. > > o they don't define the type of "breaches" counted, what software was > affected, where the sstems existed (profile is often important, especially > in non-automated attacks), etc... look at the recent wave of phpNuke > attacks. would those count as breaches? are they really Linux breaches? or > is that an OS agnostic attack that just happens to land most often on a > Linux box due to deployment? is this an indictment of PHP and/or PHPNUke, > which runs on Windows just as handily? > > basically, this report is, IMHO, rubbish. i don't know what mi2g's angle > is, but then if their website were actually working perhaps i'd be able to > find out. =P
Maybe someone hacked their exceptionally secure website...they are, after all, obviously experts....... > > but they are correct about one thing: Linux adoption is rising fast. the > number of users with security knowledge is being diluted. help newbies > install software securely (regardless of the OS) and encourage automated > sofwtare updated. help ensure a secure network in your area for everyone. > the Linux distros are doing their part by not installing and starting every > daemon under the sun ala 1999, but there's still a part to be played by us > the users. > > > - -- > Aaron J. Seigo > GPG Fingerprint: 8B8B 2209 0C6F 7C47 B1EA EE75 D6B7 2EB1 A7F1 DB43 > while (!horse()); cart(); > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux) > > iD8DBQFAOiez1rcusafx20MRAvk6AJ0YVd6coAkjLGaRxZuDP+vWAI/5ZwCbB2B/ > mfORN4LPJozHqUPn5N/EIJY= > =nNhb > -----END PGP SIGNATURE----- > > _______________________________________________ > clug-talk mailing list > [EMAIL PROTECTED] > http://clug.ca/mailman/listinfo/clug-talk_clug.ca -- Nick W (nickw77 at shaw.ca) Registered Linux User #324288 (http://counter.li.org) MSN Messenger: [EMAIL PROTECTED] Yahoo: foolish_gambit ICQ: 303276221 It's not our fault, we're outnumbered by stupid people ten to one. _______________________________________________ clug-talk mailing list [EMAIL PROTECTED] http://clug.ca/mailman/listinfo/clug-talk_clug.ca
