On Mon, Sep 16, 2002 at 02:28:25PM +1000, David Pastern wrote: | For those that don't subscribe to slashdot news, debian-security-announce@lists.debian.org has a better signal/noise ratio regarding security issues :-). | an interesting article that | I found (doesn't necessarily related to Debian linux, but does to linux in | general) : | | http://slashdot.org/article.pl?sid=02/09/15/1513255 For the real info, see http://www.debian.org/security/2002/dsa-136 http://lists.debian.org/debian-security-announce/debian-security-announce-2002/msg00087.html http://online.securityfocus.com/bid/5363 | This makes it imperative to patch systems with security patches asap. This statement has always been true. For a historical example, take a look at the Ramen worm. The worm wasn't released until months after the fix had been distributed. It's much easier to write a worm when the exploit has already been publicized. | If i'm under the understanding, virus/worms have been on an increase | in the past 6-12 months on Linux systems. Do people think this is | because of the more widespread usage of LInux now, or something more | sinister (like Microsoft deliberately writing viruses to attack | Linux - I know that sounds paranoid, but microsoft is a dirty player | and uses any tricks in the books to get market share...) It doesn't matter who is creating the malicious code. While everyone has the responsibility to not act maliciously, the software developers have the responsibility of not encouraging such activity (namely by writing "secure" software). If developers write decent software in the first place, and then release patches when a fault is discovered, then Microsoft really doesn't matter one way or the other. It is also your own responsibility to stay on top of the updates when they are published. Since you use debian, that is the easy part. Just subscribe to debian-security-announce and run apt periodically. -D -- He who belongs to God hears what God says. The reason you do not hear is that you do not belong to God. John 8:47 http://dman.ddts.net/~dman/
Attachment:
pgpyob4Pqjtvd.pgp
Description: PGP signature