-----Original Message----- From: CaT [mailto:[EMAIL PROTECTED] Sent: Sunday, July 22, 2001 1:11 AM To: Jacob Meuser Cc: debian-security@lists.debian.org Subject: Re: red worm amusement
<quote>No machine is 100% secure, except those machines that do not exist. Anyone who thinks their box is 100% secure has rocks in their heads, regardless what OS they are running.</quote> Don't mean to sound like an annoyance, but I have a 100% secure computer. It's currently dissasembled, with the parts stored in different containers, and no OS on the hard drive. Crack that! Sorry, just a poor stab at humor. While I've always been proud that the debian list has pretty much been better than any other list at keeping flame wars to a minimum, today is an exception. At times this latest thread has become "well, my cock is bigger, so I'm more right than you!". Yes, maybe daemons should ask to be started during startup, or prompt to be configured like exim. But who's to say that a new user won't choose an option that leads them to be vulnerable. When I first started I *know* I made some big mistakes. Maybe Debian should have some firewall rules that are run to block vulnerable services when they are installed and then tell you how to unblock them. Maybe a billion different ways it could be, but it's not. I must commend the Debian team for maintaining the best distro, IMNSHO. I thought the Debian community was better than the others due to the fact that we work together to come up with ideas, not thinking 'My Way(tm)' is the only good option. So far all the points brought up have been valid and very arguable. The problem is that it's turning into a 'your idea sucks' pissing match. The best idea is to gather all the ideas and pick the best way to do things. Maybe the way it's currently done was the best of the ideas at the time. Trying to get amy package maintainers to redo their packages at the snap of a finger is ridiculous. Maybe we should try putting our heads together and find the best solution to securely installing/configuring/starting daemons, and then present that to the Debian team? Maybe someone has a better idea than I do on how to get stuff changed. The point is to work together! All flames are welcome is you are so inclined. But please email me directly, and me only. Do not reply, CC/BCC the list directly if you really need to get some aggression out. Thanks! Steven Beverly "I am the Illustrious Postmaster and Grand Poobah of Electronic Transmissions" -Mary Jo Pehl, MST3K "He who fights with monsters should look to it that he himself does not become a monster...when you gaze long into the abyss the abyss also gazes into you." -Friedrich Nietzsche
