According to Netcraft, LinuxWorld Expo (which defines itself as :"LinuxWorld Conference & Expo® is the world’s most comprehensive marketplace for open source products and services.") runs on Windows 2003...

They also say "LinuxWorld Conference & Expo is where open minds meet." I hope this openness will last...

10/18/2004 5:23:05 PM UTC    Comments [13] 

I really like it, but I hate Red Hat...

2/15/2004 1:36:50 AM UTC    Comments [0] 

   In an article by Jaikumar Vijayan on Computer World, titled "Flaws raise red flag on Linux security", a compilation of nonsense takes place (my remarks in blue)... :

<< The rise in such incidents can be attributed to Linux's growing popularity, which makes it a more attractive target for malicious attackers, said David Wreski, CEO of Linux security vendor Guardian Digital Inc. in Allendale, N.J. >>  If this is true, then the problem is just starting. This same message has been used by Microsoft for some time, and the Linux community was simply saying it is not true, and that Linux was a better and more secure environment

<< "The underground hacker community is very interested in Linux as a potential target," he said. "Because of the accessibility of the source code to everyone, it provides an equal opportunity for malicious attackers to find vulnerabilities and ways to exploit them.">>  In simple words, this reads as : Linux is less secure than others because everyone has access to source code, and hackers have a better chance to find and exploit the vulnérabilities. Point well taken ... This guy is great at shooting his own foot ...

<< "I would say it is more secure than Microsoft and other environments because the code is looked over by so many people and it's so widely available that any vulnerabilities can be quickly identified and patched," Cahill said. Piedmont uses Linux for several e-mail-related functions and is considering its use for antispam purposes.>> Well, I thought the opposite has just been stated on the preceding paragraph. Then, what does quickly mean ? The latest vulnerability discovered by iSec is found on versions 2.2, 2.4 and 2.6 (I have seen reports saying it exists on every kernel version). version 2.2 exists at least since january 1999 (I found a version from 1/26/99 that can be downloaded from kernel.org). so, if 4 years is quick, I don't know what slow is ... If what is meant is that after the vulnerability has been exploited and that it has made all the damage it wants, it will not take long before a patch is there, I bet the same goes for any system (I am a big Windows user, and usually, when a vulnerability that was not known before is found, a patch comes out in the following couple of days, so what is the argument ? ...)

<<"There's not very much we've needed to do to secure Linux [applications]," said Joe Poole, manager for technical support at Boscov's Department Stores LLC in Reading, Pa. The company runs several virtual Linux servers on its mainframes that are protected by network and internal firewalls. All nonessential services, such as file transfers and Telnet, have been disabled. But there has been no need for the kind of constant patching and maintenance required for Windows, Poole said.>> Again, talking about security as relying on network and firewall only is a huge idiocy, especially when the issue is elevation of privilege through buffer overruns. No firewall will stop a legitimate user from accessing with his restricted rights; the problem is that it is all that is needed to exploit the buffer overrun, and gain access as root... On disabling nonessential services, it is absolutely not a valid argument against Windows, because you can disable nonessential services on every version of Windows, and it is the default on Windows 2003. So if the message is that Windows was not secure before Windows 2003 ...

1/11/2004 7:38:19 AM UTC    Comments [22]