On 17.05.2014 21:33, Gunnar Wolf wrote:
> Joel Rees dijo [Sat, May 17, 2014 at 10:06:41PM +0900]:
>>> The problem is, that Debian lacks a page similar to:
>>> https://wiki.ubuntu.com/Security/Features
>> Is that page really useful? I mean, besides as a sort of sales brochure?
> Agree with this. It
On Sun, 2014-05-18 at 01:41 +, Patrick Schleizer wrote:
> Got started:
> https://wiki.debian.org/Security/Features
>
> Anyone knows how to view (as a non-admin) the wiki markup of
> https://wiki.ubuntu.com/Security/Features ? (I would like to learn by
> example how wiki tables are made in moi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
herzogbrigit...@t-online.de:
>> Yes it would be great if you can start with such a page. Use the
>> Ubuntu table as a template to start. I'll try to help as much as
>> I can in the wiki. Many Linux-Distros have a security features
>> page in their
So, ...
On Sun, May 18, 2014 at 2:32 AM, herzogbrigit...@t-online.de
wrote:
>
>> Paul Wise recently started a thread on this mailing list:
>
>> goals for hardening Debian: ideas and help wanted
>
>> What about making a wiki page in Debian wiki listing what's
>
>> implemented with references?
>
>>
On Sat, May 17, 2014 at 07:32:03PM +0200, herzogbrigit...@t-online.de wrote:
< Deleted bunch of HTML, most of it formatting which I'm sure had some
text, but lost patience parsing >
Could you try that again in plain text, please?
Cheers,
Tom
--
Pascal is not a high-level language.
Joel Rees dijo [Sat, May 17, 2014 at 10:06:41PM +0900]:
> > The problem is, that Debian lacks a page similar to:
> > https://wiki.ubuntu.com/Security/Features
>
> Is that page really useful? I mean, besides as a sort of sales brochure?
Agree with this. It would be nice to have such a page, but ha
Emmanuel Thierry wrote On 17-05-14 18:37:
Isn't it a better idea to use local entropy generators such as haveged instead
of online ones ?
Haveged is great, but IMHO it cannot replace a hardware PRNG.
I'm quite disturbed about using a online (and moreover third-party) service to
improve secu
Joel Rees wrote On 17-05-14 18:20:
Hmm. Early boot has problems getting enough randomness (for what?),
To seed the kernel random number generator.
so let's go get some randomness from a server somebody in the Ubuntu project set up.
I never said it was a great solution, but the lack of good
> Paul Wise recently started a thread on this mailing list:
> goals for hardening Debian: ideas and help wanted
> What about making a wiki page in Debian wiki listing what's
> implemented with references?
> If you wish, I can try to start that table. I would be interested
> myself what's impl
On Sun, May 18, 2014 at 1:50 AM, Sven Bartscher
wrote:
> On Sun, 18 May 2014 01:36:44 +0900
> Joel Rees wrote:
>
>> >> There are more reasons than the X11 hole to refrain from using your
>> >> admin user to surf the web.
>> >
>> > Just out of curiosity, what are these reasons?
>>
>> Your browser
Lucky you, but not everyone, especially outside of Germany, has access to
secure technology for banking.
On 17. Mai 2014 19:03:41 MESZ, Sven Bartscher
wrote:
>On Sat, 17 May 2014 18:57:35 +0200
>Franz Brandl wrote:
>
>> May be off topic, but IMO one should use an OS booted from DVD or
>write
On Sat, 17 May 2014 18:57:35 +0200
Franz Brandl wrote:
> May be off topic, but IMO one should use an OS booted from DVD or write
> protected USB Stick for online banking.
Assuming that no remote attacker can plug my HBCI-cardreader into the
USB-HUB, I think that is not necessary.
> On 17. Mai
Le 17/05/2014 18:38, Jan Moskyto Matejka a écrit :
>> I might be misinterpreting your definition of "meaningful", but I
>> have been looking for a public entropy source for my Debian system
>> for quite a while. If you can point me to the Debian equivalent of
>> pollinate and https://entropy.ubuntu
May be off topic, but IMO one should use an OS booted from DVD or write
protected USB Stick for online banking.
On 17. Mai 2014 18:50:42 MESZ, Sven Bartscher
wrote:
>On Sun, 18 May 2014 01:36:44 +0900
>Joel Rees wrote:
>
>> >> There are more reasons than the X11 hole to refrain from using
>yo
On Sun, 18 May 2014 01:36:44 +0900
Joel Rees wrote:
> >> There are more reasons than the X11 hole to refrain from using your
> >> admin user to surf the web.
> >
> > Just out of curiosity, what are these reasons?
>
> Your browser and any plugins, addons, etc. that it loads, including
> java, fla
Hello,
Le 17 mai 2014 à 17:34, Richard van den Berg a écrit :
> Joel Rees wrote On 17-05-14 03:19:
>>> He gave me a link to the following site:
>>> https://wiki.ubuntu.com/Security/Features
>> None of the meaningful items in that list are unavailable on Debian, and
>> the defaults are reasonably
> I might be misinterpreting your definition of "meaningful", but I
> have been looking for a public entropy source for my Debian system
> for quite a while. If you can point me to the Debian equivalent of
> pollinate and https://entropy.ubuntu.com/ that would be highly
> appreciated.
