Re: Does Redmond Control Your Computer Remotely?

 

"Adam Albright" asked...

> <here@home.again> wrote:

>>

>>No, I'm just a crusty old office worker tired of you blow hard blustering

>>about it instead of actually doing something about it. I'm in here to see

>>if

>>there are any neat tweaks I missed for Vista, not argue whether or not

>>Vista

>>is right for anyone else.

>>

>

> Blowhard is one word. What exactly do you expect me to do about

> Microsoft? Please explain.

>

 

 

Ok, genius, here you go. You spouted off about being so experienced a

witness in fed/state courts, let's see "Adam Albright Vs Microsoft"

challenge the EULA, Activation, WGA and UAC. If you're so frickin' familiar

with the courts, why don't you stand up for our rights and make a

difference, instead of shoving your views down our throats. If you dedicated

the same time and energy to a legal battle, instead whining about it in

here, then maybe you would get your views into the newspapers, too. If MVP

status was awarded on posting volume alone, I have no doubt you would top

the list. Either get off your butt and put your money where your mouth is,

or just S T F U, please!

dennis@home wrote:

>>>>>> Yes, you would know quickly enough.

>>>>>> Many good people around that actually read the code, and ring

>>>>>> alarmbells is stealthy things are happening in Ubuntu (or every

>>>>>> GNU/Linux distro for that matter).

>>>>>>

>>>>>> This is a HUGE difference.

>>>>>

>>>>> The past says that is just not true.

>>>>

>>>> ???

>>>>

>>>>> If it were true there would be no bugs, and they have existed and

>>>>> still exist in open source code.

>>>>

>>>> How do you conclude that there are NO bugs if a few people look at

>>>> the open source code?

>>>> I am not claiming GNU/Linux contains no bugs. Of course it does!

>>>>

>>>> I am only saying that the nature of the process (of open sourcecode

>>>> ) makes it almost impossible to put in stealthy/spylike stuff.

>>>> Sooner or later somebody will discover this.

>>>> In many cases: sooner.

>>>

>>> Just as they found the bugs that are still there?

>>

>> To be honest: I get the impression you cannot name one bug on a *nix

>> system because you never touched one.

>

> I have written kernel code in Unix before but why would that make it so

> I should be able to name bugs?

> I have found some and had them fixed by Unix providers too but I still

> don't know their names.

> Maybe you have pet names for them?.. I do not.

 

Hi Dennis,

 

So my assumption you never touched one was clearly wrong.

I appologize for my nasty tone.

I admit I was getting a little irritated by some idiots posting in this

thread, and took it out on you. My bad. Sorry.

 

>

>> But I am sure you can Google up a few.

>

> My ability to use google or not doesn't have any effect on the existence

> of the bugs.

> However your inability to use google is clouding your judgement and you

> are just toeing the party line when you say the code being published

> makes it impossible for there to be malicious code it there.

 

Not impossible, simply very hard to hide if the sourcecode is out in the

wild for all to see.

 

To put thing back in perspective:

Does Redmond control our computers?

WU updates your computer without your knowledge or approval.

I claim it is very hard to know as a Vista user WHAT is getting

installed on my computer. For all I know they installed the latest

greatest backdoor.

 

I also claim this is a problem because nobody except the guys at M$

understand what this update does.

 

Then I claim pulling similar tricks is a lot harder when on a OS that

has all the sourcecode open to see/inspect/compile/whatever you want to

do with it.

 

You counter that by claiming bugs exists in GNU/Linux.

I agree 100% to that. They exist.

 

The bottomline for me simply that the sourcecode is open for inspection

for the world at large (of course, for all practical reasons, only for

people who know enough of the matter.)

No secrecy.

With proprietary code, like that stuff MS pushed into our troats via

their latest WU trick, I know it is impossible for me to ever understand

WHAT is updated on my PC.

 

Isn't that a huge difference for you?

>>> What you say doesn't fit with real life.

>>

>> I don't know where your 'real life' is, but it must be somewhere else

>> than where I am.

>>

>> How many exploits/backdoors/etc are released for W$ OS, and how many

>> on nixes?

>

> That is totally irrelevant.

> Why is it when the faults in unix that you claim don't exist are pointed

> out, you result to comparing it to something else?

 

Where excactly did I claim no faults exists in *nix?

If I claimed so, I surely don't agree with myself.

 

And it is NOT irrelevant.

I think it is damned relevant how easily my PC gets cracked.

If M$ decide to open up some backdoor that decides it is time to update

my PC, even if I told Vista not to, I get quite scared.

How is it set up?

What is triggering this update?

What else is my computer broadcasting to M$ headoffice?

 

So, for me, the number/severity of exploits found in an OS is relevant.

This automagically updating of WU isn't really helping to get the fear

out my computer can be monitored/exploited/hacked/whatever from a distance.

>

>>

>> Why the huge difference?

>>

>>> If these people really can exaimin the code and understand it they

>>> would also find the bugs..

>>

>> I can tell you are not a programmer by profession. I am.

>> A bug ranges from a stupid typo in the sourcecode to a very obscure

>> seldom seen behaviour.

>> Depending on how you look at it you can say most code contains bugs.

>>

>> The ultimate bottomline is how bad the bug is. Will the app fail is

>> some seldom met situation (eg on a W95 OS, running a particular

>> printer), or will the bug open up unforseen admin-blessed

>> authentication for everybody who approaches the computer via the net?

>

> It has nothing at all to do with this argument.

> It quite simple..

> you claim that because the code is published it is impossible to hide

> malicious code..

> I say it is not.

 

I don't say impossible. I say it is hard.

And for major distros it is REALLY HARD to engineer a complete

backdoorsystem into it. Chances are that somebody sees it.

