http://www.factcheck.org/elections-2008/nra_targets_obama.html
That the NRA is a tool of "The Establishment" is not news, right? Is it a correct assertion?
David, surely this is the wrong place for this thread
To all of you, I must say that I do not understand why this kind of contempt for those who have signed up for this list is so common and so well tolerated. These off-topic posts are essentially spam. They are not what people were signing up for when they joined this list. The fact that these topics are important is beside the point. If these topics are important, surely they deserve their own mailing lists, and surely we should let our audience make their own decisions about whether or not to join those other lists. Once an audience has made their choices about what topics to participate in, it is difficult for me to understand why so many on this list won't respect those decisions. As much as many of you may see importance in some of these topics, is it really up to you to overrule the decisions that others have made and impose these discussions on them?
Adrian
On Wed, Sep 24, 2008 at 11:02 AM, David Nicol davidnicol@gmail.com wrote:
http://www.factcheck.org/elections-2008/nra_targets_obama.html
That the NRA is a tool of "The Establishment" is not news, right? Is it a correct assertion? _______________________________________________ Kclug mailing list Kclug@kclug.org http://kclug.org/mailman/listinfo/kclug
But if Obama takes all our guns away how will we test bulletproof linux? ;)
Bulletproof Linux: Fact or Fiction? http://www.esecurityplanet.com/views/article.php/3389291
Adrian Griffis adriang63@gmail.com wrote: David, surely this is the wrong place for this thread
To all of you, I must say that I do not understand why this kind of contempt for those who have signed up for this list is so common and so well tolerated. These off-topic posts are essentially spam. They are not what people were signing up for when they joined this list. The fact that these topics are important is beside the point. If these topics are important, surely they deserve their own mailing lists, and surely we should let our audience make their own decisions about whether or not to join those other lists. Once an audience has made their choices about what topics to participate in, it is difficult for me to understand why so many on this list won't respect those decisions. As much as many of you may see importance in some of these topics, is it really up to you to overrule the decisions that others have made and impose these discussions on them?
Adrian
On Wed, Sep 24, 2008 at 11:02 AM, David Nicol wrote:
http://www.factcheck.org/elections-2008/nra_targets_obama.html
That the NRA is a tool of "The Establishment" is not news, right? Is it a correct assertion? _______________________________________________ Kclug mailing list Kclug@kclug.org http://kclug.org/mailman/listinfo/kclug
_______________________________________________ Kclug mailing list Kclug@kclug.org http://kclug.org/mailman/listinfo/kclug
On Wed, Sep 24, 2008 at 11:41 AM, James Sissel jimsissel@yahoo.com wrote:
Bulletproof Linux: Fact or Fiction? http://www.esecurityplanet.com/views/article.php/3389291
The author, in that article, argues against something of a strawman. The real issues are discussed in something I've written before. It is entited "Virus Scanners Are the Dung Beatles of the Computer World", and you can find it at:
http://adriang.livejournal.com/1288.html
Adrian
--- On Wed, 9/24/08, Adrian Griffis adriang63@gmail.com wrote:
On Wed, Sep 24, 2008 at 11:41 AM, James Sissel jimsissel@yahoo.com wrote:
Bulletproof Linux: Fact or Fiction?
http://www.esecurityplanet.com/views/article.php/3389291
The author, in that article, argues against something of a strawman. The real issues are discussed in something I've written before. It is entited "Virus Scanners Are the Dung Beatles of the Computer World", and you can find it at:
http://adriang.livejournal.com/1288.html
The "Bulletproof Linux" article seems to describe two worthwhile, Linux-specific basic points-of-entry for viruses:
1) Users using the root account.
2) Users losing their private data when a virus gains access to a user-level account that has no administrator privileges.
While your points about virus scanners and Linux are quite correct, that Linux patches happen so frequently that a Linux virus scanner would have virtually nothing to do, some distributions, especially the ones which purport to seamlessly replace Windows (*cough*Linspire*cough*), do drop the end user into the root account without much warning.
A large part of modern malware delivery these days is social engineering. Linux could benefit from a *Trojan* scanner, to help prevent end users from being duped into running applications in their user accounts because the website promises free stuff, especially free naughty stuff. The modern Windows virus scanner is often that little angel on your shoulder, reminding you that there is never a free lunch when the social engineer hands you a lunchbox full of malware.
No amount of hardening can protect a home system from the noob at the keyboard, but a little background app saying, for example, "do you really want your modem to dial a Russian 1-900 number?" can be helpful for the end user who has expressed a sudden need for "free" photo collections of the divine female form undraped, but not expressed a need for the eradication of their disposable income.
I work in some situations where "users" have essentially LESS than zero need to access "root" And their use of the systems is it at a level where even if they were "trusted" to, there is no sane reason to make root access even possible for their workstation. Let alone granting them SERVER "root access" I've been tossing around a re-thinking of the server-client models for home/small office use. That's only on topic here as the "Bulletproof" metaphor has multiple paths to the goal.
The only comment beyond my lead in for rethinking client/server security is an admonition of ethics.
If we lived in a world like RMS envisioned we'd need no passwords.
On Fri, Sep 26, 2008 at 12:58 AM, Leo Mauler webgiant@yahoo.com wrote:
--- On Wed, 9/24/08, Adrian Griffis adriang63@gmail.com wrote:
On Wed, Sep 24, 2008 at 11:41 AM, James Sissel jimsissel@yahoo.com wrote:
Bulletproof Linux: Fact or Fiction?
http://www.esecurityplanet.com/views/article.php/3389291
The author, in that article, argues against something of a strawman. The real issues are discussed in something I've written before. It is entited "Virus Scanners Are the Dung Beatles of the Computer World", and you can find it at:
http://adriang.livejournal.com/1288.html
The "Bulletproof Linux" article seems to describe two worthwhile, Linux-specific basic points-of-entry for viruses:
Users using the root account.
Users losing their private data when a virus gains access to a user-level account that has no administrator privileges.
While your points about virus scanners and Linux are quite correct, that Linux patches happen so frequently that a Linux virus scanner would have virtually nothing to do, some distributions, especially the ones which purport to seamlessly replace Windows (*cough*Linspire*cough*), do drop the end user into the root account without much warning.
A large part of modern malware delivery these days is social engineering. Linux could benefit from a *Trojan* scanner, to help prevent end users from being duped into running applications in their user accounts because the website promises free stuff, especially free naughty stuff. The modern Windows virus scanner is often that little angel on your shoulder, reminding you that there is never a free lunch when the social engineer hands you a lunchbox full of malware.
No amount of hardening can protect a home system from the noob at the keyboard, but a little background app saying, for example, "do you really want your modem to dial a Russian 1-900 number?" can be helpful for the end user who has expressed a sudden need for "free" photo collections of the divine female form undraped, but not expressed a need for the eradication of their disposable income.
Kclug mailing list Kclug@kclug.org http://kclug.org/mailman/listinfo/kclug
On Fri, Sep 26, 2008 at 11:35 AM, Oren Beck orenbeck@gmail.com wrote:
The only comment beyond my lead in for rethinking client/server security is an admonition of ethics.
If we lived in a world like RMS envisioned we'd need no passwords.
I like to think he was wrong on that. Passwords are like locks on doors, as the saying goes "they keep an honest person honest", even if a criminal can just break the door in. Locks don't just keep the baddies out, they help maintain a degree of expected privacy and security. Above this though, is that even asking for a password when doing an su, for example, you have to stop and think for a split second about what you are doing. It a step to keep flying fingers and mind in check when performing possibly dangerous commands/actions. A password is not just an anti-evil-doer measure, but an anti-boneheaded-mistake preventer. Passwords are used for increasing levels of security control to prevent people from easily making critical mistakes. Having a wide-open system is just asking for some noob to walk up, find you are low on disk space or something and kindly make some available to you at random. Even though I used the quote above, the honesty of people has absolutely nothing to do with their competanance or capability, which using passwords can help keep in check.
Jon.
--- On Mon, 9/29/08, Jon Pruente jdpruente@gmail.com wrote:
On Fri, Sep 26, 2008 at 11:35 AM, Oren Beck orenbeck@gmail.com wrote:
The only comment beyond my lead in for rethinking client/server security is an admonition of ethics.
If we lived in a world like RMS envisioned we'd need no passwords.
I like to think he was wrong on that. Passwords are like locks on doors, as the saying goes "they keep an honest person honest", even if a criminal can just break the door in. Locks don't just keep the baddies out, they help maintain a degree of expected privacy and security.
I've sometimes referred to ROT13 as the E-mail equivalent of a snail-mail envelope: its easy to "steam open", but it still takes a little effort to read the contents, so it offers a little privacy for the contents.
On Wed, Sep 24, 2008 at 11:19, Adrian Griffis adriang63@gmail.com wrote:
David, surely this is the wrong place for this thread
To all of you, I must say that I do not understand why this kind of contempt for those who have signed up for this list is so common and so well tolerated. These off-topic posts are essentially spam.
No. They are absolutely, explicitly spam. I mark them as spam, and I have David Nicol, Leo Mauler, and Oren Beck on an auto-delete list in my mail client specifically because all they ever seem to contribute is spam. Unfortunatley, the second someone other than those three stooges replies, it gets unblocked.
They are not what people were signing up for when they joined this list. The fact that these topics are important is beside the point. If these topics are important, surely they deserve their own mailing lists, and surely we should let our audience make their own decisions about whether or not to join those other lists. Once an audience has made their choices about what topics to participate in, it is difficult for me to understand why so many on this list won't respect those decisions. As much as many of you may see importance in some of these topics, is it really up to you to overrule the decisions that others have made and impose these discussions on them?
Adrian
On a moderated list, this shit would never make it through.
The NRA has a long history.
"A Brief History of America"
http://video.google.com/videoplay?docid=5301167223369517485
Thanks,
Ron Geoffrion 913.488.7664
-----Original Message----- From: kclug-bounces@kclug.org [mailto:kclug-bounces@kclug.org] On Behalf Of David Nicol Sent: Wednesday, September 24, 2008 11:02 AM To: kclug Subject: starting new flamefest NOW
http://www.factcheck.org/elections-2008/nra_targets_obama.html
That the NRA is a tool of "The Establishment" is not news, right? Is it a correct assertion? _______________________________________________ Kclug mailing list Kclug@kclug.org http://kclug.org/mailman/listinfo/kclug
Where's the Linux in this article? The only time I've been tempted to shoot a computer with a gun was back when most of my computers ran Windows.
--- On Wed, 9/24/08, David Nicol davidnicol@gmail.com wrote:
http://www.factcheck.org/elections-2008/nra_targets_obama.html
That the NRA is a tool of "The Establishment" is not news, right? Is it a correct assertion?