To transport
On Sun, May 18, 2014 at 1:24 AM, Sven Bartscher
wrote:
> On Sun, 18 May 2014 01:09:06 +0900
> Joel Rees wrote:
>
>> On Sat, May 17, 2014 at 10:39 PM, Sven Bartscher
>> wrote:
>> > On Sat, 17 May 2014 11:44:56 +
>> > Patrick Schleizer wrote:
>> >
>> >> After reading the following blog post
>
On Sun, 18 May 2014 01:09:06 +0900
Joel Rees wrote:
> On Sat, May 17, 2014 at 10:39 PM, Sven Bartscher
> wrote:
> > On Sat, 17 May 2014 11:44:56 +
> > Patrick Schleizer wrote:
> >
> >> After reading the following blog post
> >>
> >> http://theinvisiblethings.blogspot.fr/2011/04/linux-securi
On Sat, May 17, 2014 at 11:18 PM, Reid Sutherland wrote:
>>>
>>> That's a good list of all the currently fashionable "security"
>>> features for Linux. Some of the items in the list are meaningful,
>>> some are not. Most might be if you know what you are doing with them.
>>> None of the meaningful
On Sun, May 18, 2014 at 12:34 AM, Richard van den Berg
wrote:
> Joel Rees wrote On 17-05-14 03:19:
>>>
>>> He gave me a link to the following site:
>>> https://wiki.ubuntu.com/Security/Features
>>
>> None of the meaningful items in that list are unavailable on Debian, and
>>
>> the defaults are re
On Sat, May 17, 2014 at 10:39 PM, Sven Bartscher
wrote:
> On Sat, 17 May 2014 11:44:56 +
> Patrick Schleizer wrote:
>
>> After reading the following blog post
>>
>> http://theinvisiblethings.blogspot.fr/2011/04/linux-security-circus-on-gui-isolation.html
>>
>> it seems to me, that user accoun
Heh. I took the bait on this one.
On Sat, May 17, 2014 at 8:44 PM, Patrick Schleizer wrote:
> Joel Rees:
>>> He told me to use Ubuntu instead. He explained that with the fact,
>>> that Ubuntu has more security features enabled than Debian (also
>>> more compiler flags for security) in a fresh ins
Joel Rees wrote On 17-05-14 03:19:
He gave me a link to the following site:
https://wiki.ubuntu.com/Security/Features
None of the meaningful items in that list are unavailable on Debian, and
the defaults are reasonably secure in Debian.
I might be misinterpreting your definition of "meaningfu
> The problem is, that Debian lacks a page similar to:
> https://wiki.ubuntu.com/Security/Features
>
> As you can see, that https://wiki.ubuntu.com/Security/Features page
> looks impressive to new users. I guess Debian is losing a few users to
> Ubuntu, because Debian does not have such a page.
Mo
>>
>> That's a good list of all the currently fashionable "security"
>> features for Linux. Some of the items in the list are meaningful,
>> some are not. Most might be if you know what you are doing with them.
>> None of the meaningful items in that list are unavailable on Debian,
>> and the def
On Sat, 17 May 2014 11:44:56 +
Patrick Schleizer wrote:
> After reading the following blog post
>
> http://theinvisiblethings.blogspot.fr/2011/04/linux-security-circus-on-gui-isolation.html
>
> it seems to me, that user account level isolation isn't very strong.
A very helpful link. I wasn
You are free to educate yourself on the security features listed. If you have
trouble understanding their function, it’s best you leave the decision of
security to someone with greater experience and use a distribution that takes
care of it for you.
Again, Debian is not going to handhold you.
On Sat, May 17, 2014 at 7:38 PM, herzogbrigit...@t-online.de
wrote:
> Thank you for all your replies.
> I understand that the user is important for security, but it's a difference
> whether you start from scratch or you can work with somethink prebuilt. So,
> could you tell me, which of the foll
On Sat, May 17, 2014 at 8:44 PM, Patrick Schleizer wrote:
> Joel Rees:
>>> He told me to use Ubuntu instead. He explained that with the fact,
>>> that Ubuntu has more security features enabled than Debian (also
>>> more compiler flags for security) in a fresh install. He gave me a
>>> link to the
> Please, honestly, do you know what every features in this list does, how
> they could be benefit for you and in which way ?
>
> Or did your choice will *only* be based on the number of
> supported/enabled features ?
Whatever the reason, this question deserves an answer.
>
>
> Le 17/05/2014 12:3
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
It would however be useful for Debian administrators interested in
security to know somehow what these features do, under what
circumstances they would be useful, and how to enable them in Debian. I
found the Hardening Debian guides on the wiki (link
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
herzogbrigit...@t-online.de:
> Thank you for all your replies. I understand that the user is
> important for security, but it's a difference whether you start
> from scratch or you can work with somethink prebuilt. So, could you
> tell me, which of t
Joel Rees:
>> He told me to use Ubuntu instead. He explained that with the fact,
>> that Ubuntu has more security features enabled than Debian (also
>> more compiler flags for security) in a fresh install. He gave me a
>> link to the following site:
>> https://wiki.ubuntu.com/Security/Features
>>
Please, honestly, do you know what every features in this list does, how
they could be benefit for you and in which way ?
Or did your choice will *only* be based on the number of
supported/enabled features ?
Le 17/05/2014 12:38, herzogbrigit...@t-online.de a écrit :
> Thank you for all your repl
Thank you for all your replies.
I understand that the user is important for security, but it's a difference
whether you start from scratch or you can work with somethink prebuilt. So,
could you tell me, which of the following securit features are enabled in
Debian by default and which I have to
36 matches
Mail list logo
