Wolfgang Woehl wrote:
There is no widely-used mechanism in place that would prevent any application you run from opening network sockets, having rwx access to what you own including hardware etc. Not that most apps would need all these privileges.
The question is, how would the remote script kiddie replace the vendor-supplied application with a hostile trojan in the first place? That small detail always seems to be glossed over in these conversations.
Randall, Sloan, James: You know all this. All of you mentioned sets of things people need to be careful about. Like strong passwords, updating, establishing trust between a user and the community he/she depends on, not being a fool etc. Right on. "I click anything because I'm on linux" just doesn't fit in.
You're entitled to your viewpoint that it "doesn't fit in" but IMHO that's more of an aesthetic matter, rather than any real differences we may have in the technical understanding of things. We all agree that extreme stupidity is not a good policy, whether driving, or using a computer. However, I can't leave unchallenged this silly idea that there are no differences in the level of security risk in using linux vs using windows. The fact is, microsoft users all take for granted the drill of installing and maintaining the patchwork of 3rd-party band-aids which are necessary to prevent immediate infestation of spyware, trojans, viruses etc on a brand new windows pc. I've been reminded from time to time of the "deer in the headlights" mentality which often affects microsoft users, when I've sent my mother an email containing a URL or an attachment and she's afraid to open it, even though she trusts me personally, for fear of who knows what nasty things might happen to her computer. There *is* a difference in using windows and linux. I'm not saying we should be stupid and reckless, I'm just saying that there is a definite difference. BTW I'm still waiting to see that attachment or the URL which, if I click on, would take over my linux box...
So, again, and concluding as I seem to have said my share: Don't advocate carelessness. It's inherently dangerous in the long run. That's not much to ask is it?
No, that's not too much to ask - and IMHO neither is it too much to ask that you don't deny the fact that linux users have a lot less to worry about than microsoft users, security-wise. Fair enough? Joe -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org