on Thu, Nov 27, 2003 at 06:57:18AM -0800, Tom (tb.31123.nospam@comcast.net) wrote:
> On Thu, Nov 27, 2003 at 05:39:05AM -0800, Karsten M. Self wrote:
>
> Thanks for the excellent answers.
>
> > ...you don't need to worry about viruses for GNU/Linux.
>
> > GNU/Linux has a security profile. It's generally markedly different
> > from legacy MS Windows.
>
> > I don't think viruses and worms, as
> > commonly defined, will characterize the problem.
>
> > There are few attacks on GNU/Linux, *BSD, or proprietary unices which
> > are of the "world comes to an end" variety.
>
> > They will likely be
> > largely localized (affecting a subset of users and systems)
>
> I have a friend who is 1000 times smarter about Unix than me, and he
> has told me the whole history of Sendmail exploits, Bind exploits, and
> horriblly crufty design decisions and gaffs and el crapo code all
> throughout the history of Unix. His personal opinion is that Linux is
> a mere distraction written by amateurs; FreeBSD is closer to the
> ideal.
This mostly shows that distribution bigotry isn't limited to GNU/Linux
flavors.
The irony of the Sendmail and BIND exploit story is that the *BSDs still
use both programs. Jailed or chrooted, often. But still in use.
Including, I'll add, the pre-emptively secure OpenBSD.
Too: there have been few major security issues with _then current_
releases of either Sendmail or BIND since the mid-to-late 1990s. Yes,
they've continued to have warts (and the whole issue of DNS security
continues to give those who worry about such things cold sweats), but
major gaffs which are stuff of common legend have been rare.
Moreover: there are alternatives to both now. Qmail was designed
specifically to address security issues with Sendmail...which it does
well. At the cost of much other functionality and flexibility.
Postfix, exim, courier, and smail also exist, slightly less paranoid
than Sendmail, but largely compatible. And far less complex.
I'm less versed on DNS alternatives, but my friend Rick Moen keeps a
comprehensive list:
http://linuxmafia.com/faq/Network_Other/dns-servers.html
> I'm not advocating his belief, it's just that (1) the history of Unix as
> a cracker proof platform is not true;
Strawman.
No reasonable person posits GNU/Linux is hackproof.
What *is* generally stated:
- GNU/Linux is, typically, more secure than legacy MS Windows
platforms. Specific measures are hard to assess, but a "total
vulnerability composite profile" based on severity of exploits,
number of vulnerable systems, live-time of exploit (time between
first exploit and effective patch/mitigation distribution). There's
been some spectacular dissembling, particularly by Enderle, Langa, Moody,
Thurrot, and others, on "bug count" comparisons between GNU/Linux and
legacy MS Windows. Never mind that:
- Raw counts are a largely meaningless measure.
- "GNU/Linux" is defined as all 3,000, or 8,000, or 13,000, or
whatever number of packages that _can be_ installed with a typical
"kitchen sink" GNU/Linux, despite the fact that only 46 packages
(comprising 3551 files and directories) are actually required for
a baseline Debian installation, while ...
- "legacy MS Windows" is defined to exclude such virtually mandatory
add-ons as MSIE, MS Office, and MS Outlook, not to mention
ubiquitously installed components such as MSDE (the Blaster
vector).
- It's performance that matters. Microsoft brought the Net to its
knees in February with Blaster, in July, with SoBig, in September,
with Swen (which still hits me 65 times a day), and to lesser
extents with Nachi, MSBlast, and other viruses:
http://www.lugod.org/microsoft/?filter=virus
- GNU/Linux is far easier to practically harden than legacy MS Windows
platforms. Where security absolutely, positively matters, you can
strip GNU/Linux down to a bare minimum. In the case of some
bootable or chroot server systems, little more than kernel, libs,
and daemon. These can be run from nonvolatile, bootable media
(write-protected floppy, CDROM), and/or with integrity checkers
(tripwire, kernel memory access protection) in place. There are
several distros and/or tools to harden GNU/Linux: Bastille,
SELinux, Immunix.
http://www.rickjohnson.org/writing/itworld/msg00028.html
When the NSA starts using GNU/Linux as a security tool, most of the
"it can't be made secure" arguments start looking really, really
stupid.
