[Sussex] Re: Sourcing list of hardware

Wed Oct 25 12:18:15 UTC 2006

Geoff

A good set of point.

On Wed, 2006-10-25 at 12:17 +0100, Geoff Teale wrote:
> Currently there are no viruses in common circulation
> 
> Linux has an inherently more robust approach to its security model
> 
> Linux mail clients do not provide a scripting environment
> 
> Major open source projects benefit from peer review
> 
> GCC 4.x and apparmour offer some protection from common software flaws

I beleive that Microsoft have had this kind of technology in their
compilers for some time.  It helps, but it is not a solution.

> Given all these points, and so long as you sensible enough not to
> download arbitrary pieces of software and invoke them as root, the
> benefits of installing anti-virus software on a Linux box right now are
> not worth the effort involved.

Personally I believe that it is down to culture.  Unix was designed to
be multi-user from the get-go.  So from the very being the culture was
that others will have access to this computer so we need to protect data
from illegal use.

Windows was born from DOS and DOS comes from the pre-LAN Personal
Computer arena.  If a computer belongs to one use user and that user has
to insert a floppy disk to install software then that computer should
damn well do what the users wants.
I also think that there is a lower expectation of Windows users as to
technical computer competence.

I've heard it said that Windows is unuseable if you don't run with Local
Admin rights.  I don't believe that to be true - some IT departments
lock down their Windows desktop systems in this way so they must be
useable.  I would agree that such systems are more combersome.  You
can't just install any software you want, that can only be done by one
someone from the IT department - so you have justify the install, get
autherisation, and then wait for the guy from IT to turn up - hassle!

At home it is hassle too.  If you only have a GUI to admin your system
then you have to log out as your normal user and then log in as the
Admin - hassle.  Here Linux scores if you're a power CLI user - admin
rights are just an "xterm" and "su" away.  But even GUI users are better
off as many GUI admin tools prompt for the root password.

People are generally lazy.  By that I mean we all want a hassle free
life.  If Windows users accepted the hassle of not running as Admin then
there would be much less harm done by viruses.  If you surf the Net or
read your e-mail as a non-Admin then any virus that attacks my that
method will do far less damage.  Microsoft has not helped by not
facilitating non-Admin use.

But in the end it is users' fault: they may whinge and complain about
viruses but they still go out and buy Windows in droves.  While
customers are buy your "hassle free" software where is the drive to make
it more secure?

Steve