Full Disclosure mailing list archives
RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause
From: "Wes Noonan" <mailinglists () wjnconsulting com>
Date: Sun, 18 Jan 2004 10:51:32 -0600
On Sun, 18 Jan 2004, Wes Noonan wrote: Why? Name one virus for Linux that AV software would have protected against, that a noexec /tmp wouldn't have.
Security isn't about protecting against old threats; it's about protecting against new threats. If running virus protection has the potential to protect against new threats, than it is worth running. If an IDS/IPS has the potential to protect against new threats, than it is worth running. If a personal firewall has the potential to protect against new threats, than it is worth running. Security is about a total process, not a specific product or application.
We're a 7-person shop with a budget of $0 for software. I'd love to see a Microsoft shop with a similar software budget.
I'd love you to show me a 700, 7000 or 70000 person shop that can say that. Frankly, you just illustrated a point here, whether you intended to or not. When you are a small shop that has the expertise, you can do anything you want. When you are a large shop, you no longer have that ability. You have to think big. You have to think about things like "what if David, who is the only person who really knows our systems, leaves. Where does that leave us"? This is especially true in cases where you have free software being offered with no support. Microsoft, whether you want to admit it or not, learned that long ago. They learned that the need was there for OSes and applications that are tremendously portable between people. They learned that not everyone in IT is a developer or has the skills or capabilities to write and compile custom code to suit there every need, and frankly not everyone needs to. They learned that companies want support and they don't want to have to rely on "Joe the admin" who is the only one who can recode and recompile the application if there is a problem. Some Linux companies are learning these lessons as well. You can see that in the tremendous leaps and bounds of usability and functionality that they have made.
Why should I spend money, time and energy trying to secure a basically un-securable system, when I can not spend money, spend a whole lot less time and energy, and have a more secure system?
Microsoft is only un-securable for those who don't know how to secure it (the same can be said of Linux of course). Clearly, you seem to know Linux. Equally clearly, to me at least, you don't seem to know Microsoft very well. You claim, repeatedly, that Linux is so much easier to secure. I believe that this is directly related to your level of expertise on Linux. Similarly you claim, repeatedly, that Microsoft is impossible to secure. I believe, similarly, that this claim is directly related to your level of expertise on Microsoft. While to you it may take less time and energy to harden a Linux system compared to Microsoft, I would point out that there are a lot of other folks who would probably be able to argue and prove the opposite - that it is much easier and takes less time and energy to harden Microsoft than Linux. Heck, I can guarantee you that I can harden a Microsoft system infinitely better than I could a similar Linux system. Someone else pointed out that no OS is bug free, which is a truism. The ability to harden a system, if one knows what they are doing, is also a truism.
So unless you investigate alternative systems seriously, you're just ensuring a monopoly situation, which guarantees bad software. Complacency and defeatism have no place in the fight to secure our computers.
The more and more you post, the more things like this you write, the more clear it becomes that your position has little more than a religious passion for Linux and a religious dislike of Microsoft backing it with little other real substance. Protestants, Catholics. Muslims, Jews. Penguinistas and Microsofties. It isn't about securing our computers, it's about not using Microsoft. It's an old, tired, pointless argument. :shrug: Wes Noonan mailinglists () wjnconsulting com http://www.wjnconsulting.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Re: January 15 is Personal Firewall Day, help the cause, (continued)
- Re: Re: January 15 is Personal Firewall Day, help the cause David F. Skoll (Jan 16)
- Re: Re: January 15 is Personal Firewall Day, help the cause Bruce Ediger (Jan 17)
- Re: Re: January 15 is Personal Firewall Day, help the cause Valdis . Kletnieks (Jan 17)
- Re: Re: January 15 is Personal Firewall Day, help the cause Tobias Weisserth (Jan 17)
- RE: Re: January 15 is Personal Firewall Day, help the cause Wes Noonan (Jan 16)
- RE: Re: January 15 is Personal Firewall Day, help the cause Ron DuFresne (Jan 16)
- RE: Re: January 15 is Personal Firewall Day, help the cause Ron DuFresne (Jan 16)
- RE: Re: January 15 is Personal Firewall Day, help the cause David F. Skoll (Jan 18)
- Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause Wes Noonan (Jan 18)
- Re: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause David F. Skoll (Jan 18)
- RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause Wes Noonan (Jan 18)
- Re: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause Jeremiah Cornelius (Jan 18)
- RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause Wes Noonan (Jan 18)
- RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause David F. Skoll (Jan 18)
- RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause Wes Noonan (Jan 18)
- RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause David F. Skoll (Jan 18)
- RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause Wes Noonan (Jan 18)
- RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause David F. Skoll (Jan 18)
- RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause Wes Noonan (Jan 18)
- RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause David F. Skoll (Jan 18)
- RE: Religion... was RE: Re: January 15 is Personal Firewall Day, help the cause Wes Noonan (Jan 18)