[Nottingham] Linux attacks in the news

Mat Booth mbooth at fedoraproject.org
Tue Sep 13 08:46:23 UTC 2011

On 12 September 2011 15:49, Jason Irwin <jasonirwin73 at gmail.com> wrote:
> On 12/09/11 14:45, Martin wrote:
>> Security scares are so commonplace in the tech industry today that
>> it's virtually impossible to keep track of them all. Security scares
>> in the Linux world, however, are still rare enough as to cause at
>> least a small collective gasp of consternation.
> I actually think that's part of the issue.  There is the myth of "Linux
> is secure", "There are no viruses for Linux" etc.
> So people get the idea that just running a Linux distro of some type
> suddenly makes them golden.  So the tech tearing their hair out doesn't
> think that way, just their PHB.
> Those myths may hold true to a certain extent, but that does not hold
> true for installed app.  If you put an unpatched pphBB on a hard-core
> distro, it'll still get pwned.  What that gets report as is a good question.
>> Don't trust unguarded ssh-keys automatic access!
> If I understood what that meant, I'd comply.
> I just set my password to "1234".  That's enough isn't it?

Oblig. XKCD on password strength: http://xkcd.com/936/

Interestingly, when I first joined the internets with CompuServe many
years ago, they assigned me a password that was two dictionary words
delimited by punctuation. Moderately secure and very easy to remember.
To this day I use passwords in this format for all of my low risk

Mat Booth

More information about the Nottingham mailing list