sorry, here's proper link to the presentation:
https://docs.google.com/presentation/d/1_kTBIZLoT3VOGOFgTqjkQ3E0e4o_esV71RNzo4JuQI0/pub?start=false&loop=false&delayms=3000#slide=id.ge4adadaf_1_645
s.
On Sun, May 18, 2014 at 8:26 PM, Stanislav Bocinec wrote:
> Thanks for the nice comparison. I n
Thanks for the nice comparison. I never realized Debian main consists of so
many packages, i always considered default ubuntu intallation not so secure
due to universe repo enabled by default..
Here is one interesting presentation about Ubuntu trusty 14.04 security
features:
http://blog.dustinkirk
On Sunday, 2014-05-18 at 14:46:21 +0200, Moritz Mühlenhoff wrote:
> Ubuntu only provides security support for the "main" and "restricted"
> archive sections: https://wiki.ubuntu.com/SecurityTeam/FAQ#Official_Support
> But since the "universe" section is enabled by default, you'll end up
> with a l
herzogbrigit...@t-online.de schrieb:
> Hello there,
> I'm a new user of the great Debian distro for my Desktop. But when I talked
> to a friend and I told him, that I'm using Debian (Wheezy) for my desktop
> computer, he told me that I shoudn't use it because it is not secure. He told
> me to u
On 17.05.2014 21:33, Gunnar Wolf wrote:
> Joel Rees dijo [Sat, May 17, 2014 at 10:06:41PM +0900]:
>>> The problem is, that Debian lacks a page similar to:
>>> https://wiki.ubuntu.com/Security/Features
>> Is that page really useful? I mean, besides as a sort of sales brochure?
> Agree with this. It
Joel Rees dijo [Sat, May 17, 2014 at 10:06:41PM +0900]:
> > The problem is, that Debian lacks a page similar to:
> > https://wiki.ubuntu.com/Security/Features
>
> Is that page really useful? I mean, besides as a sort of sales brochure?
Agree with this. It would be nice to have such a page, but ha
Emmanuel Thierry wrote On 17-05-14 18:37:
Isn't it a better idea to use local entropy generators such as haveged instead
of online ones ?
Haveged is great, but IMHO it cannot replace a hardware PRNG.
I'm quite disturbed about using a online (and moreover third-party) service to
improve secu
Joel Rees wrote On 17-05-14 18:20:
Hmm. Early boot has problems getting enough randomness (for what?),
To seed the kernel random number generator.
so let's go get some randomness from a server somebody in the Ubuntu project set up.
I never said it was a great solution, but the lack of good
On Sun, May 18, 2014 at 1:50 AM, Sven Bartscher
wrote:
> On Sun, 18 May 2014 01:36:44 +0900
> Joel Rees wrote:
>
>> >> There are more reasons than the X11 hole to refrain from using your
>> >> admin user to surf the web.
>> >
>> > Just out of curiosity, what are these reasons?
>>
>> Your browser
Lucky you, but not everyone, especially outside of Germany, has access to
secure technology for banking.
On 17. Mai 2014 19:03:41 MESZ, Sven Bartscher
wrote:
>On Sat, 17 May 2014 18:57:35 +0200
>Franz Brandl wrote:
>
>> May be off topic, but IMO one should use an OS booted from DVD or
>write
On Sat, 17 May 2014 18:57:35 +0200
Franz Brandl wrote:
> May be off topic, but IMO one should use an OS booted from DVD or write
> protected USB Stick for online banking.
Assuming that no remote attacker can plug my HBCI-cardreader into the
USB-HUB, I think that is not necessary.
> On 17. Mai
Le 17/05/2014 18:38, Jan Moskyto Matejka a écrit :
>> I might be misinterpreting your definition of "meaningful", but I
>> have been looking for a public entropy source for my Debian system
>> for quite a while. If you can point me to the Debian equivalent of
>> pollinate and https://entropy.ubuntu
May be off topic, but IMO one should use an OS booted from DVD or write
protected USB Stick for online banking.
On 17. Mai 2014 18:50:42 MESZ, Sven Bartscher
wrote:
>On Sun, 18 May 2014 01:36:44 +0900
>Joel Rees wrote:
>
>> >> There are more reasons than the X11 hole to refrain from using
>yo
On Sun, 18 May 2014 01:36:44 +0900
Joel Rees wrote:
> >> There are more reasons than the X11 hole to refrain from using your
> >> admin user to surf the web.
> >
> > Just out of curiosity, what are these reasons?
>
> Your browser and any plugins, addons, etc. that it loads, including
> java, fla
Hello,
Le 17 mai 2014 à 17:34, Richard van den Berg a écrit :
> Joel Rees wrote On 17-05-14 03:19:
>>> He gave me a link to the following site:
>>> https://wiki.ubuntu.com/Security/Features
>> None of the meaningful items in that list are unavailable on Debian, and
>> the defaults are reasonably
> I might be misinterpreting your definition of "meaningful", but I
> have been looking for a public entropy source for my Debian system
> for quite a while. If you can point me to the Debian equivalent of
> pollinate and https://entropy.ubuntu.com/ that would be highly
> appreciated.
