Page 1 of 13 12311 ... LastLast
Results 1 to 10 of 122

Thread: There is a scary discussion on the Ubuntu Developers mail list.

  1. #1
    Join Date
    Mar 2006
    Location
    cyberspace
    Beans
    6,198
    Distro
    Ubuntu 11.10 Oneiric Ocelot

    There is a scary discussion on the Ubuntu Developers mail list.

    I happened to be cleaning out my email box for the Ubuntu developers list. What I found may send shivers up your spine.

    http://www.opensubscriber.com/messag...m/7673369.html

    This is a discussion on how to make it difficult for users to install 3rd party applications under the guise that some may be malware. That the developers know more than users what is safe or wanted on a their computers. This sounds more like it came from Microsoft.
    Am I reading this correctly?
    I trust Microsoft as far as I could comfortably spit a dead rat

    I'm in my third year at a Lutheran seminary!

  2. #2
    Join Date
    May 2007
    Location
    Canada!
    Beans
    1,709
    Distro
    Ubuntu 7.10 Gutsy Gibbon

    Re: There is a scary discussion on the Ubuntu Developers mail list.

    I never thought about it before, but yeah, any program could be a virus, and linux is secure, but if you click and give it the password to go ahead and install, there's not much it an do, is there!

    But they can't just go and block all 3rd party software! That's preposterous! I mean, did they even think what that's doing!?!

    If this is actually implemented, I'm gonna switch to redhat or something...

  3. #3
    Join Date
    Jun 2007
    Location
    Charlotte, NC, USA
    Beans
    3,135
    Distro
    Ubuntu Development Release

    Re: There is a scary discussion on the Ubuntu Developers mail list.

    WOW! If they want to stop this fast running freight train called ubuntu, this is how to stop it. I know I'll find a different distro if this comes to pass.

    I don't need system administration from the creator, I prefer to do that myself. Doesn't sound like freedom anymore.
    Mac Pro 5,1 6-Core 3.33GHz, 48GB, Sapphire RX580
    Optical -- Apple Super Drive & MCE Internal Blu-ray
    512GB SM 970 Pro NVMe/HighPoint 7101A/10.14.5
    SonnetAllegro Pro USB 3/ 4TB WD/4TB - Barracuda

  4. #4
    Join Date
    May 2007
    Location
    Canada!
    Beans
    1,709
    Distro
    Ubuntu 7.10 Gutsy Gibbon

    Re: There is a scary discussion on the Ubuntu Developers mail list.

    Look at it this way - if it does happen, within a month, someone will have fixed it and a new branch of Ubuntu will form that doesn't have it, they will both march on, with the original dieing miserably, and then they will merge back together and everything will be OK again! Kin of like compiz --> compiz and beryl, then compiz-fusion!

  5. #5
    Join Date
    Jun 2007
    Location
    Charlotte, NC, USA
    Beans
    3,135
    Distro
    Ubuntu Development Release

    Re: There is a scary discussion on the Ubuntu Developers mail list.

    Well, I really don't think it will happen but you never know. The Official Ubuntu book sings praises against this sort of control. I'll be pissed off if I boutht the damn book and it lied.
    Mac Pro 5,1 6-Core 3.33GHz, 48GB, Sapphire RX580
    Optical -- Apple Super Drive & MCE Internal Blu-ray
    512GB SM 970 Pro NVMe/HighPoint 7101A/10.14.5
    SonnetAllegro Pro USB 3/ 4TB WD/4TB - Barracuda

  6. #6
    Join Date
    Feb 2007
    Location
    In my chair
    Beans
    1,485

    Re: There is a scary discussion on the Ubuntu Developers mail list.

    It won't ever come to happen because it is a stupid idea. You can block people from running debs but then attackers would start telling people to run commands. If they blocked people from running commands then they would tell them to go to System-->Preferences-->Remote Desktop and enable it.

    There just isn't a way to block someone from running a trojan or rootkit without making it so difficult they couldn't use the system in the first place. If someone wants to run a trojan they ARE going to run it. Making them jump through 10 passwords and a chmod to install it are going to do absolutely NOTHING but waste time.

    Also .. debs are extremely user friendly. One click to install? Amazing! On Windows you have to do
    Next Next Next Surrender-Soul-to-EULA Pick-Install-Directory Next Next Yes-My-Internet-Is-Up Next Next No-I-Don't-Want-Ads-But-Thank-You Next Next Next Finish
    Last edited by Cappy; September 29th, 2007 at 05:14 AM.
    Currently favorite songs:
    Miss Hyde, This Song Is About Monsters, Masagin, I Will Try to Blow it Out, La Resistance
    Visit www.cherrypeel.com for more free indie music =)

  7. #7
    Join Date
    Jul 2007
    Beans
    399

    Re: There is a scary discussion on the Ubuntu Developers mail list.

    We cannot assume that our users are sufficiently knowledgeable and
    experienced to know what is and is not an acceptable risk to take
    Ya we all are fool to ditch windows.

  8. #8
    Join Date
    Mar 2007
    Beans
    334

    Re: There is a scary discussion on the Ubuntu Developers mail list.

    BigK:

    Yep scary-as-all-heck. I could hear the "hobnails" of serious men discussing serious a subject. Servants of the community ... naturally, and like all men with unmoderated power not one (1) thought to increasing the power of the individual lusr.

    That is the true liberating effect of the personal computer ... giving more power to more people than any other tool in human history, save fire and cranberry scones.

  9. #9
    Join Date
    Jul 2007
    Beans
    228
    Distro
    Ubuntu 9.10 Karmic Koala

    Re: There is a scary discussion on the Ubuntu Developers mail list.

    The letter has some valid points. If there's anything that can break through the most secure system, it's social engineering. So, how do you protect your users from themselves?

  10. #10
    Join Date
    Apr 2007
    Location
    Melbourne, Australia
    Beans
    222
    Distro
    Ubuntu 7.10 Gutsy Gibbon

    Re: There is a scary discussion on the Ubuntu Developers mail list.

    Wow... I feel like I'm on slashdot.... umm rtfa?

    Yes, the article is broaching the idea of restricting installation of software. And is discussing how software can be "controlled" for the deliberate purpose of eliminating malware and other such baddies (a good goal). It is important to note though, that the author of the so called "scary letter" realises these points. To quote:
    > > Or to put it another way: the point of Ubuntu is to give users control
    > > over their own computers - that is, Freedom. Our job includes
    > > defending that control against those who would risk it in the name of
    > > temporary convenience.
    >
    > Ian, I basically agree with your thoughts but I think we should be
    > *very* careful about creating a measure that could "protect the user
    > against him/herself" in the model, say Windows Vista does.

    I agree that this is something we should look out for. But we're in a
    bit of a different position to M$. Because Ubuntu is free software,
    if users (and their technically-minded friends and allies) do not like
    what we're doing, they can do things themselves their own way.
    I have had to clean up so many malware infested windows machines... I would dream of chains of trust to help my job! This is something that needs to be examined, because not everyone is a power-n3rd who can distinguish between cool eye candy ("yay compiz repos!") and a keylogger hidden in a music player ("umm.. Amaroque2?"). If we don't discuss OS defense, we leave the door open to virus makers, malware creators and all other kinds of malicious people.

    Stop being so dramatic and lets actually get positively involved in the discussion. How do we protect ubuntu, and protect our unexperienced brethren from those who wish to harm them?

Page 1 of 13 12311 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •