Call Search
     

New to Ham Radio?
My Profile

Community
Articles
Forums
News
Reviews
Friends Remembered
Strays
Survey Question

Operating
Contesting
DX Cluster Spots
Propagation

Resources
Calendar
Classifieds
Ham Exams
Ham Links
List Archives
News Articles
Product Reviews
QSL Managers

Site Info
eHam Help (FAQ)
Support the site
The eHam Team
Advertising Info
Vision Statement
About eHam.net

donate to eham
   Home   Help Search  
Pages: Prev 1 [2] 3 4 5 6 Next   Go Down
  Print  
Author Topic: Linux has a catastrophic flaw...  (Read 53393 times)
W8JX
Member

Posts: 13268




Ignore
« Reply #15 on: September 25, 2014, 02:59:34 PM »

Wow. Linux has one flaw! (Already fixed by the way).

How many thousands of security vulnerabilities has Windows had over the years? 

one flaw, get real. As far as it is fixed get real again because of its nature it will take some time to stamp out. As far as windows, sure they have had issue but they fix them quickly. I feel safer with Win 8 than Linux.
Logged

--------------------------------------
Ham since 1969....  Old School 20wpm REAL Extra Class..
KK4GGL
Member

Posts: 1327




Ignore
« Reply #16 on: September 25, 2014, 06:16:56 PM »

Bash is not natively supported in Windows and can be supported only through emulation so at present it is not a threat for security.

Windows is not a threat for security?

AHAH ahah aha HAH Ahah ahh HAH ahha h HA hahahaha ha...

.. oh, were you serious?
Logged

73,
Rick KK4GGL
AJ1Z
Member

Posts: 11




Ignore
« Reply #17 on: September 25, 2014, 06:17:50 PM »

Wow. Linux has one flaw! (Already fixed by the way).

How many thousands of security vulnerabilities has Windows had over the years? 

First of all, the released patch in response to Shellshock is a partial remediation that closes some of the security holes, but it is NOT a fix. There are additonal related vulnerabilties that still exist, and I don't know if the released patch is effective against the worms that have been released.

CVE-2014-7169 is the assignment for the new issue so there will likely be some additional followon activity people will need to take.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7169

I did a CVE (software flaws) keyword search for "Windows"  that warranted a CVE assignment over the last 3 years in the National Vulnerability database - 843 matching records.
Interestingly enough, "Linux" came up with 842.

Some other quick results:

Microsoft - 933
Red Hat - 2589
SuSE - 2013
Debian - 5491
XP - 2454
Windows 7 - 1269
Ubuntu - 3403

Some vulnerabilities do have multiple CVE assignments which would tend to skew the results, but anyone should feel free to go to web.nvd.nist.gov and search for themselves however they choose if they want to come up with a more accurate representation.  The more important point is that Linux users also need to take care in how they configure their machines and be diligent in both updating their system kernels and in patching their applications regularly.


Logged
KK4GGL
Member

Posts: 1327




Ignore
« Reply #18 on: September 25, 2014, 06:18:24 PM »

Wow. Linux has one flaw! (Already fixed by the way).

How many thousands of security vulnerabilities has Windows had over the years? 

one flaw, get real. As far as it is fixed get real again because of its nature it will take some time to stamp out. As far as windows, sure they have had issue but they fix them quickly. I feel safer with Win 8 than Linux.

.. and you expect to have any credibility at all?
Logged

73,
Rick KK4GGL
W8JX
Member

Posts: 13268




Ignore
« Reply #19 on: September 26, 2014, 03:58:10 AM »

Wow. Linux has one flaw! (Already fixed by the way).

How many thousands of security vulnerabilities has Windows had over the years? 

one flaw, get real. As far as it is fixed get real again because of its nature it will take some time to stamp out. As far as windows, sure they have had issue but they fix them quickly. I feel safer with Win 8 than Linux.

.. and you expect to have any credibility at all?

What has that got to do with anything? Given that BASH works with add on devices and even some car brands there is no easy across board fix and no automatic updates. Windows will update itself as needed.
Logged

--------------------------------------
Ham since 1969....  Old School 20wpm REAL Extra Class..
KK4GGL
Member

Posts: 1327




Ignore
« Reply #20 on: September 26, 2014, 05:07:55 AM »

Wow. Linux has one flaw! (Already fixed by the way).

How many thousands of security vulnerabilities has Windows had over the years? 

one flaw, get real. As far as it is fixed get real again because of its nature it will take some time to stamp out. As far as windows, sure they have had issue but they fix them quickly. I feel safer with Win 8 than Linux.


.. and you expect to have any credibility at all?

What has that got to do with anything? Given that BASH works with add on devices and even some car brands there is no easy across board fix and no automatic updates. Windows will update itself as needed.

