[Nottingham] Linux attacks in the news
Mat Booth
mbooth at fedoraproject.org
Tue Sep 13 08:46:23 UTC 2011
On 12 September 2011 15:49, Jason Irwin <jasonirwin73 at gmail.com> wrote:
> On 12/09/11 14:45, Martin wrote:
>> Security scares are so commonplace in the tech industry today that
>> it's virtually impossible to keep track of them all. Security scares
>> in the Linux world, however, are still rare enough as to cause at
>> least a small collective gasp of consternation.
>
> I actually think that's part of the issue. There is the myth of "Linux
> is secure", "There are no viruses for Linux" etc.
> So people get the idea that just running a Linux distro of some type
> suddenly makes them golden. So the tech tearing their hair out doesn't
> think that way, just their PHB.
> Those myths may hold true to a certain extent, but that does not hold
> true for installed app. If you put an unpatched pphBB on a hard-core
> distro, it'll still get pwned. What that gets report as is a good question.
>
>> Don't trust unguarded ssh-keys automatic access!
> If I understood what that meant, I'd comply.
>
> I just set my password to "1234". That's enough isn't it?
>
Oblig. XKCD on password strength: http://xkcd.com/936/
Interestingly, when I first joined the internets with CompuServe many
years ago, they assigned me a password that was two dictionary words
delimited by punctuation. Moderately secure and very easy to remember.
To this day I use passwords in this format for all of my low risk
accounts.
--
Mat Booth
http://fedoraproject.org/get-fedora
More information about the Nottingham
mailing list