Re: secure installation

To: Pat <paparsoss@gmail.com>, debian-security@lists.debian.org
Subject: Re: secure installation
From: "John Keimel" <john@keimel.com>
Date: Thu, 16 Aug 2007 06:38:32 -0400
Message-id: <[🔎] fe374f8d0708160338u3bc87335q6e7c042a54466d84@mail.gmail.com>
In-reply-to: <[🔎] 2e4e9dbd0708152047kbd810f7o41f2f31e481d07e1@mail.gmail.com>
References: <[🔎] 2e4e9dbd0708151223q2f88f8e1m7689fb2912ca16fd@mail.gmail.com> <[🔎] 46C3726B.8040508@st-andrews.ac.uk> <[🔎] 2e4e9dbd0708152047kbd810f7o41f2f31e481d07e1@mail.gmail.com>

On 8/15/07, Pat <paparsoss@gmail.com> wrote:
> 1) What if someone (and I am sure it happens more often than you may
> realize) who is clueless about computers decides to download Debian,
> installs it, get hacked, trojaned horsed, their credit cards numbers
> stolen, etc.
>  It is called responsibility, and we cannot blame it on them for
> knowing nothing, we can't all be computer security experts. In
> addition you have the option within lokkit to select "no firewall" if
> that is what you really want, so it seem to leave freedon of choice as
> to how to use your computer enabled, along with the option to
> uninstall it completely.
>

But who is the ultimate responsible party? The clueless computer user
that tries to use some 'new fancy operating system' or the volunteer
developer of that system? Put your own political opinion onto that
question - rhetorically.

No, if someone WANTS to use lokkit, then they certainly can, yes? Am I
assuming enough that they can 'apt-get install lokkit' and then
configure it? Make up a web page on how _you_ think you should harden
a Debian install with Lokkit as the cornerstone of your how-to and
post it.

As several others have pointed out, and as we have seen in the world
of more popular operating systems from Redmond, installing a Firewall
that defaults 'on' provides you no real extra protection if you don't
know what in the hell you're doing with it. (You are coming to a sad
realization, cancel or allow?).

AFAIAC, if some clueless person installs an operating system they
don't know and get themselves into some trouble, it's THEIR fault.
It's not Debian's fault, it's not Linus' fault, it's not Deb or Ian's
fault. It's not the kernel developer, it's not the CD distributor,
it's not the mirror host. You're responsible for your own stupidity
when it comes to linux, I think that's a well established aspect of
the community already; for good or ill. Very few Linux experts suffer
fools elegantly. If someone is looking for a more stupid proof distro,
perhaps Ubuntu or SUSE would serve them better.

Let's not dumb down Debian for the rest of the world because a
clueless user _might_ compromise their own credit card numbers.

Reply to:

Follow-Ups:
- Re: secure installation
  - From: paddy@panici.net
- Re: secure installation
  - From: Pat <paparsoss@gmail.com>
- Re: secure installation
  - From: Pat <paparsoss@gmail.com>

References:
- secure installation
  - From: Pat <paparsoss@gmail.com>
- Re: secure installation
  - From: Ian McDonald <iam@st-andrews.ac.uk>
- Re: secure installation
  - From: Pat <paparsoss@gmail.com>

Prev by Date: Re: [DSA 1356-1] New Linux 2.6.18 packages fix several vulnerabilities
Next by Date: Re: secure installation
Previous by thread: Re: secure installation
Next by thread: Re: secure installation
Index(es):
- Date
- Thread