> (2) most of the professional Unix community views Linux as a largely
> amateurish attempt relative to their "heavy duty code",
See above comments regarding OS bigotry.
This is a non-factual statement. "Professional Unix community" has
nothing to do with proprietary vs. non-proprietary 'Nix variants, and now
largely encompasses GNU/Linux and BSDs. And at best, I'll grant you a
rephrase as "some proprietary Unix bigots view".
You're also shifting bases on us. This started as a "GNU/Linux vs.
legacy MS Windows" security comparison. You're now comparing GNU/Linux
vs. proprietary Unix and/or *BSDs. I'm just noting that you've moved
the goalposts.
For the record, I've professionally used: MVS, CM, VMS, SunOS, Solaris,
HPUX, Irix, Mac < 8.x, MS DOS, DR DOS, and Win 3.x/95/98/NT/2K/XP. I've
also used a motley mix of older PC systems dating to Commodore PETs,
Apple ][, and TRS 80. Just missed the Altair days.
People become attached and fixed to their platforms of choice.
Sometimes for defensible reasons, often not. I'd strongly recommend you
look at the book _The Innovator's Dilemma_, by Clayton M. Christensen
(ISBN: 0060521996).
From my own direct experience, proprietary Unix "userland" (shell tools,
window managers, desktop environments, user applications) is worlds
behind GNU/Linux (or the *BSDs). Where the proprietary platforms are
catching up, it's by including the free software tools, not by promoting
in-house alternatives (e.g.: Sun pushing GNOME). Developers on
proprietary systems often take as their first step installing a GNU
tool-chain.
Poking through the AT&T Research website a few days back
(http://www.attresearch.com/), one of the standout details was that AT&T
Research, the home of UNIX, C, and much else that's core to computing,
was actively chasing free software's taillights:
- The UWIN toolkit has included bash as a user shell. The UWIN
toolkit is managed by David Korn, developer of the "POSIX standard"
korn shell.
- UWIN has also made several changes to be more compatible with gcc.
AT&T is the home of the C and C++ programming languages -- and is
now actively seeking compatibility with GNU C/C++.
- A compression utility was compared to the "standard" gzip. Not
AT&T's own "compress" program.
...and several similar such comments. These weren't emblazoned across
webpage headlines as dramatic statements of seeking free software
compatibility, but more tellingly, scattered throughout changelogs and
notes as simple statements of fact. Which IMO is even more significant.
Studies of code quality (notably "Fuzz" and "Fuzz Revisited") show that
code quality of free software code is at least as good as, if not
better, than proprietary Unix code.
Proprietary Unices do have certain specific application areas of
significance. Each of the four mainstream Unix vendors initially
targeted their own hardware architecture: IBM - PowerPC, Sun - SPARC,
HP - PA-RISC, and SGI - MIPS. And at high-end scalability, each tends
to do better than alternatives on these architectures. However, *each*
architecture is also covered by GNU/Linux (and NetBSD), often with
superior performance on uniprocessor or dual processor configurations.
There are other specific niches covered by some proprietary systems, but
these are gradually being eroded by GNU/Linux (again, see _Innovator's
Dilemma_). The result is companies such as Caldera/SCO (now suing IBM
and GNU/Linux for fun and (they pray) profit), or Sun (hopelessly
ambiguous on their GNU/Linux support). All other significant Unix
vendors -- IBM, HP, SGI, and now Wind River (embedded systems) have
embraced GNU/Linux. Often after a long period of apparent indifference,
if not outright hostility.
> and (3) we're all human.
Yourself included.
> I believe all of your statements I snipped are destined to be crow one
> day we will all eat.
Accepting limitations of your tools, taking proper precautions, and
working through them, isn't in my definition of "eating crow". It's
called dealing with reality.
> However, I think your professionalism and exhaustiveness in answering my
> questions is absolutely admirable, absolutely the correct way to be, and
> absolutely the best philosophy we can have to "do the best we can."
NP.
Peace.
--
Karsten M. Self <kmself@ix.netcom.com> http://kmself.home.netcom.com/
What Part of "Gestalt" don't you understand?
Bush/Cheny '04: BU__SH__!
Attachment:
pgpA5OHkmGS8B.pgp
Description: PGP signature