Mailinglist Archive: opensuse (1728 mails)

< Previous Next >
Re: [opensuse] Re: Carelessness busts Linux security
  • From: Rasmus Plewe <rasmus@xxxxxx>
  • Date: Sun, 13 Dec 2009 14:38:45 +0100
  • Message-id: <20091213133845.GG5881@xxxxxxxxxxxx>
On Sun, Dec 13, 2009 at 04:18:35PM +1100, Basil Chupin wrote:
On 12/12/09 21:28, Carlos E. R. wrote:

The only thing that can protects you from a trojan, is knowing in
advance that it is a trojan and not installing it. Which means, not
ever installing anything outside what /you/ define as secure sources.
[...]
As a "newbie" I consider that the repos showing in YaST's Repositories
are secure - afterall they are listed in my (anticipated to be so)
favourite distro.....and on top of all this I have been constantly
bombarded by Linux people 'shouting' that Linux is DAMN-WELL
SECURE!!........

You getting the drift of what I am saying... :-) ?

Yes: You're talking about a user who does not know anything (which is
ok) and who's unable/unwilling to think (which is a reliable way into
desaster).

In any way, there's security, and there's paranoia. You seem to think
there's a way to take care of the latter. There is, but not for simple
end users, not at a cheap price (not even for very large values of
"cheap"), and usually involving at least 5cm (2in) of air between
network connector and network cable (no wlan). No root password, but two
armed guards at the door.

Security is about trust, and you need to know whom you want to trust if
you are thinking about security (which is a good idea, IMHO). Talking
about openSUSE, you need to trust the openSUSE team, those people
assembling the basic openSUSE system. Plus all the upstream development
processes. Next in line are the Community Repositories. Those listed in
yast2 are what I would call reasonably safe. But they're optional, and
if your security approach leans towards paranoia you can omit them. At
the end of the line there are software packages from sites like
real1ycoo1w4rez.com, and if you trust them, well...

Bottom line, if you automatically believe everything people tell (or
shout at) you, I have a really nice car to sell you, almost as good as
new, a real bargain!


Rasmus
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >