Re: package for security advice

To: Russell Coker <russell@coker.com.au>
Cc: debian-security@lists.debian.org
Subject: Re: package for security advice
From: Jonathan Hutchins <hutchins@tarcanfel.org>
Date: Sat, 07 Mar 2020 11:46:54 -0600
Message-id: <[🔎] 32743c4439ca5f6495961a3e9b5fdf3a@tarcanfel.org>
In-reply-to: <[🔎] 5499777.kjKQSeBIVr@liv>
References: <[🔎] 5499777.kjKQSeBIVr@liv>

The only way to achieve real security is through knowledge. Pressing ashiny automated button is just going to implement what somebody elsethinks is good for the system they assume you're running. Find thesecurity websites, podcasts, newsletters, books. Learn what you reallyneed to do for your actual case, not what somebody else thinks youshould do. Learn what is superstitious paranoia that will never evencome close to a private personal system.

If you're going to run a public web server, mail server, or whatever,one run of a script is not going to keep you secure. You need to knowwhat the actual attack vectors can be, and need to be prepared for athreat that nobody's thought of yet.

Microsoft tells you all you have to do is click the little check boxthat turns on the security they've built and you're all safe.


Microsoft lies.

Read.

--
Jonathan

Reply to:

Follow-Ups:
- Re: package for security advice
  - From: Noah Meyerhans <noahm@debian.org>

References:
- package for security advice
  - From: Russell Coker <russell@coker.com.au>

Prev by Date: Re: package for security advice
Next by Date: Re: package for security advice
Previous by thread: Re: package for security advice
Next by thread: Re: package for security advice
Index(es):
- Date
- Thread