Re: RFC/Discuss: Replace KDE by LXDE on LTSP?

To: debian-edu@lists.debian.org
Subject: Re: RFC/Discuss: Replace KDE by LXDE on LTSP?
From: Knut Yrvin <knut.yrvin@nokia.com>
Date: Thu, 30 Apr 2009 18:37:22 +0200
Message-id: <[🔎] 200904301837.23503.knut.yrvin@nokia.com>
Reply-to: Knut Yrvin <knut.yrvin@nokia.com>
In-reply-to: <[🔎] 20090430141203.GE1838@jones.dk>
References: <[🔎] 200904231958.48907.rgx@gmx.de> <[🔎] 20090430123621.GA6235@ryukin.fglan> <[🔎] 20090430141203.GE1838@jones.dk>

On Torsdag 30. april 2009, Jonas Smedegaard wrote:
> I am baffled that Knut still consider switches a security measure now 6
> years later.

Jonas'es ideal take on the world is always exiting, especially when he 
takes things out of context, using a straw man argument. Here is what I 
wrote: 

> switching gives you a better starting point preventing 
> package sniffing compared with hubs. 

Does this sentence says that I'm asking people to disregard use of other 
security measures? No, it does not. It only states a fact. Switches 
provides a better starting point preventing package sniffing than hubs, 
implying that you should do more. 

Secondly. In an educational context, a schools with scarce resources may 
have to throw out 250 fully working pc's to the junk yard, if developers 
under estimates how little computational power such clients may have. What 
may seems as a small insignificant security addition, might be a measure 
which stops Skolelinux, where the clients don't work. Then Skolelinux get 
the blame. 

Some municipalities which has experienced this have later switched to 
Windows. Such municipalities are able to get a full Windows solution with 
the costly licenses and twice as expensive hardware at every school. And 
I'm talking about twice the cost compared to a full hardware upgrade with 
Skolelinux clients. Clients which can run all security measures you 
recommend Jonas. 

My concern is to prevent an unfortunate assumption: That Skolelinux don't 
work because of a small technical security chance, which may give a huge 
change on old machines (changes which has almost no impact on newer 
machines with 10X power compared to old ones). The security change may not 
be a show stopper in it self. But the software which runs the new security 
feature may use more resources. 

And Jonas, since you're using a straw man argument. I'm asking for a 
little perceptive concerning security, not a circus. Linus Torvalds had a 
comment on that (15 Jul 2008):

"one reason I refuse to bother with the whole security circus is that I 
think it glorifies -- and thus encourages -- the wrong behavior. It makes 
'heroes' out of security people, as if the people who don't just fix normal 
bugs aren't as important. In fact, all the boring normal bugs are way more 
important, just because there's a lot more of them." 

Source: http://article.gmane.org/gmane.linux.kernel/706950

Best regards

Knut Yrvin
-- 
Open Source Community Manager
Qt Software, Nokia
cell: + 47 934 79 561, phone: +47 21 60 27 58
http://qtsoftware.com

Reply to:

Follow-Ups:
- Re: RFC/Discuss: Replace KDE by LXDE on LTSP?
  - From: Knut Yrvin <knuty@skolelinux.no>
- Re: RFC/Discuss: Replace KDE by LXDE on LTSP?
  - From: Jonas Smedegaard <dr@jones.dk>

References:
- RFC/Discuss: Replace KDE by LXDE on LTSP?
  - From: RalfGesellensetter <rgx@gmx.de>
- Re: RFC/Discuss: Replace KDE by LXDE on LTSP?
  - From: Vagrant Cascadian <vagrant@freegeek.org>
- Re: RFC/Discuss: Replace KDE by LXDE on LTSP?
  - From: Jonas Smedegaard <dr@jones.dk>

Prev by Date: Re: RFC/Discuss: Replace KDE by LXDE on LTSP?
Next by Date: LDM vs. KDM
Previous by thread: Re: RFC/Discuss: Replace KDE by LXDE on LTSP?
Next by thread: Re: RFC/Discuss: Replace KDE by LXDE on LTSP?
Index(es):
- Date
- Thread