Bad design gets changed over time or dumped for something better when using open source. If it is closed source, chances are there are fewer motivations to change it if it works.Originally Posted by Takis
Yes
No
Yes, but only on some operating systems (please explain)
I don't know
Bad design gets changed over time or dumped for something better when using open source. If it is closed source, chances are there are fewer motivations to change it if it works.Originally Posted by Takis
Ok.. I think I get the point, so it's almost imposible to break into a 9+ digit password machine. I'll change my password, I'm 1 digit from that...Originally Posted by Kvark
Free your mind...
But then too linux being open source, people are finding bugs and security vunerbilities everyday and contacting the people that make the code and they modify it and there goes a patch or update version of the app. So I would think that if it is a legitimet site and lots of people used it, I would think that it would be safe to use, but then if it was something that not alot of people use like say "evince" then I may doubt it was safe to use.
Well,
Big Venus, its show time...
Later...
What about chars who look similiar to each others like l, 1, | , 0, O, c, (, j, i, !? I'd sayOriginally Posted by weekend warrior
4!1B13(CD|lidboe&0O is quite a secure password does it?
Very hard...we don't have a default su account in Ubuntu.Originally Posted by sonny
In this case...Ubuntu's downfall would be social engineering (aka someone tricking you into telling them your password). No OS can defend against that.cuz I mean is just a password, there are thousands of password breaking tools out there, so I suppose the real question would be, how secure is your admin password in Linux, more specific in Ubuntu cuz there's a lot of questions about using sudo instead of su?
- Mark ShuttleworthThose folks who try to impose analog rules on digital content will find themselves on the wrong side of the tidal wave.
on it's own a hash provides only authentication, not privacy. it's no surprise that passwords are not stored in a plaintext file, that would make things too easy for an uninvited visitor but as you said it's no defense against a brute force attack. i wonder if it's public knowledge which hash algorithim ubuntu uses? if it is then IF someone was able to obtai the digest of your password then it wouldn't be too hard to retrieve the passwordOriginally Posted by Kvark
Ever read "Smashing the stack for run and profit?"Originally Posted by poofyhairguy
Every single vulnerability that is labelled "priviledge escallation" is just that - something that can become root. There are many such vulnerabilities. Nothing is secure.
All things being relative, it is a bigger concern on a microsoft system, because it is easier to exploit and the vulnerabilities are generally more severe.
So as my understanding... the machine doesn't keep the password, only generates a hash for the password, then an algorithim to match up with the hash. Am I right, or I missunderstood the whole thing?... I'm asking all this cuz I often get this questions by windows above-average-educated users, so please teach me.Originally Posted by egon spengler
Free your mind...
That is why it a program that is the equilivant to antivirus needs to be default for the ubuntu installation... No system is ever completely secure, however with selinux and other programs like (antivir and others) should be worked on regularly... Heck a Mac OSX or OS9 etc... never seems to have a virus on it but they do from time to time, so that is why we need to make one for linux, if over 2500 HPD is registered on Distrowatch and I know a lot more people than that actually use ubuntu and linux in general, WE NEED AN ANTIVIRUS PROGRAM THAT IS ALWAYS UP TO DATE. Sorry for shouting but I wanted to make a point...
Later...
Aurora ...
one of the properties of a hash is that when a text string is entered into it it produces a unique output. lets say for example i apply my hash to your name sonny and it produces the output "skirufy748fhvn". sonny should be the only word in the world that will produce that same output of "skirufy748fhvn".Originally Posted by sonny
what i imagine ubuntu does is when you create a password the actual password is never saved, instead the string entered is hashed and saved as password-digest. from then on whenever you enter a password the password you enter is hashed and compared to password-digest. because a string should always produce a unique output when hashed if they match then it means the correct password was entered
Bookmarks