Are you actually saying that GNU/Linux distros don't have automatic updates?
Logged

73,
Rick KK4GGL
W8JX
Member

Posts: 13268




Ignore
« Reply #21 on: September 26, 2014, 07:10:30 AM »

Wow. Linux has one flaw! (Already fixed by the way).

How many thousands of security vulnerabilities has Windows had over the years? 

one flaw, get real. As far as it is fixed get real again because of its nature it will take some time to stamp out. As far as windows, sure they have had issue but they fix them quickly. I feel safer with Win 8 than Linux.


.. and you expect to have any credibility at all?

What has that got to do with anything? Given that BASH works with add on devices and even some car brands there is no easy across board fix and no automatic updates. Windows will update itself as needed.

Are you actually saying that GNU/Linux distros don't have automatic updates?

Tell me about the automatic across the board all flavor auto update for Linux. It does not exist.
Logged

--------------------------------------
Ham since 1969....  Old School 20wpm REAL Extra Class..
W4KYR
Member

Posts: 1803




Ignore
« Reply #22 on: September 26, 2014, 07:22:26 AM »

Wow. Linux has one flaw! (Already fixed by the way).

How many thousands of security vulnerabilities has Windows had over the years? 

one flaw, get real. As far as it is fixed get real again because of its nature it will take some time to stamp out. As far as windows, sure they have had issue but they fix them quickly. I feel safer with Win 8 than Linux.


.. and you expect to have any credibility at all?

What has that got to do with anything? Given that BASH works with add on devices and even some car brands there is no easy across board fix and no automatic updates. Windows will update itself as needed.

Are you actually saying that GNU/Linux distros don't have automatic updates?

Tell me about the automatic across the board all flavor auto update for Linux. It does not exist.

Yep, Windows updates are the best

'BSOD gives Microsoft blues: Faulty Patch Tuesday update yanked'
http://www.techtimes.com/articles/13391/20140820/bsod-gives-microsoft-blues-faulty-patch-tuesday-update-yanked.htm


"The Return of BSOD: Does ANYONE trust Microsoft patches?
Sysadmins, you're either fighting fires or seen as incompetents now"
http://www.theregister.co.uk/2014/08/18/microsoft_security_sanity_buster/


"Windows 8.1 Works Subsequent Updates Turns PC to Brick"
http://windowssecrets.com/forums/showthread.php/157991-Windows-8-1-Works-Subsequent-Updates-Turns-PC-to-Brick


"Bricked Your Surface RT With Windows 8.1? Let's Fix That"
http://www.pcmag.com/article2/0,2817,2426014,00.asp


"Defective Security Update KB 2957509"
http://social.technet.microsoft.com/Forums/en-US/fedb6152-09e0-4eba-80c5-60d6dfab0b6e/defective-security-update-kb-2957509?forum=itmanager

.
Logged

The internet and cellphone networks are great until they go down, what then? Find out here. 
https://www.eham.net/ehamforum/smf/index.php/topic,111948.0.html

Using Windows 98 For Packet...
AG6WT
Member

Posts: 510




Ignore
« Reply #23 on: September 26, 2014, 08:31:41 AM »

Tell me about the automatic across the board all flavor auto update for Linux. It does not exist.

Automatic updates in the Linux universe is not common.

BUT THAT IS NOT A MISSING FEATURE. IT IS AN INTENTIONAL DESIGN.

I've been using Ubuntu for years and it will notify me when updates are available and will let me decide when I will download them and when I will install them.  One of Windows many frustrating features, IMHO, is automatic updates and restarts.  More than once I've been running a compute intensive task overnight only to find that Windows has performed an update and restart... and of course it has no idea how to resume the job.

On servers, admins don't like automatic updates either. They want to notify users when a system is going down.  They want to be present when the update is done so that they can be sure the update doesn't break anything and can rollback if the update doesn't work out.

However, just like Windows gives you the option to disable automatic updates, Ubuntu gives you the option to automatically install security patches.  I know Fedora/RedHat/CentOS and SuSE do too. I think you'd be hard-pressed to find a major Linux distribution that doesn't have a robust update system in place.
Logged
W8JX
Member

Posts: 13268




Ignore
« Reply #24 on: September 26, 2014, 08:47:07 AM »

I've been using Ubuntu for years and it will notify me when updates are available and will let me decide when I will download them and when I will install them.  One of Windows many frustrating features, IMHO, is automatic updates and restarts.  More than once I've been running a compute intensive task overnight only to find that Windows has performed an update and restart... and of course it has no idea how to resume the job.

