Re: secure installation
Well, considering there are those of us who want to see linux become
an operating system for the average person, and I do believe this is
the ultimate goal of many linux communities.
Whose responsibility is it, in the US if you manufacture a defective
product legally it is your responsibility if someone is harmed. Also,
if you fail to provide warning labels to protect persons who do not
know any better it is again your responsibility. I will leave my
personal beliefs out of the discussion.
There are many things in the world you would be clueless about that
great lengths are gone to to protect You from. hazardous chemicals,
collasped bridges to name a few.
"installing a Firewall that defaults 'on' provides you no real extra
protection if you don't know what in the hell you're doing with it.
(You are coming to a sad realization, cancel or allow?)."
Every little bit helps.
"Let's not dumb down Debian for the rest of the world because a
clueless user _might_ compromise their own credit card numbers."
I said absolutely nothing about dumbing down Debian, I said the
operating system should install a little more securely by default.
On 8/16/07, John Keimel <email@example.com> wrote:
> On 8/15/07, Pat <firstname.lastname@example.org> wrote:
> > 1) What if someone (and I am sure it happens more often than you may
> > realize) who is clueless about computers decides to download Debian,
> > installs it, get hacked, trojaned horsed, their credit cards numbers
> > stolen, etc.
> > It is called responsibility, and we cannot blame it on them for
> > knowing nothing, we can't all be computer security experts. In
> > addition you have the option within lokkit to select "no firewall" if
> > that is what you really want, so it seem to leave freedon of choice as
> > to how to use your computer enabled, along with the option to
> > uninstall it completely.
> But who is the ultimate responsible party? The clueless computer user
> that tries to use some 'new fancy operating system' or the volunteer
> developer of that system? Put your own political opinion onto that
> question - rhetorically.
> No, if someone WANTS to use lokkit, then they certainly can, yes? Am I
> assuming enough that they can 'apt-get install lokkit' and then
> configure it? Make up a web page on how _you_ think you should harden
> a Debian install with Lokkit as the cornerstone of your how-to and
> post it.
> As several others have pointed out, and as we have seen in the world
> of more popular operating systems from Redmond, installing a Firewall
> that defaults 'on' provides you no real extra protection if you don't
> know what in the hell you're doing with it. (You are coming to a sad
> realization, cancel or allow?).
> AFAIAC, if some clueless person installs an operating system they
> don't know and get themselves into some trouble, it's THEIR fault.
> It's not Debian's fault, it's not Linus' fault, it's not Deb or Ian's
> fault. It's not the kernel developer, it's not the CD distributor,
> it's not the mirror host. You're responsible for your own stupidity
> when it comes to linux, I think that's a well established aspect of
> the community already; for good or ill. Very few Linux experts suffer
> fools elegantly. If someone is looking for a more stupid proof distro,
> perhaps Ubuntu or SUSE would serve them better.
> Let's not dumb down Debian for the rest of the world because a
> clueless user _might_ compromise their own credit card numbers.