I'm packing it up and sending it back

[Alias]

Which I have been telling users that call in to the call center where I
work that while it is possible to disable the prompts (they do ask about
it) I don't recommend it. It helps to prevent stuff like spyware from
installing on their own.

In all fairness to Microsoft, I predict that UAC will be changed with a
service pack or update.

He is referring to someone determining the password for the root user
account. The account on linux and unix referred to as "god". Controls
everything in the system regardless of permission status. Has more
control than even the Administrator account on any windows platform.
That account must has a secure password. The key here though is never
allow a remote user to login as root. When I secured up a VPS that I
was playing around with that was one of the first things. I was still
securing it while a bunch of people hammered it attempts to login which
all failed. Granted they were trying the wrong username. I mean what
is the point of trying Administrator on a server running Linux? I
thought about just creating one just to see what they would of done with it.

I don't do remote user trips.

One thing that I will point out is that there is never a 100% secure
system. It won't matter what platform it is running on. It could be
Linux, Unix, any BSD flavor, Mac OS, Windows, or Solaris and still can
be broken in and taken advantage of. There is always a security issue
or a loophole somewhere. The best that can happen is the user takes
measures to prevent such from happening. A firewall is a good first
line to prevent someone from gaining access to a computer.

I have a nat firewall. I stand corrected; it is *possible* to get a
nasty with Linux or have your computer taken over but highly unlikely.
In the even that it gets trashed with beasties, reinstalling Ubuntu is a
less than two hours chore, most of which is downloading and installing
updates and requires no user input.

Alias

 

[arachnid]

New ways to apologise? Guess who harped on the most about hardware vendors
not playing fair regarding drivers....

LINUX DEVELOPERS.

I also seem to recall all you Windows users screaming that failure to
support hardware was the operating system's fault. Now that it's Windows
not supporting the hardware, responsibility has magically shifted to the
hardware manufacturers.

 

[John Locke]

I also seem to recall all you Windows users screaming that failure to
support hardware was the operating system's fault. Now that it's Windows
not supporting the hardware, responsibility has magically shifted to the
hardware manufacturers.

It seems to me that Microsoft should be the one that has to conform to
driver & hardware designs. But its the other way around...Microsoft is
literally dictating how drivers are to be written and how hardware
is to be designed. AACS (Advanced Access Content System) is
definitely having a huge impact on manufacturers of video
cards....must be driving them nuts to have to conform to that crap.

 

[arachnid]

Actually the public reason for MS to delay Vista that last time was so
that hardware vendors actually would be ready with their drivers and
software, the vendors asked MS for that. And yet no one really did that.
And honestly if you look at just Vista as an OS it is superb but the third
parties still got a loong way to go, and that's when people will start to
change their view. Seriously, not every failure is Microsoft's fault,
actually a very small percentage actually is.

I disagree. Microsoft should have seen this coming ten years ago. As the
powerful monopoly they are, they could have insisted either on source code
for all Windows drivers being escrowed with them, or on a legally binding
agreement by hardware vendors to update their drivers with each new OS.

 

[arachnid]

Where is the WMA support? Where is the Realplayer support? Where is the
Quicktime support? Why do I have to install an illegal library to watch
a CSS encoded commercial DVD?

Many commercial codecs can't be packaged with other software unless the
vendor buys a rather expensive license, but can be legally downloaded for
free by individuals. For the rest, Linux users can purchase legitimate
licenses at <https://shop.fluendo.com>. Also, users can always buy one of
the commercial consumer distro's such as Linspire or SuSE, which include
legally licensed codecs in their price.

 

[Shane Nokes]

Why would you say that norm?

There are attacks on Linux boxes, just not as many.

Same with OSX, less attacks, but it's getting to be larger (and OSX is a
Unix variant)

The larger the install base, the larger the number of attacks, it's just
simple mathematics.


Wait until the day when some Linux distro starts getting a larger share (yes
it will happen someday), and you will see a larger number of attacks.

 

[Joe Grover]

Exactly. I remember when Firefox was new and people lauded it as incredibly
secure, but once more patches per month were released for Firefox than IE
(which made sense as IE had been around a lot longer to have such things
patched) I saw the term "security through obscurity" tossed around. I'll
never forget that term.

 

[Tom Lake]

Exactly. I remember when Firefox was new and people lauded it as
incredibly secure, but once more patches per month were released for
Firefox than IE (which made sense as IE had been around a lot longer to
have such things patched) I saw the term "security through obscurity"
tossed around. I'll never forget that term.

Up until now, that's what Apple's been relying on. With their new
popularity, though,
more virus writers may start targeting OSX.

Tom Lake

 

[Ronnie Vernon MVP]

Tom

It's not necessarily their new popularity, which is still miniscule compared
to the PC, that is driving the new attacks on OSX. It's the negative effect
of the Apple advertising campaign. The virus writers and hackers are seeing
this as a new challenge.

 

[norm]

Why would you say that norm?

Because I believe that the numbers of attacks on linux (however few or
many) do not and will not have any direct correlation on the success of
such attacks. I am a relative neophyte in the use of linux, but based on
my understanding of what I have heard and read, the os simply does not
lend itself to easy compromise, and even if compromised, would not be
easily turned into a vectoring device for the spread of such a
compromise. It would be foolhardy to never say never, but the number of
years the os has been in use certainly should have provided ample
opportunity for a really hellbent virus writer (or several) to come up
with something that would forever make him/her famous (or rich).
Again, ymmv.