Date: Thu, 6 Feb 1997 15:13:53 +1100 From: davidn@unique.usn.blaze.net.au (David Nugent) To: scrappy@hub.org Cc: craig@progroup.com (Craig Shaver), karl@Mcs.Net (Karl Denninger), freebsd-chat@freebsd.org Subject: Re: Karl fulminates, film at 11. == thanks Message-ID: <19970206151353.DR42894@labs.usn.blaze.net.au> In-Reply-To: <Pine.BSF.3.95.970205163957.7224K-100000@thelab.hub.org>; from The Hermit Hacker on Feb 5, 1997 16:42:05 -0400 References: <32F8C971.794BDF32@progroup.com> <Pine.BSF.3.95.970205163957.7224K-100000@thelab.hub.org>
next in thread | previous in thread | raw e-mail | index | archive | help
The Hermit Hacker writes: > NOTE: This is based on experience with Linux in a very limited way. > A friend runs Linux and Solaris (with a FreeBSD box I slapped in) > and has more problems with breakin's on the Linux box then on any > other OS :( Probably because Linux has more exposure on the internet than for any other reason, and the fact that most Linux distributions use weak password encryption and a world-readable passwd file. A Linux system set up correctly with npasswd or shadow is not /intrinsically/ more or less "secure" than FreeBSD set up in the same manner. The only point which differentiates the two is the number of published hacks and the number of systems out there on the internet running insecure code. A claim on any other basis is ludicrous and not based on sound reasoning - more a religious issue than a point of fact. As we now know, the figure for the number of systems running insecure code in FreeBSD's case now applies to ALL 2.1.x systems which provide shell access. Of course, that's not likely to represent anywhere near the numbers of insecurely configured Linux systems on the net, but viewed as a percentage of the installed userbase of each operating system, the story is probably vastly different. I'm not trying to defend Linux here in any way, but security is a far more complex issue than what OS you happen to be running. Breaking it down in that manner doesn't do it justice. [BTW, please don't use Reply-To to redirect to mailing lists. That is intended for redirection of personal replies, not a means of redirecting followups. If you want to redirect, then post to the correct list in the first place.] Regards, David Nugent - Unique Computing Pty Ltd - Melbourne, Australia Voice +61-3-9791-9547 Data/BBS +61-3-9792-3507 3:632/348@fidonet davidn@freebsd.org davidn@blaze.net.au http://www.blaze.net.au/~davidn/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970206151353.DR42894>