Impossible? No

Very hard? Yes.

 

> I have offered the fact that the people that can view the code don't

> find the bugs so why would they find a bit of malicious code?

> You just try and divert the argument onto something else.

 

Do I?

Into what excactly?

I keep trying to keep the focus of this WU update discussion on the

difference between 'open/free code' approach to the 'proprietary code'

approach.

 

I don't know about you, but I find the chances that a bunch of gnu/linux

developers oversee bugs/spyware (on purpose because they are all

badguys, or because they just don't see it) a lot smaller than the

chances of M$ developers overseeing it. I also don't see a lot of reason

to trust the people of M$. They are in it for the money.

 

All in all, for me, a good reason to put greater trust in the quality,

and lack of spyware, in open source/free software than in M$.

 

>

>>

>> As far as building in Spyware: I repeat this is almost impossible for

>> all major *nix distros.

>

> Well thats a change it was impossible earlier.

 

If I used impossible earlier, I was wrong. I mean it is a LOT harder and

chances to get caught are big.

 

>

>>

>> Nobody stops you from building your distro that contains tons of

>> spyware, but untill now, none were seen.

>> As for W$....

>>

>> Once again: I want to stress that the nature of having your sourcecode

>> open in the wild makes the software better.

>

> There is little evidence to support this..

> The source code for the telephone exchange I worked on is not published

> but its far more reliable than any published code that you can show me.

> So you can forget that argument as I know its not true.

 

Well, how can I argument against that. -)

You say you have worked on software which nobody can check, and say it

is a lot better than something else.

>

>> as you know they don't find the bugs so why do you

>>> have so much faith in them finding a few lines of malicious code?

>>

>> That is hard to explain to a non programmer.

>> So you'll have to take my word for it, but I doubt you will.

>

> I doubt if anything you "know" could convince me.. I have decided that I

> can't trust what you say.

 

Fine with me. Not a lot you 'know' convinced me so far either...

 

So lets focus on the argument, and simply not take each other word for it.

 

Regards,

Erwin Moller

Re: Does Redmond Control Your Computer Remotely?

 

On Mon, 17 Sep 2007 11:47:07 -0400, <here@home.again> wrote:

>"Adam Albright" asked...

>> <here@home.again> wrote:

>>>

>>>No, I'm just a crusty old office worker tired of you blow hard blustering

>>>about it instead of actually doing something about it. I'm in here to see

>>>if

>>>there are any neat tweaks I missed for Vista, not argue whether or not

>>>Vista

>>>is right for anyone else.

>>>

>>

>> Blowhard is one word. What exactly do you expect me to do about

>> Microsoft? Please explain.

>>

>

>

>Ok, genius, here you go. You spouted off about being so experienced a

>witness in fed/state courts, let's see "Adam Albright Vs Microsoft"

>challenge the EULA, Activation, WGA and UAC. If you're so frickin' familiar

>with the courts, why don't you stand up for our rights and make a

>difference, instead of shoving your views down our throats. If you dedicated

>the same time and energy to a legal battle, instead whining about it in

>here, then maybe you would get your views into the newspapers, too. If MVP

>status was awarded on posting volume alone, I have no doubt you would top

>the list. Either get off your butt and put your money where your mouth is,

>or just S T F U, please!

 

Feel better now fool?

"Erwin Moller"

<Since_humans_read_this_I_am_spammed_too_much@spamyourself.com> wrote in

message news:46eeaa68$0$227$e4fe514c@news.xs4all.nl...

> So lets focus on the argument, and simply not take each other word for it.

 

There is no argument..

you have the view that because the code is public lots of people will read

it, understand it, and make sure its safe.

I say they can't/don't do that and have offered evidence that backs my view.

Until you have some actual evidence the argument is finished.

dennis@home wrote:

>

> "Erwin Moller"

> <Since_humans_read_this_I_am_spammed_too_much@spamyourself.com> wrote in

> message news:46eeaa68$0$227$e4fe514c@news.xs4all.nl...

>

>> So lets focus on the argument, and simply not take each other word for

>> it.

>

> There is no argument..

> you have the view that because the code is public lots of people will

> read it, understand it, and make sure its safe.

> I say they can't/don't do that and have offered evidence that backs my

> view.

> Until you have some actual evidence the argument is finished.

 

 

Just a quick scan before giving up for the night and a happened to find

this post :)

 

Have to say Dennis that is something I've always said...

 

Why, unless working on a section of it currently, would anyone sit and

wade through the code for (say) a Linux Kernel?

 

Surely you would modify the bit you were working on and compile the

whole thing again... thus recompiling something that may be incorrect or

even malicious that sneaked in before. I mean I know this "Shouldn't"

happen but that does not equate to "Couldn't" happen, and it seems to me

that risk is somewhat dependent on such things as a strict version

control system.

 

Considering that there are many more independent "Fingers in the pie"

than there are with (Say) Sun or Microsoft I don't think you can make a

straight comparison between open and closed code. There's no doubting

that errors still happen.

Charlie Tame wrote:

> dennis@home wrote:

>>

>> "Erwin Moller"

>> <Since_humans_read_this_I_am_spammed_too_much@spamyourself.com> wrote

>> in message news:46eeaa68$0$227$e4fe514c@news.xs4all.nl...

>>

>>> So lets focus on the argument, and simply not take each other word

>>> for it.

>>

>> There is no argument..

>> you have the view that because the code is public lots of people will

>> read it, understand it, and make sure its safe.

>> I say they can't/don't do that and have offered evidence that backs my

>> view.

>> Until you have some actual evidence the argument is finished.

>

>

> Just a quick scan before giving up for the night and a happened to find

> this post :)

>

> Have to say Dennis that is something I've always said...

>

> Why, unless working on a section of it currently, would anyone sit and

> wade through the code for (say) a Linux Kernel?

>

> Surely you would modify the bit you were working on and compile the

> whole thing again... thus recompiling something that may be incorrect or

> even malicious that sneaked in before. I mean I know this "Shouldn't"

> happen but that does not equate to "Couldn't" happen, and it seems to me

> that risk is somewhat dependent on such things as a strict version

> control system.

>

> Considering that there are many more independent "Fingers in the pie"

> than there are with (Say) Sun or Microsoft I don't think you can make a

> straight comparison between open and closed code. There's no doubting

> that errors still happen.

 

Yeah, but Windows boxes have been proven to be more virus prone and

Windows boxes are the only boxes that are members of herd bots that send

us all the spam. You are talking about a theoretical possibility when,

in reality, Windows boxes are the ones spreading crap all over the

Internet, not Linux boxes. Proof is in the pudding and all that jazz.

 

The fact that preinstalled Windows boxes that come from the likes of

Dell and HP are bundled with trial crap should tell you how much the

large computer vendors care about their customers.

 

--

Alias

To email me, remove shoes

Alias wrote:

> Yeah, but Windows boxes have been proven to be more virus prone and

> Windows boxes are the only boxes that are members of herd bots that send

> us all the spam. You are talking about a theoretical possibility when,

> in reality, Windows boxes are the ones spreading crap all over the

> Internet, not Linux boxes. Proof is in the pudding and all that jazz.

 

Someone once told me Windows Users weren't very smart,

certainly not smart enough to write a virus.

 

Windows Servers that suffer as Spamming Hosts were

obviously taken over by people smarter than the

Windows Server SysAdmin...looking around...hmm...

what kind of group does that leave?

 

The reality of the situation is that both operating systems

are prone to attacks and exploits constantly...

 

People are most often drawn to Windows Systems because

it's easy enough to use and learn for the entire family.

 

NT Canuck

'Seek and ye shall find'

NT Canuck wrote:

> Alias wrote:

>

>> Yeah, but Windows boxes have been proven to be more virus prone and

>> Windows boxes are the only boxes that are members of herd bots that

>> send us all the spam. You are talking about a theoretical possibility

>> when, in reality, Windows boxes are the ones spreading crap all over

>> the Internet, not Linux boxes. Proof is in the pudding and all that jazz.

>

> Someone once told me Windows Users weren't very smart,

> certainly not smart enough to write a virus.

 

So?

>

> Windows Servers that suffer as Spamming Hosts were

> obviously taken over by people smarter than the

> Windows Server SysAdmin...looking around...hmm...

> what kind of group does that leave?

 

So?

>

> The reality of the situation is that both operating systems

> are prone to attacks and exploits constantly...

 

False.

>

> People are most often drawn to Windows Systems because

> it's easy enough to use and learn for the entire family.

 

Ubuntu is much easier to run than Windows will ever be.

>

> NT Canuck

> 'Seek and ye shall find'

 

I guess you're still seeking.

 

 

 

--

Alias

To email me, remove shoes

dennis@home wrote:

>

> "Erwin Moller"

> <Since_humans_read_this_I_am_spammed_too_much@spamyourself.com> wrote in

> message news:46eeaa68$0$227$e4fe514c@news.xs4all.nl...

>

>> So lets focus on the argument, and simply not take each other word for

>> it.

>

> There is no argument..

> you have the view that because the code is public lots of people will

> read it, understand it, and make sure its safe.

> I say they can't/don't do that and have offered evidence that backs my

> view.

> Until you have some actual evidence the argument is finished.

 

Smart move Dennis,

 

If it gets too hot in the kitchen, get out.

I wrote down a few arguments to support my cliams, you didn't even

bother to respond to them.

And 'actual evidence'? Where is yours?

 

I think Alias gave a strong argument too: Why is it all the zombies on

the net are comprimized W$ boxes?

Because it is easier to break a *nix box?

What evidence do you need?

 

But if the argument is over for you: Fine with me.

 

Regards and take care,

Erwin Moller

"Alias" <iamalias@shoesgmail.com> wrote in message

news:fco3io$h71$1@aioe.org...

> Charlie Tame wrote:

>> dennis@home wrote:

>>>

>>> "Erwin Moller"

>>> <Since_humans_read_this_I_am_spammed_too_much@spamyourself.com> wrote in

>>> message news:46eeaa68$0$227$e4fe514c@news.xs4all.nl...

>>>

>>>> So lets focus on the argument, and simply not take each other word for

>>>> it.

>>>

>>> There is no argument..

>>> you have the view that because the code is public lots of people will

>>> read it, understand it, and make sure its safe.

>>> I say they can't/don't do that and have offered evidence that backs my

>>> view.

>>> Until you have some actual evidence the argument is finished.

>>

>>

>> Just a quick scan before giving up for the night and a happened to find

>> this post :)

>>

>> Have to say Dennis that is something I've always said...

>>

>> Why, unless working on a section of it currently, would anyone sit and

>> wade through the code for (say) a Linux Kernel?

>>

>> Surely you would modify the bit you were working on and compile the whole

>> thing again... thus recompiling something that may be incorrect or even

>> malicious that sneaked in before. I mean I know this "Shouldn't" happen

>> but that does not equate to "Couldn't" happen, and it seems to me that

>> risk is somewhat dependent on such things as a strict version control

>> system.

>>

>> Considering that there are many more independent "Fingers in the pie"

>> than there are with (Say) Sun or Microsoft I don't think you can make a

>> straight comparison between open and closed code. There's no doubting

>> that errors still happen.

>

> Yeah, but Windows boxes have been proven to be more virus prone and

> Windows boxes are the only boxes that are members of herd bots that send

> us all the spam. You are talking about a theoretical possibility when, in

> reality, Windows boxes are the ones spreading crap all over the Internet,

> not Linux boxes. Proof is in the pudding and all that jazz.

 

Your blind faith, produced by irrelevant comparisons with other software,

when it comes to security is worrying.

It indicates you have no idea what you are talking about.

Please attempt to improve your knowledge before commenting as it makes you

appear ignorant.

As a simple example that even you may understand.. you don't leave your door

open just because your neighbour leaves his windows open.

"NT Canuck" <optional_ntcanuck@hotmail.com> wrote in message

news:uirg1Od%23HHA.4712@TK2MSFTNGP04.phx.gbl...

> Alias wrote:

>

>> Yeah, but Windows boxes have been proven to be more virus prone and

>> Windows boxes are the only boxes that are members of herd bots that send

>> us all the spam. You are talking about a theoretical possibility when, in

>> reality, Windows boxes are the ones spreading crap all over the Internet,

>> not Linux boxes. Proof is in the pudding and all that jazz.

>

> Someone once told me Windows Users weren't very smart,

> certainly not smart enough to write a virus.

 

Fortunatly thats true of >99.99% of users of computers.

If it wasn't there would be real problems.

> Windows Servers that suffer as Spamming Hosts were

> obviously taken over by people smarter than the

> Windows Server SysAdmin...looking around...hmm...

> what kind of group does that leave?

 

What alias refuses to understand is that you don't control 10,000 windows

machines from a hijacked windows machine.. that machine wouldn't last long

before someone gave up trying to use it and then all the bots are lost.

What you do is hijack a unix machine and use that to control the bots.. unix

machines will run a herd without the user knowing as most users have no idea

what it does.

> The reality of the situation is that both operating systems

> are prone to attacks and exploits constantly...

 

Now you are getting into fantasy as far as alias goes as its impossible for

someone to hijack a unix machine in his view.

> People are most often drawn to Windows Systems because

> it's easy enough to use and learn for the entire family.

 

They usually use it because its what they know and its what other people

know.. as can be seen from what alias says even people that claim they know

about "unix" are frequently talking out of their hats so it limits peoples

choice somewhat.

dennis@home wrote:

>

> "Alias" <iamalias@shoesgmail.com> wrote in message

> news:fco3io$h71$1@aioe.org...

>> Charlie Tame wrote:

>>> dennis@home wrote:

>>>>

>>>> "Erwin Moller"

>>>> <Since_humans_read_this_I_am_spammed_too_much@spamyourself.com>

>>>> wrote in message news:46eeaa68$0$227$e4fe514c@news.xs4all.nl...

>>>>

>>>>> So lets focus on the argument, and simply not take each other word

>>>>> for it.

>>>>

>>>> There is no argument..

>>>> you have the view that because the code is public lots of people

>>>> will read it, understand it, and make sure its safe.

>>>> I say they can't/don't do that and have offered evidence that backs

>>>> my view.

>>>> Until you have some actual evidence the argument is finished.

>>>

>>>

>>> Just a quick scan before giving up for the night and a happened to

>>> find this post :)

>>>

>>> Have to say Dennis that is something I've always said...

>>>

>>> Why, unless working on a section of it currently, would anyone sit

>>> and wade through the code for (say) a Linux Kernel?

>>>

>>> Surely you would modify the bit you were working on and compile the

>>> whole thing again... thus recompiling something that may be incorrect

>>> or even malicious that sneaked in before. I mean I know this

>>> "Shouldn't" happen but that does not equate to "Couldn't" happen, and

>>> it seems to me that risk is somewhat dependent on such things as a

>>> strict version control system.

>>>

>>> Considering that there are many more independent "Fingers in the pie"

>>> than there are with (Say) Sun or Microsoft I don't think you can make

>>> a straight comparison between open and closed code. There's no

>>> doubting that errors still happen.

>>

>> Yeah, but Windows boxes have been proven to be more virus prone and

>> Windows boxes are the only boxes that are members of herd bots that

>> send us all the spam. You are talking about a theoretical possibility

>> when, in reality, Windows boxes are the ones spreading crap all over

>> the Internet, not Linux boxes. Proof is in the pudding and all that jazz.

>

> Your blind faith, produced by irrelevant comparisons with other

> software, when it comes to security is worrying.

> It indicates you have no idea what you are talking about.

> Please attempt to improve your knowledge before commenting as it makes

> you appear ignorant.

> As a simple example that even you may understand.. you don't leave your

> door open just because your neighbour leaves his windows open.

>

>

>

 

Care to address content or only emulate Frank and toss out unfounded

insults, lies and bluster? What the HELL is a Linux box going to do with

an .exe file, which is the chosen format for viruses?

 

--

Alias

To email me, remove shoes

"Erwin Moller"

<Since_humans_read_this_I_am_spammed_too_much@spamyourself.com> wrote in

message news:46ef9e1c$0$230$e4fe514c@news.xs4all.nl...

> dennis@home wrote:

>>

>> "Erwin Moller"

>> <Since_humans_read_this_I_am_spammed_too_much@spamyourself.com> wrote in

>> message news:46eeaa68$0$227$e4fe514c@news.xs4all.nl...

>>

>>> So lets focus on the argument, and simply not take each other word for

>>> it.

>>

>> There is no argument..

>> you have the view that because the code is public lots of people will

>> read it, understand it, and make sure its safe.

>> I say they can't/don't do that and have offered evidence that backs my

>> view.

>> Until you have some actual evidence the argument is finished.

>

> Smart move Dennis,

>

> If it gets too hot in the kitchen, get out.

> I wrote down a few arguments to support my cliams, you didn't even bother

> to respond to them.

 

You have posted nothing to support anything relevant here.. where did you

post it?

> And 'actual evidence'? Where is yours?

 

Stop being obtuse.

>

> I think Alias gave a strong argument too: Why is it all the zombies on the

> net are comprimized W$ boxes?

> Because it is easier to break a *nix box?

> What evidence do you need?

 

Well its not evidence and its not true either.. unless you define a zombie

as being a windows box which some "linux" users like too.

> But if the argument is over for you: Fine with me.

 

OK but it wasn't really an argument as yours was opinion.

>

> Regards and take care,

> Erwin Moller

"Alias" <iamalias@shoesgmail.com> wrote in message

news:fco7q6$s72$1@aioe.org...

> dennis@home wrote:

>>

>> "Alias" <iamalias@shoesgmail.com> wrote in message

>> news:fco3io$h71$1@aioe.org...

>>> Charlie Tame wrote:

>>>> dennis@home wrote:

>>>>>

>>>>> "Erwin Moller"

>>>>> <Since_humans_read_this_I_am_spammed_too_much@spamyourself.com> wrote

>>>>> in message news:46eeaa68$0$227$e4fe514c@news.xs4all.nl...

>>>>>

>>>>>> So lets focus on the argument, and simply not take each other word

>>>>>> for it.

>>>>>

>>>>> There is no argument..

>>>>> you have the view that because the code is public lots of people will

>>>>> read it, understand it, and make sure its safe.

>>>>> I say they can't/don't do that and have offered evidence that backs my

>>>>> view.

>>>>> Until you have some actual evidence the argument is finished.

>>>>

>>>>

>>>> Just a quick scan before giving up for the night and a happened to find

>>>> this post :)

>>>>

>>>> Have to say Dennis that is something I've always said...

>>>>

>>>> Why, unless working on a section of it currently, would anyone sit and

>>>> wade through the code for (say) a Linux Kernel?

>>>>

>>>> Surely you would modify the bit you were working on and compile the

>>>> whole thing again... thus recompiling something that may be incorrect

>>>> or even malicious that sneaked in before. I mean I know this

>>>> "Shouldn't" happen but that does not equate to "Couldn't" happen, and

>>>> it seems to me that risk is somewhat dependent on such things as a

>>>> strict version control system.

>>>>

>>>> Considering that there are many more independent "Fingers in the pie"

>>>> than there are with (Say) Sun or Microsoft I don't think you can make a

>>>> straight comparison between open and closed code. There's no doubting

>>>> that errors still happen.

>>>

>>> Yeah, but Windows boxes have been proven to be more virus prone and

>>> Windows boxes are the only boxes that are members of herd bots that send

>>> us all the spam. You are talking about a theoretical possibility when,

>>> in reality, Windows boxes are the ones spreading crap all over the

>>> Internet, not Linux boxes. Proof is in the pudding and all that jazz.

>>

>> Your blind faith, produced by irrelevant comparisons with other software,

>> when it comes to security is worrying.

>> It indicates you have no idea what you are talking about.

>> Please attempt to improve your knowledge before commenting as it makes

>> you appear ignorant.

>> As a simple example that even you may understand.. you don't leave your

>> door open just because your neighbour leaves his windows open.

>>

>>

>>

>

> Care to address content or only emulate Frank and toss out unfounded

> insults, lies and bluster? What the HELL is a Linux box going to do with

> an .exe file, which is the chosen format for viruses?

 

What have viruses got to do with security and your misunderstanding of it?

dennis@home wrote:

>

> "Alias" <iamalias@shoesgmail.com> wrote in message

> news:fco7q6$s72$1@aioe.org...

>> dennis@home wrote:

>>>

>>> "Alias" <iamalias@shoesgmail.com> wrote in message

>>> news:fco3io$h71$1@aioe.org...

>>>> Charlie Tame wrote:

>>>>> dennis@home wrote:

>>>>>>

>>>>>> "Erwin Moller"

>>>>>> <Since_humans_read_this_I_am_spammed_too_much@spamyourself.com>

>>>>>> wrote in message news:46eeaa68$0$227$e4fe514c@news.xs4all.nl...

>>>>>>

>>>>>>> So lets focus on the argument, and simply not take each other

>>>>>>> word for it.

>>>>>>

>>>>>> There is no argument..

>>>>>> you have the view that because the code is public lots of people

>>>>>> will read it, understand it, and make sure its safe.

>>>>>> I say they can't/don't do that and have offered evidence that

>>>>>> backs my view.

>>>>>> Until you have some actual evidence the argument is finished.

>>>>>

>>>>>

>>>>> Just a quick scan before giving up for the night and a happened to

>>>>> find this post :)

>>>>>

>>>>> Have to say Dennis that is something I've always said...

>>>>>

>>>>> Why, unless working on a section of it currently, would anyone sit

>>>>> and wade through the code for (say) a Linux Kernel?

>>>>>

>>>>> Surely you would modify the bit you were working on and compile the

>>>>> whole thing again... thus recompiling something that may be

>>>>> incorrect or even malicious that sneaked in before. I mean I know

>>>>> this "Shouldn't" happen but that does not equate to "Couldn't"

>>>>> happen, and it seems to me that risk is somewhat dependent on such

>>>>> things as a strict version control system.

>>>>>

>>>>> Considering that there are many more independent "Fingers in the

>>>>> pie" than there are with (Say) Sun or Microsoft I don't think you

>>>>> can make a straight comparison between open and closed code.

>>>>> There's no doubting that errors still happen.

>>>>

>>>> Yeah, but Windows boxes have been proven to be more virus prone and

>>>> Windows boxes are the only boxes that are members of herd bots that

>>>> send us all the spam. You are talking about a theoretical

>>>> possibility when, in reality, Windows boxes are the ones spreading

>>>> crap all over the Internet, not Linux boxes. Proof is in the pudding

>>>> and all that jazz.

>>>

>>> Your blind faith, produced by irrelevant comparisons with other

>>> software, when it comes to security is worrying.

>>> It indicates you have no idea what you are talking about.

>>> Please attempt to improve your knowledge before commenting as it

>>> makes you appear ignorant.

>>> As a simple example that even you may understand.. you don't leave

>>> your door open just because your neighbour leaves his windows open.

>>>

>>>

>>>

>>

>> Care to address content or only emulate Frank and toss out unfounded

>> insults, lies and bluster? What the HELL is a Linux box going to do

>> with an .exe file, which is the chosen format for viruses?

>

> What have viruses got to do with security and your misunderstanding of it?

 

Are you saying that viruses have nothing to do with security? LOL! Good one!

 

Fact: the only computers that are members of herd bots are Windows

boxes. Live with it or wake up and go Open Source.

 

--

Alias

To email me, remove shoes

Alias wrote:

>> Someone once told me Windows Users weren't very smart,

>> certainly not smart enough to write a virus.

>

> So?

 

So the virus tracks back to non-ms units.

 

>> Windows Servers that suffer as Spamming Hosts were

>> obviously taken over by people smarter than the

>> Windows Server SysAdmin...looking around...hmm...

>> what kind of group does that leave?

>

> So?

 

heh, I can see your concern.

 

>> The reality of the situation is that both operating systems

>> are prone to attacks and exploits constantly...

>

> False.

 

Umm, you're not talking to someone without experience

either in hunting or repairing said damage, it's true.

Having assisted in tens of thousands of infections it's

rare indeed to see any branded unit standing for long.

>> People are most often drawn to Windows Systems because

>> it's easy enough to use and learn for the entire family.

>

> Ubuntu is much easier to run than Windows will ever be.

 

I don't recall Ubuntu in '92, I'll be surprised if it

manages to last 10 years no matter what it's value

since 'nix folks tend to switch iterations frequently.

As for actual Windows ease of use..it is fading a bit.

>> NT Canuck

>> 'Seek and ye shall find'

>

> I guess you're still seeking.

 

heh, always.

 

NT Canuck

'Seek and ye shall find'

"Alias" <iamalias@shoesgmail.com> wrote in message

news:fco9d6$vvn$1@aioe.org...

> Fact: the only computers that are members of herd bots are Windows boxes.

> Live with it or wake up and go Open Source.

 

You can say that as often as you like.. it doesn't make it true.. it just

makes *you* sound crazy.

I don't think anyone is going to take notice of a crazy person so you may as

well either tell the truth or go away.

Alias wrote:

> Care to address content or only emulate Frank and toss out unfounded

> insults, lies and bluster? What the HELL is a Linux box going to do with

> an .exe file, which is the chosen format for viruses?

 

 

Here, it's fixed.

 

linux

 

ubuntu

 

Typical virus/worms are script or batch files that

were 'packed' as an exe but can take many other forms.

 

NT Canuck

'Seek and ye shall find'

"NT Canuck" <optional_ntcanuck@hotmail.com> wrote in message

news:eRt$she%23HHA.700@TK2MSFTNGP05.phx.gbl...

> Alias wrote:

>

>> Care to address content or only emulate Frank and toss out unfounded

>> insults, lies and bluster? What the HELL is a Linux box going to do with

>> an .exe file, which is the chosen format for viruses?

>

>

> Here, it's fixed.

>

> linux

>

>

> ubuntu

>

>

 

You shouldn't post install procedures that complicated here.. it will make

users think it can be hard to install stuff on linux.. which it isn't to

those that already know how. -)

Alias wrote:

> dennis@home wrote:

>>

>> "Alias" <iamalias@shoesgmail.com> wrote in message

>> news:fco7q6$s72$1@aioe.org...

>>> dennis@home wrote:

>>>>

>>>> "Alias" <iamalias@shoesgmail.com> wrote in message

>>>> news:fco3io$h71$1@aioe.org...

>>>>> Charlie Tame wrote:

>>>>>> dennis@home wrote:

>>>>>>>

>>>>>>> "Erwin Moller"

>>>>>>> <Since_humans_read_this_I_am_spammed_too_much@spamyourself.com>

>>>>>>> wrote in message news:46eeaa68$0$227$e4fe514c@news.xs4all.nl...

>>>>>>>

>>>>>>>> So lets focus on the argument, and simply not take each other

>>>>>>>> word for it.

>>>>>>>

>>>>>>> There is no argument..

>>>>>>> you have the view that because the code is public lots of people

>>>>>>> will read it, understand it, and make sure its safe.

>>>>>>> I say they can't/don't do that and have offered evidence that

>>>>>>> backs my view.

>>>>>>> Until you have some actual evidence the argument is finished.

>>>>>>

>>>>>>

>>>>>> Just a quick scan before giving up for the night and a happened to

>>>>>> find this post :)

>>>>>>

>>>>>> Have to say Dennis that is something I've always said...

>>>>>>

>>>>>> Why, unless working on a section of it currently, would anyone sit

>>>>>> and wade through the code for (say) a Linux Kernel?

>>>>>>

>>>>>> Surely you would modify the bit you were working on and compile

>>>>>> the whole thing again... thus recompiling something that may be

>>>>>> incorrect or even malicious that sneaked in before. I mean I know

>>>>>> this "Shouldn't" happen but that does not equate to "Couldn't"

>>>>>> happen, and it seems to me that risk is somewhat dependent on such

>>>>>> things as a strict version control system.

>>>>>>

>>>>>> Considering that there are many more independent "Fingers in the

>>>>>> pie" than there are with (Say) Sun or Microsoft I don't think you

>>>>>> can make a straight comparison between open and closed code.

>>>>>> There's no doubting that errors still happen.

>>>>>

>>>>> Yeah, but Windows boxes have been proven to be more virus prone and

>>>>> Windows boxes are the only boxes that are members of herd bots that

>>>>> send us all the spam. You are talking about a theoretical

>>>>> possibility when, in reality, Windows boxes are the ones spreading

>>>>> crap all over the Internet, not Linux boxes. Proof is in the

>>>>> pudding and all that jazz.

>>>>

>>>> Your blind faith, produced by irrelevant comparisons with other

>>>> software, when it comes to security is worrying.

>>>> It indicates you have no idea what you are talking about.

>>>> Please attempt to improve your knowledge before commenting as it

>>>> makes you appear ignorant.

>>>> As a simple example that even you may understand.. you don't leave

>>>> your door open just because your neighbour leaves his windows open.

>>>>

>>>>

>>>>

>>>

>>> Care to address content or only emulate Frank and toss out unfounded

>>> insults, lies and bluster? What the HELL is a Linux box going to do

>>> with an .exe file, which is the chosen format for viruses?

>>

>> What have viruses got to do with security and your misunderstanding of

>> it?

>

> Are you saying that viruses have nothing to do with security? LOL! Good

> one!

>

> Fact: the only computers that are members of herd bots are Windows

> boxes. Live with it or wake up and go Open Source.

>

 

Hi Alias,

 

Give up on Dennis. -)

I just did.

I thought at first he had more intelectual baggage than (say) Frank but

he prefers kindergarten style when his argument goes nowhere.

 

Regards,

Erwin

NT Canuck wrote:

> Alias wrote:

>

>>> Someone once told me Windows Users weren't very smart,

>>> certainly not smart enough to write a virus.

>>

>> So?

>

> So the virus tracks back to non-ms units.

 

So? The fact is that Windows boxes get infected and it's highly unlikely

that a Linux box will.

>

>

>>> Windows Servers that suffer as Spamming Hosts were

>>> obviously taken over by people smarter than the

>>> Windows Server SysAdmin...looking around...hmm...

>>> what kind of group does that leave?

>>

>> So?

>

> heh, I can see your concern.

 

I am concerned, which is why I use Linux.

>

>

>>> The reality of the situation is that both operating systems

>>> are prone to attacks and exploits constantly...

>>

>> False.

>

> Umm, you're not talking to someone without experience

> either in hunting or repairing said damage, it's true.

> Having assisted in tens of thousands of infections it's

> rare indeed to see any branded unit standing for long.

 

Compared to Windows, Linux is bullet proof.

>

>>> People are most often drawn to Windows Systems because

>>> it's easy enough to use and learn for the entire family.

>>

>> Ubuntu is much easier to run than Windows will ever be.

>

> I don't recall Ubuntu in '92, I'll be surprised if it

> manages to last 10 years no matter what it's value

> since 'nix folks tend to switch iterations frequently.

> As for actual Windows ease of use..it is fading a bit.

 

Oh, so you haven't tried Ubuntu but you know everything about it.

Interesting. Ubuntu will be the future due to its ease of use and more

and more Windows users are switching to it.

>

>>> NT Canuck

>>> 'Seek and ye shall find'

>>

>> I guess you're still seeking.

>

> heh, always.

>

> NT Canuck

> 'Seek and ye shall find'

 

 

--

Alias

To email me, remove shoes

dennis@home wrote:

>

> "Alias" <iamalias@shoesgmail.com> wrote in message

> news:fco9d6$vvn$1@aioe.org...

>

>> Fact: the only computers that are members of herd bots are Windows

>> boxes. Live with it or wake up and go Open Source.

>

> You can say that as often as you like.. it doesn't make it true.. it

> just makes *you* sound crazy.

> I don't think anyone is going to take notice of a crazy person so you

> may as well either tell the truth or go away.

 

Ad hominem attacks are probably the most amateurish was of debating. I

stand by what I said and you can't prove otherwise. Insulting me, btw,

it not proving otherwise.

 

--

Alias

To email me, remove shoes

Erwin Moller wrote:

> Alias wrote:

>> dennis@home wrote:

>>>

>>> "Alias" <iamalias@shoesgmail.com> wrote in message

>>> news:fco7q6$s72$1@aioe.org...

>>>> dennis@home wrote:

>>>>>

>>>>> "Alias" <iamalias@shoesgmail.com> wrote in message

>>>>> news:fco3io$h71$1@aioe.org...

>>>>>> Charlie Tame wrote:

>>>>>>> dennis@home wrote:

>>>>>>>>

>>>>>>>> "Erwin Moller"

>>>>>>>> <Since_humans_read_this_I_am_spammed_too_much@spamyourself.com>

>>>>>>>> wrote in message news:46eeaa68$0$227$e4fe514c@news.xs4all.nl...

>>>>>>>>

>>>>>>>>> So lets focus on the argument, and simply not take each other

>>>>>>>>> word for it.

>>>>>>>>

>>>>>>>> There is no argument..

>>>>>>>> you have the view that because the code is public lots of people

>>>>>>>> will read it, understand it, and make sure its safe.

>>>>>>>> I say they can't/don't do that and have offered evidence that

>>>>>>>> backs my view.

>>>>>>>> Until you have some actual evidence the argument is finished.

>>>>>>>

>>>>>>>

>>>>>>> Just a quick scan before giving up for the night and a happened

>>>>>>> to find this post :)

>>>>>>>

>>>>>>> Have to say Dennis that is something I've always said...

>>>>>>>

>>>>>>> Why, unless working on a section of it currently, would anyone

>>>>>>> sit and wade through the code for (say) a Linux Kernel?

>>>>>>>

>>>>>>> Surely you would modify the bit you were working on and compile

>>>>>>> the whole thing again... thus recompiling something that may be

>>>>>>> incorrect or even malicious that sneaked in before. I mean I know

>>>>>>> this "Shouldn't" happen but that does not equate to "Couldn't"

>>>>>>> happen, and it seems to me that risk is somewhat dependent on

>>>>>>> such things as a strict version control system.

>>>>>>>

>>>>>>> Considering that there are many more independent "Fingers in the

>>>>>>> pie" than there are with (Say) Sun or Microsoft I don't think you

>>>>>>> can make a straight comparison between open and closed code.

>>>>>>> There's no doubting that errors still happen.

>>>>>>

>>>>>> Yeah, but Windows boxes have been proven to be more virus prone

>>>>>> and Windows boxes are the only boxes that are members of herd bots

>>>>>> that send us all the spam. You are talking about a theoretical

>>>>>> possibility when, in reality, Windows boxes are the ones spreading

>>>>>> crap all over the Internet, not Linux boxes. Proof is in the

>>>>>> pudding and all that jazz.

>>>>>

>>>>> Your blind faith, produced by irrelevant comparisons with other

>>>>> software, when it comes to security is worrying.

>>>>> It indicates you have no idea what you are talking about.

>>>>> Please attempt to improve your knowledge before commenting as it

>>>>> makes you appear ignorant.

>>>>> As a simple example that even you may understand.. you don't leave

>>>>> your door open just because your neighbour leaves his windows open.

>>>>>

>>>>>

>>>>>

>>>>

>>>> Care to address content or only emulate Frank and toss out unfounded

>>>> insults, lies and bluster? What the HELL is a Linux box going to do

>>>> with an .exe file, which is the chosen format for viruses?

>>>

>>> What have viruses got to do with security and your misunderstanding

>>> of it?

>>

>> Are you saying that viruses have nothing to do with security? LOL!

>> Good one!

>>

>> Fact: the only computers that are members of herd bots are Windows

>> boxes. Live with it or wake up and go Open Source.

>>

>

> Hi Alias,

>

> Give up on Dennis. -)

> I just did.

> I thought at first he had more intelectual baggage than (say) Frank but

> he prefers kindergarten style when his argument goes nowhere.

>

> Regards,

> Erwin

 

Both of them, erroneously, think that hurling lies, insults and bluster

is a proper what of debating.

 

--

Alias

To email me, remove shoes

NT Canuck wrote:

> Alias wrote:

>

>> Care to address content or only emulate Frank and toss out unfounded

>> insults, lies and bluster? What the HELL is a Linux box going to do

>> with an .exe file, which is the chosen format for viruses?

>

>

> Here, it's fixed.

>

> linux

>

>

> ubuntu

>

>

> Typical virus/worms are script or batch files that

> were 'packed' as an exe but can take many other forms.

>

> NT Canuck

> 'Seek and ye shall find'

 

Not the way to install Wine, sorry. If you use Automatix2, it's a couple

of clicks using a GUI. No need for the terminal or adding anything to

the repositories. Oops.

 

Fact: compared to Windows, Linux is fuçking bulletproof. Admit it and

get over it.

 

--

Alias

To email me, remove shoes

dennis@home wrote:

>

> "Erwin Moller"

> <Since_humans_read_this_I_am_spammed_too_much@spamyourself.com> wrote in

> message news:46e994e5$0$236$e4fe514c@news.xs4all.nl...

>

>> With Ubuntu you can ALWAYS look at the sourcecode, written in clear C

>> most of the time.

>

> You can look at the source code but unless you compile it and build your

> own Ubuntu you don't know that that source is the code you have.

>

 

But even then, how do you know you can trust that the compiler doesn't

inject extra code? Unless you've inspected (and fully understood) the

compiler's source and compiled it yourself, but what do you use to do

that...?

 

I'm not against open source - the only paid-for software I use is

Windows, plus a few utilities which come with hardware (and even then,

the software is often free to download from the manufacturer's web site,

just useless if you don't have their hardware). But it's an interesting

question from an article I saw a few years ago...

 

http://www.securityfocus.com/news/19

<quote>

All the benefits of source code peer review are irrelevant if you can

not be certain that a given binary application is the result of the

reviewed source code.

 

Ken Thompson made this very clear during his 1983 Turing Award lecture

to the ACM, in which he revealed a shocking, and subtle, software

subversion technique that's still illustrative seventeen years later.

 

Thompson modified the UNIX C compiler to recognize when the login

program was being compiled, and to insert a back door in the resulting

binary code such that it would allow him to login as any user using a

"magic" password.

 

Anyone reviewing the compiler source code could have found the back

door, except that Thompson then modified the compiler so that whenever

it compiled itself, it would insert both the code that inserts the login

back door, as well as code that modifies the compiler. With this new

binary he removed the modifications he had made and recompiled again.

 

He now had a trojaned compiler and clean source code. Anyone using his

compiler to compile either the login program , or the compiler, would

propagate his back doors.

 

The reason his attack worked is because the compiler has a bootstrapping

problem. You need a compiler to compile the compiler. You must obtain a

binary copy of the compiler before you can use it to translate the

compiler source code into a binary. There was no guarantee that the

binary compiler you were using was really related to the source code of

the same.

</quote>