Page 3 of 3 FirstFirst 123
Results 21 to 23 of 23

Thread: A large number of opinions about security

  1. #21
    Join Date
    Mar 2009
    Beans
    1,323

    Re: A large number of opinions about security

    In this post I'm referring to white hats and black hats. It's a pretty widespread set of terms, but for those of you who don't know:

    White hats are the good guys. In this case it's people who work toward system security. They include Ubuntu staff, upstream developers and testers, general security organizations like CERT, and well intentioned users who might report a problem.

    Black hats are the guys who want to break into systems they don't own or have legal access to for one or more nefarious purposes.

    Take a look here:

    http://www.ubuntu.com/usn/

    This is the list of vulnerabilities in Ubuntu, published on the official Ubuntu web site. Yes, they exist, EVERY operating system has them.

    Usually, this list has at least temporary solutions for every item. Which means if you keep your system up to date you're probably pretty safe. But people put way too much faith on this.

    What nobody seems to think about is that for every one of these items, there is a period of time between the discovery of the vulnerability BY A WHITE-HAT and the release of a fix. That period of time is sufficient for somebody to validate the problem, think of a solution (at least a temporary one) test it and then release the fix. Could be minutes or weeks. For minor issues or issues they don't believe to be publicly known they might wait to make the announcement until they have a fix.

    There's also the period of time BEFORE the white hats learned of the vulnerability, in which time a black-hat hacker could have known about it. They might have an exploit active already, and just because Ubuntu knows about the vulnerability doesn't mean they know about an exploit out "in the wild". Sometimes the way Ubuntu knows about the problem is because somebody is actively exploiting it in a malicious way. In that case it's the time it takes the victim to realize they have a problem, realize they can't do anything about it, decide whether to report it and then have some expert come in and see what happened. The potential time period here is from the time the software was written (could have been a black-hat added an exploit that nobody noticed!) until right now, whenever you read this.

    As far as I've ever seen, Ubuntu fixes vulnerabilities, but if you're one of the unlucky ones who have already been exploited, then chances are even if you keep up with your updates you'll still have the malware even after the fix was applied.

  2. #22
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: A large number of opinions about security

    I love this post, 1clue, because you talk about real security issues without mentioning the placebo a lot of people like to call antivirus software.
    Quote Originally Posted by 1clue View Post
    In this post I'm referring to white hats and black hats. It's a pretty widespread set of terms, but for those of you who don't know:

    White hats are the good guys. In this case it's people who work toward system security. They include Ubuntu staff, upstream developers and testers, general security organizations like CERT, and well intentioned users who might report a problem.

    Black hats are the guys who want to break into systems they don't own or have legal access to for one or more nefarious purposes.

    Take a look here:

    http://www.ubuntu.com/usn/

    This is the list of vulnerabilities in Ubuntu, published on the official Ubuntu web site. Yes, they exist, EVERY operating system has them.

    Usually, this list has at least temporary solutions for every item. Which means if you keep your system up to date you're probably pretty safe. But people put way too much faith on this.

    What nobody seems to think about is that for every one of these items, there is a period of time between the discovery of the vulnerability BY A WHITE-HAT and the release of a fix. That period of time is sufficient for somebody to validate the problem, think of a solution (at least a temporary one) test it and then release the fix. Could be minutes or weeks. For minor issues or issues they don't believe to be publicly known they might wait to make the announcement until they have a fix.

    There's also the period of time BEFORE the white hats learned of the vulnerability, in which time a black-hat hacker could have known about it. They might have an exploit active already, and just because Ubuntu knows about the vulnerability doesn't mean they know about an exploit out "in the wild". Sometimes the way Ubuntu knows about the problem is because somebody is actively exploiting it in a malicious way. In that case it's the time it takes the victim to realize they have a problem, realize they can't do anything about it, decide whether to report it and then have some expert come in and see what happened. The potential time period here is from the time the software was written (could have been a black-hat added an exploit that nobody noticed!) until right now, whenever you read this.

    As far as I've ever seen, Ubuntu fixes vulnerabilities, but if you're one of the unlucky ones who have already been exploited, then chances are even if you keep up with your updates you'll still have the malware even after the fix was applied.

  3. #23
    Join Date
    Mar 2009
    Beans
    1,323

    Re: A large number of opinions about security

    Thank you.

    I work for a small company. I'm a software designer, a developer and customer support. I work with people who have, when I asked for a screen shot, taken a photo of their computer screen, copied it to their computer, printed it and then faxed it to me. And then they call me in a few minutes, and I've got to be done snickering by then.

    Some of the Ubuntu users are here because they know they don't like Windows, but they don't know much more about computers than the people I described above. It's the disadvantage of having an installer that is so incredibly easy to use. They hear about how easy Ubuntu is to use and to install, so they do it, and then they ask questions.

    I think many of the users here see the term "antivirus" and they think the user knows what they're talking about. If you KNOW the poster is an expert then go ahead and rant about the futility of antivirus software on Linux. But if you're talking to somebody who barely knows how to turn the computer on, they use the term 'antivirus' to mean a way to detect and get rid of malware, and also to protect their computer from those with malicious intent.

    If you look at how "antivirus" is used on Windows, you'll realize that it's an umbrella for all software they don't want on their computer, AND a mechanism to prevent malware from being installed in the first place.

Page 3 of 3 FirstFirst 123

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •