Ralf Mardorf writes:
> On Di, 2013-12-10 at 23:54 +0100, Gian Uberto Lauri wrote:
> > Clever attacks manifest themselves a long time after the "infection" in
> > order
> > to poison backups. And backup media may fail when they are most needed.
> > That's an effect of Murphy's law :).
>
> Read about my backup strategy below.
Your strategy seems to do nothing about backup poisoning.
> Only one time in my life I lost a
> little bit, because I made a mistake, not because there was an attack. I
> mounted a partition read/write instead of read only.
That is what I mean "not to trust backup": do not think that you *are*
safe because you have backups, if all goes well a backup will save you
but it is not a magic talisman of invulnerable protection.
Of course no backup spells disaster, and your backup strategy is
excellent.
You got no attack (until now) does not imply you will never get one.
Or maybe that you never noticed one.
People like botnet owners - and these are not script kiddies - do
target anything they can turn into a bot. It is not your data, is
"pwning" your machine. For their revenue.
Back to sudo.
Let's suppose that Debian+Ubuntu get the largest share of the
installed end user desktops.
Then breaking these systems becomes automatically profitable (as for
revenue) and knowing what is the default sudo configuration could make
worthwile researching about exploiting certain weaknesses - last but
not least the fact that a very few of us is continuously paranoid
when using her everyday account.
Maybe I failed expressing that I am not completely against sudo, there
are several good sudo usages and even "caching" the authentication has
its very legitimate uses, and the -k and -K flags help a lot in this,
even if some kind of "start caching now" option could be nice...
Someting to work on...
--
/\ ___ Ubuntu: ancient
/___/\_|_|\_|__|___Gian Uberto Lauri_____ African word
//--\| | \| | Integralista GNUslamico meaning "I can
\/ coltivatore diretto di software not install
giĆ sistemista a tempo (altrui) perso... Debian"
Warning: gnome-config-daemon considered more dangerous than GOTO
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/21160.9385.777825.854...@mail.eng.it
