Re: [orca-list] Fwd: Re: [Support] autoinstall of talking arch

[Todor Fassl <fassl tod gmail com>]

Right but what's a "reputable source"? You are requiring the end user to 
make a judgement call that simply isn't necessary in linux. When it 
comes to deciding which operating system is more secure by design, this 
is a huge point in favor of linux.

The last time I got into this debate it was on the nfb-cs list. The main 
advocate for Windows pointed out that a standard install of debian 
starts the rpc-bind daemon and opens port 111. Well, you *could* stop 
that, after all. But my main problem with the point is that I've never 
heard of anyone using port 111 and the rpc-bind daemon as an attack 
vector. I googled for exploits and didn't find anything. To compare a 
flaw like that to the problems in Windows is really misleading.

You can tell end users to install programs from reputable sources but 
that is easier said than done.


On 02/17/2015 08:22 PM, Christopher Chaltain wrote:
> Installing applications from official repositories is a choice. There 
> are plenty of other ways to get applications on to your system. If you 
> practice some common sense on Windows, and only install applications 
> you get from reputable sources and keep your software up to date 
> you'll go a lon ways towards avoiding malware on Windows.
>
> On 02/17/2015 02:29 PM, Todor Fassl wrote:
> > No, linux is less prone to viruses because almost everything you install
> > is from an official repository. It would be difficult to get a virus
> > into an official repository. Even if you did, you'd only do it once
> > because you'd be blackballed as a developer for forever. And the source
> > code is there for everyone to see.
> >
> > As far as I know, no one has ever gotten a virus into a package from an
> > official repository for any major distro. I've been watching security
> > email lists and newsletters for years for something like that and I've
> > never seen it.
> >
> >
> > What a hacker could do is to include a program compiled for linux as an
> > email attachment. You could run it by double clicking on it but it
> > couldn't change systems files unless you ran it via sudo and entered
> > your password. You could probably write a program that first asked for
> > your password and then forked itself and infected your system. That'd be
> > rather obvious though.
> >
> >
> > On 02/16/2015 01:12 PM, Josh K wrote:
> > > but if everybody ran linux all of a sudden wouldn't the virus makers
> > > then target linux just like they target windows now? and if they put
> > > an all out viral assault on linux wouldn't linux cave like windows
> > > does often?
> > >
> > > follow me on twitter @joshknnd1982
> > >
> > > On 2/16/2015 1:32 PM, Kyle wrote:
> > > > With things like viruses, compromises of personal data and other 
> > > > things
> > > > we hear about in the news every day, I could never recommend running
> > > > Windows in an office setting either. Fact is that Windows was 
> > > > initially
> > > > designed for gamers and children, whereas Linux and other Unix-like
> > > > operating systems have been designed with business in mind, and have
> > > > only recently, say within the last 10 to 12 years or so, gotten to the
> > > > point where more casual home users can feel comfortable using it. No
> > > > marketing hype in the world will change my perception of Windows as a
> > > > toy and nothing more, especially when I can't watch the news without
> > > > seeing yet another infected ATM, credit card machine or other bank or
> > > > store related terminal that never should have been running Windows in
> > > > the first place, but has been compromised because it does, and an old
> > > > version at that. So yeah, I'm for Linux or BSD all the way, and 
> > > > Linux is
> > > > the most polished OS I've been able to find that talks to me, unless
> > > > anyone has any pointers on how to get a *real* BSD (NOT MacOS) 
> > > > talking,
> > > > in which case, I'm all ears. Man do I want me some BSD! But then 
> > > > again,
> > > > BSD just doesn't seem to have the hardware support or even the ease of
> > > > use that Linux now enjoys, so it will still require some shell 
> > > > knowledge
> > > > at this point, and I can't really recommend it to novice users the 
> > > > way I
> > > > have been able to get them turned on to the easier non-geek-oriented
> > > > Linux distros.
> > > > Sent from my coffee maker
> > >
> > > _______________________________________________
> > > orca-list mailing list
> > > orca-list gnome org
> > > https://mail.gnome.org/mailman/listinfo/orca-list
> > > Visit http://live.gnome.org/Orca for more information on Orca.
> > > The manual is at
> > > http://library.gnome.org/users/gnome-access-guide/nightly/ats-2.html
> > > The FAQ is at http://live.gnome.org/Orca/FrequentlyAskedQuestions
> > > Log bugs and feature requests at http://bugzilla.gnome.org
> > > Find out how to help at http://live.gnome.org/Orca/HowCanIHelp
> >
> > _______________________________________________
> > orca-list mailing list
> > orca-list gnome org
> > https://mail.gnome.org/mailman/listinfo/orca-list
> > Visit http://live.gnome.org/Orca for more information on Orca.
> > The manual is at
> > http://library.gnome.org/users/gnome-access-guide/nightly/ats-2.html
> > The FAQ is at http://live.gnome.org/Orca/FrequentlyAskedQuestions
> > Log bugs and feature requests at http://bugzilla.gnome.org
> > Find out how to help at http://live.gnome.org/Orca/HowCanIHelp