[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Linux vs. NT Security contest
Some very intelligent comments. I think the phenomenon you see is a result
of the upsurge in popularity Linux has experienced. Folks learn a bit
about something more intellectually challenging than the 'off the shelf'
detritus from Redmond and find themselves a part of a 'movement',
something sort of grass roots. Enthusiasm prevails over common sense and
the philosophical underpinnings of the 'movement'. It is easy to focus on
a 'result' like Linux instead of the 'open source' model that gave rise to
it. As someone whom I respect a lot wrote recently, a lot of open source
code is just plain crap (para-phrased I'm sure, forgive me Theo), but the
underlying model still works and out of that crap some cream rises to the
surface - eg OpenBSD and other things like Apache etc. (flames ignored
On Tue, 21 Sep 1999, alex wrote:
> I'm new here, so I hope this isn't out of line.
> I think this NT bashing is a big mistake. We all like OpenBSD, we
> know it's better. All we're doing is patting ourselves on the back.
> I've been running linux for more than seven years. The great thing
> about linux used to be the mail lists and usenet groups. They were
> technical and I learned a lot from them. When I signed up for this
> list a week ago or so, I thought, "This is what linux was like four
> years ago." People actually talk about technical things -- security,
> drivers, etc. What's more, many of the people here actually seem to
> know what they're talking about.
> Now the linux community seems to be filled with strident kids who are
> developing some sort of political correctness agenda for software. A
> couple of days ago, someone at slashdot suggested compling and
> publishing lists of companies that don't want to use open source
> code. It seems to me that they're coming very close to making people
> wear a scarlet "M". What's the point? And why don't more people see
> how distateful that is?
> This is the bottom line of this list as I see it. There are a lot of
> smart people reading it. In particular, there are a lot of people who
> understand security reading it. OpenBSD has a lot of terrific
> security tools.
> But security, even with a good base like the one we've got with
> OpenBSD, is hard. Solaris isn't very secure, but when a friend went
> looking for holes on a solaris box I was running, it turned out the
> most of the big ones he found were of my own making. In other words,
> my ignorance is a bigger danger than sun's inattention to security.
> I'd be very surprised if there aren't quite a few people reading this
> who have compromised their OpenBSD boxes without even realizing it.
> How does that happen? How do people who don't do that approach
> installing software and admining their boxes? What's the difference
> betewen them and me?
> So with all the people here, do we want to talk about how bad MS
> sucks? Or do we want to talk about how to think about security in a
> proactive way? We know that NT sucks, it's a given. It doesn't do me
> any good to hear about how bad MS sucks. I have NT, I know from
> experience that it sucks. So does everyone else here.
> The idea of OpenBSD is tremendously appealing to almost everyone I
> know who works with computers. There are a lot of people who want
> exactly what OpenBSD delivers. Teaching people how to run secure
> systems with OpenBSD is the way to make it grow. Let's make it less
> intimidating. Bashing MS doesn't help.
> In my opinion, the famous web server benchmarks pointed up a lot of
> the problems with both MS and Linux. On the one hand, you had MS
> cheating. And on the other hand, you had the linux kids refusing to
> accept the final results, which exposed some weakenesses in the linux
> I liked linux a lot better when people wanted to publicize weaknesses
> so that they'd get fixed. Now if you criticize it they slashdot you
> and bury you with hate mail. They're bullies. Maybe not as big of
> bullies as the MS crowd, but hey, they're just starting out, give them
> some time, maybe they'll catch up.
> I realize that this post violates the principles it pretends to
> champion. I apologize. I'm coming from the perspective of someone
> who's fleeing linux, in large part to escape ideological rigidity. I
> don't want to think of system administration in political terms. I
> just want my systems to work and not get cracked. I want to be able
> to boot up NT and fire up premiere when I need to edit video, without
> being called a fascist collaborator.
> I really just want to learn from the people here who understand
City of Tucson, IT Dept.