On Thu, Nov 27, 2003 at 06:57:18AM -0800, Tom wrote: > > I have a friend who is 1000 times smarter about Unix than me, and he has > told me the whole history of Sendmail exploits, Bind exploits, and > horriblly crufty design decisions and gaffs and el crapo code all > throughout the history of Unix. His personal opinion is that Linux is a > mere distraction written by amateurs; FreeBSD is closer to the ideal.
So what? >From my perspective those various exploits exposed problems which were then addressed, with the end result of strengthening unix systems, not weakening them. Certainly the code comprising kernels, operating systems, and applications are very complex and subject to screwups and mistakes, but they also evolve and change, in large part in response to problems which occur. The fact that your intelligent friend can even know about those "crufty design decisions and el crapo code" is to me, the whole point of open source. > > I'm not advocating his belief, it's just that (1) the history of Unix as > a cracker proof platform is not true; (2) most of the professional Unix > community views Linux as a largely amateurish attempt relative to their > "heavy duty code", and (3) we're all human. Who claims "Unix as a cracker proof platform" anyway? It's simply a pragmatic effort to make computers do useful work, and thinking it's perfect or "ideal" is a delusion. Problems can't be fixed until they're either anticipated or exposed, and with open source even the practictioners of professional, closed source systems can watch what's going on and jeer if it makes them feel better. > > I believe all of your statements I snipped are destined to be crow one > day we will all eat. ... and having digested that, we'll move on the better for it. I think your basic premise is flawed, that Linux is claimed to be perfect and immune from exploits. On the subject (Re: recommended Virus Scanner?), I recently included one in my .procmailrc (http://www.freshmeat.net/yavr/) after seeing it on this list, and it's got a quite a list of specific exploits to check for (a lot of them Windows based, I'm sure). It's caught all of my Sven hits at least. From the top of the code: # - features # - trap e-worms with base64 signatures (most known like Klez, Hybris, BugBear...) # - iframe html exploit # - CLSID hidden extensions exploit # - xml codebase exploit # - generic executable trap for bat, pif, vbs, vba, scr, lnk, com, exe # - generic macro detection for doc,dot,xls,xla files # - generic detection for most of nigeria scam e-mails (most of them) # (please remember to configure nigeria scam filter. default is ON) Ken -- Ken Irving, Research Analyst, [EMAIL PROTECTED], 907-474-6152 Water and Environmental Research Center Institute of Northern Engineering University of Alaska, Fairbanks -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