Never had that problem as it will not auto reboot if you do not want it too. You can disable auto updates if you want too. If you have had this happen then you clearly do not know how to setup windows fully.
Logged

--------------------------------------
Ham since 1969....  Old School 20wpm REAL Extra Class..
KK4GGL
Member

Posts: 1327




Ignore
« Reply #25 on: September 26, 2014, 10:49:46 AM »

Wow. Linux has one flaw! (Already fixed by the way).

How many thousands of security vulnerabilities has Windows had over the years? 

one flaw, get real. As far as it is fixed get real again because of its nature it will take some time to stamp out. As far as windows, sure they have had issue but they fix them quickly. I feel safer with Win 8 than Linux.


.. and you expect to have any credibility at all?

What has that got to do with anything? Given that BASH works with add on devices and even some car brands there is no easy across board fix and no automatic updates. Windows will update itself as needed.

Are you actually saying that GNU/Linux distros don't have automatic updates?

Tell me about the automatic across the board all flavor auto update for Linux. It does not exist.

You really like shooting your credibility, don't you? There is no such thing as an all flavor Linux. There also is no all flavor Windows. There are great many Windows patches that work on one version and not the other. In addition, the Bash bug does not effect all devices running Linux, nor all distributions of GNU/Linux simply because Bash installed on every device running Linux.

I already gave you a list of distributions of GNU/Linux that have published patches.

Now, be a good little shill and go to some research.
Logged

73,
Rick KK4GGL
W8JX
Member

Posts: 13268




Ignore
« Reply #26 on: September 26, 2014, 11:19:36 AM »

There is no such thing as an all flavor Linux. There also is no all flavor Windows.

Who is shooting whose foot over a typo. It was meant to be all "FLAVORS" of Linux and in same sense there is many flavors of Windows too.

You have nothing to do other than trying to sling mud so sad. Any reasonable person would have understood typo but not you.... 
Logged

--------------------------------------
Ham since 1969....  Old School 20wpm REAL Extra Class..
KK4GGL
Member

Posts: 1327




Ignore
« Reply #27 on: September 26, 2014, 11:59:13 AM »

There is no such thing as an all flavor Linux. There also is no all flavor Windows.

Who is shooting whose foot over a typo. It was meant to be all "FLAVORS" of Linux and in same sense there is many flavors of Windows too.

You have nothing to do other than trying to sling mud so sad. Any reasonable person would have understood typo but not you.... 

And, once again, "all flavors of Linux" is meaningless.

You also failed to address the fact that  the Bash bug does not effect all devices running Linux, nor all distributions of GNU/Linux, nor "all flavors of Linux" simply because Bash is not (my bad typing previously) installed on every device running Linux.

In addition, you failed to address the fact that automatic updates can be configured on most GNU/Linux distributions. I assume (that can be a problem) that the same can be said for most of the BSDs and OS X.

So, again, be a good little shill and go so some research.
Logged

73,
Rick KK4GGL
K5UNX
Member

Posts: 813


WWW

Ignore
« Reply #28 on: September 26, 2014, 12:00:48 PM »

This whole discussion is ridiculous LOL . . . So what? There is a security issue with *nix that's getting patched. The media has again blown it into something bigger than it is . . . Yea it's big in terms of the number of possibly affected systems, but they are getting patched. Yea some will have auto-patching turned off and not patch, staying vulnerable.  This happens all the time on Windows and Linux and OSX and etc etc. This doesn't make Linux bad and Win good.  
Logged

N5INP
Member

Posts: 2312




Ignore
« Reply #29 on: September 26, 2014, 04:34:42 PM »

Quote
Top U.S. regulators warn banks over 'Shellshock' bug
WASHINGTON Fri Sep 26, 2014 6:47pm EDT


Reuters) - A group of top U.S. financial regulators urged banks to quickly fix their software to protect it against the "Shellshock" computer bug, saying it could expose them to fraud.

Shellshock is a newly emerged major Internet threat that affects a common software tool found in many operating systems known as Bash, or Bourne-again Shell.

"The pervasive use of Bash and the potential for this vulnerability to be automated presents a material risk," the Federal Financial Institutions Examinations Council said.
 

The FFIEC is an interagency body that can prescribe common standards for banks that includes the Federal Reserve, the Federal Deposit Insurance Corporation, the Office of the Comptroller of the Currency, and others. The banks should identify all their systems that use Bash and update them, and should also check third-party software, the group of regulators said.

http://www.reuters.com/article/2014/09/26/us-cybersecurity-shellshock-banks-idUSKCN0HL2IY20140926
Logged

Help out the Club Log QSL Card Tagging Project - Tag DX QSL Cards
Pages: Prev 1 [2] 3 4 5 6 Next   Go Up
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC Valid XHTML 1.0! Valid CSS!