Re: red worm amusement
On Sun, Jul 22, 2001 at 12:54:49PM +1000, CaT wrote:
> You know. You're right. We should make it as difficult as possible
> to install software. Right down to removing makefiles from source
> repositories and rot13ing the source code because the harder it is
> to install a piece of software, the more secure a box is.
No, I'm simply saying not to start services immediately. I mean really,
who in their right mind starts a service without looking at the config
files? How hard is it to add the links from /etc/rc?.d to /etc/init.d
(isn't there script to do this anyway)?
> And then the computer you just spent a few grand on will be about
> as useful as a toaster without heating elements.
That's better than them getting sued for a hell of a lot more than they
paid for their machine because someone launched an attack from their
machine, and they can't prove they didn't to it.
> The trick is not to make installation of software more difficult. The
> trick is in informing the user about what they just did and what
> consequences it may have for them.
I would settle for better notification. The point of not doing the
final steps is to force the user to have some understanding about
what their doing.