[ale] Linux Distributions
    George Carless 
    kafka at antichri.st
       
    Wed May 18 10:57:15 EDT 2005
    
    
  
On Tue, May 17, 2005 at 11:13:24PM -0500, ChangingLINKS.com wrote:
> On Tuesday May 17 2005 21:14, George Carless wrote:
> > Honestly, this is so elementary that I'm really starting to think that you
> > people are simply stupid. ;D
> >
> > --George
> 
> It is elementary. There is a valuable lesson here to be learned by one side or 
> the other. Would you like to put some money on it?
> Please?
This is a common tactic of yours, Drew, setting up the so-called 
"challenge".  I sometimes wonder whether you do these things as a means 
of getting free security audits; at any rate, I think it is important to 
observe that in this scenario, where you would know that people were 
purposefully doing things that might lead to the compromise of your 
system, you can very easily re-image or whatever it is that you do.  But 
in the real world, in which you are happily trucking along as root, you 
have no such notion of what holes there may be in your software.  And, 
frankly, some of the posts you have made to this group (as well as my 
own first-hand knowledge of some of the horrible PHP code that you have 
run on at least one of your boxes, for example), I have very little 
faith in your ability to detect, or to address, an intrusion or a 
compromise.  You continually refer to firewalls as though these were the 
holy grail of security, which they most certainly are not.  
I would rework the earlier comments, and turn them into a challenge of 
my own: if you have everything locked down so fantastically that you see 
no danger in running as root, why don't you release your insight into 
the world, whether for cash or for glory?  I quite relish the notion of 
having you explain quite HOW it is that you believe you have achieved 
this nirvana; and I quite relish the thought of all of the security 
experts looking into whatever you have done.
The only other thought I have is that the only way in which I can 
imagine you can even begin to make these claims is if you run a system 
off something akin to a 'live cd', in which system files are 
non-writeable (and in which a 'root' account may be non-powerful); if 
that's the case, I'd ask you to say so.
--George
--------------------------------------
George Carless ... kafka at antichri.st
Words are just dust in deserts of sound
    
    
More information about the Ale
mailing list