To transport
On Sun, May 18, 2014 at 1:24 AM, Sven Bartscher
wrote:
> On Sun, 18 May 2014 01:09:06 +0900
> Joel Rees wrote:
>
>> On Sat, May 17, 2014 at 10:39 PM, Sven Bartscher
>> wrote:
>> > On Sat, 17 May 2014 11:44:56 +
>> > Patrick Schleizer wrote:
>> >
>> >> After reading the following blog post
>
On Sun, 18 May 2014 01:09:06 +0900
Joel Rees wrote:
> On Sat, May 17, 2014 at 10:39 PM, Sven Bartscher
> wrote:
> > On Sat, 17 May 2014 11:44:56 +
> > Patrick Schleizer wrote:
> >
> >> After reading the following blog post
> >>
> >> http://theinvisiblethings.blogspot.fr/2011/04/linux-securi
On Sat, May 17, 2014 at 11:18 PM, Reid Sutherland wrote:
>>>
>>> That's a good list of all the currently fashionable "security"
>>> features for Linux. Some of the items in the list are meaningful,
>>> some are not. Most might be if you know what you are doing with them.
>>> None of the meaningful
On Sun, May 18, 2014 at 12:34 AM, Richard van den Berg
wrote:
> Joel Rees wrote On 17-05-14 03:19:
>>>
>>> He gave me a link to the following site:
>>> https://wiki.ubuntu.com/Security/Features
>>
>> None of the meaningful items in that list are unavailable on Debian, and
>>
>> the defaults are re
On Sat, May 17, 2014 at 10:39 PM, Sven Bartscher
wrote:
> On Sat, 17 May 2014 11:44:56 +
> Patrick Schleizer wrote:
>
>> After reading the following blog post
>>
>> http://theinvisiblethings.blogspot.fr/2011/04/linux-security-circus-on-gui-isolation.html
>>
>> it seems to me, that user accoun
Heh. I took the bait on this one.
On Sat, May 17, 2014 at 8:44 PM, Patrick Schleizer wrote:
> Joel Rees:
>>> He told me to use Ubuntu instead. He explained that with the fact,
>>> that Ubuntu has more security features enabled than Debian (also
>>> more compiler flags for security) in a fresh ins
Joel Rees wrote On 17-05-14 03:19:
He gave me a link to the following site:
https://wiki.ubuntu.com/Security/Features
None of the meaningful items in that list are unavailable on Debian, and
the defaults are reasonably secure in Debian.
I might be misinterpreting your definition of "meaningfu
> The problem is, that Debian lacks a page similar to:
> https://wiki.ubuntu.com/Security/Features
>
> As you can see, that https://wiki.ubuntu.com/Security/Features page
> looks impressive to new users. I guess Debian is losing a few users to
> Ubuntu, because Debian does not have such a page.
Mo
>>
>> That's a good list of all the currently fashionable "security"
>> features for Linux. Some of the items in the list are meaningful,
>> some are not. Most might be if you know what you are doing with them.
>> None of the meaningful items in that list are unavailable on Debian,
>> and the def
On Sat, 17 May 2014 11:44:56 +
Patrick Schleizer wrote:
> After reading the following blog post
>
> http://theinvisiblethings.blogspot.fr/2011/04/linux-security-circus-on-gui-isolation.html
>
> it seems to me, that user account level isolation isn't very strong.
A very helpful link. I wasn
On Sat, May 17, 2014 at 8:44 PM, Patrick Schleizer wrote:
> Joel Rees:
>>> He told me to use Ubuntu instead. He explained that with the fact,
>>> that Ubuntu has more security features enabled than Debian (also
>>> more compiler flags for security) in a fresh install. He gave me a
>>> link to the
Joel Rees:
>> He told me to use Ubuntu instead. He explained that with the fact,
>> that Ubuntu has more security features enabled than Debian (also
>> more compiler flags for security) in a fresh install. He gave me a
>> link to the following site:
>> https://wiki.ubuntu.com/Security/Features
>>
On Sat, May 17, 2014 at 4:38 AM, herzogbrigit...@t-online.de
wrote:
> Hello there,
> I'm a new user of the great Debian distro for my Desktop. But when I talked
> to a friend and I told him, that I'm using Debian (Wheezy) for my desktop
> computer, he told me that I shoudn't use it because it is
On Sat, May 17, 2014 at 6:41 AM, Reid Sutherland wrote:
> [response shifted to conversational format]
> On May 16, 2014, at 3:38 PM, herzogbrigit...@t-online.de wrote:
>
>> Hello there,
>> I'm a new user of the great Debian distro for my Desktop. But when I talked
>> to a friend and I told him, t
From my view, Debian is designed to be flexible and does not impose any
unnecessary features on the user. For this reason, I find it is best for new
users to operate distributions that are more targeted to their needs.
Distributions such as Ubuntu come with reasonable defaults for the market t
On 05/16/2014 04:11 PM, Riku Valli wrote:
On 16.05.2014 22:38, herzogbrigit...@t-online.de wrote:
Hello there,
Hi
There is some info
https://www.debian.org/releases/stable/amd64/release-notes/ch-whats-new.en.html#hardening
http://www.ubuntu.com/about/about-ubuntu/ubuntu-and-debian
https://
On 16.05.2014 22:38, herzogbrigit...@t-online.de wrote:
> Hello there,
Hi
There is some info
https://www.debian.org/releases/stable/amd64/release-notes/ch-whats-new.en.html#hardening
http://www.ubuntu.com/about/about-ubuntu/ubuntu-and-debian
https://wiki.ubuntu.com/DebianImportFreeze
Practica
Hello there,
I'm a new user of the great Debian distro for my Desktop. But when I talked to
a friend and I told him, that I'm using Debian (Wheezy) for my desktop
computer, he told me that I shoudn't use it because it is not secure. He told
me to use Ubuntu instead. He explained that with the fa
34 matches
Mail list logo
