"Protected" -- for how long?

Posted Apr 22, 2009 23:25 UTC (Wed) by dersteppenwolf (guest, #58226)
In reply to: "Protected" -- for how long? by hppnq
Parent article: The details on loading rootkits via /dev/mem

"Unlike with other systems, the Linux kernel development process allows turds as well as gems to be entered into mainline"

This would be great marketing tagline for Red Hat. But I hope you realize the flawed logic behind this reasoning. Let's imagine for a second that PaX was a turd, and ExecShield a gem, or viceversa (depending on your touch with reality and experience on security matters and system internals). Why the integration of some of the PaX features was never considered for mainline?

I'm not talking about the segmentation-based approach to NX, which could have understandable drawbacks for inclusion. But, what about the other gazillion advances PaX has implemented a decade ago and everyone has been slowly, but steadily plagiarizing? (yes, you read that right: plagiarizing. The act of copying someone else's work without giving proper credit or obscuring it for one's self promotion).

Further more, "Linux systems are unsafe, or less safe than they need be" implies you mix an objective sense of security with your perceived one. Let's say that the child pornography collection of some pedophile in Thailand does not have the same security impact as the manuals for operating a military beacon. And I agree, but the problem is that Linux is unsafe because of managerial decisions taken by people who don't have the necessary background, understanding and acumen to make them. Just because Linus is a demigod among hippies does not make him a kernel security nutcase.

I won't go into greater depths to demonstrate that your logic is the actual flawed one, besides the seemingly sheer power you have for squeezing a handful ad hominem fallacies in such a short text.

Linux, so good it smells. If you drink the koolaid, it might go away.

"Protected" -- for how long?

Posted Apr 24, 2009 14:50 UTC (Fri) by hppnq (guest, #14462) [Link] (3 responses)

This would be great marketing tagline for Red Hat.

Even though in this very first sentence you reveal that 1) you do not understand the Linux kernel development process, 2) you do not understand the Red Hat business model and 3) you did not understand my comment, you still managed to surprise me with the rest of your comment.

"Protected" -- for how long?

Posted Apr 27, 2009 17:36 UTC (Mon) by dersteppenwolf (guest, #58226) [Link] (2 responses)

You are right, I don't really understand the business model behind Red Hat. It's quite a challenging thing to understand how a corporation gets away with making a profit from the work of helpful and altruist volunteers world-wide.

And in a similar path of reasoning, I don't understand how Linux (especially 2.6) could end up being used in a corporate environment. With all due respect, it's a theme park version of an operating system core. The rollercoaster gives you a huge thrill, but you throw up anyway.

Regarding your comment, It was indeed pretty awesome, man.

"Protected" -- for how long?

Posted Apr 27, 2009 23:58 UTC (Mon) by nix (subscriber, #2304) [Link] (1 responses)

Thus speaks someone who's never seen high-end financial software used to
throw umpty-trillions around the world.

Believe me, Linux is a glittering icon of perfection next to most of
*that* appalling grot. (I don't even need to mention the major settlement
system whose core was for many years an umpty-thousand-line shell
script... but I'm going to anyway because I want to make you feel as ill
as I do.)

"Protected" -- for how long?

Posted Apr 28, 2009 3:07 UTC (Tue) by dersteppenwolf (guest, #58226) [Link]

Thanks for giving me cancer. Can we get back to discussing why Linux is flawed because their developers choose it to be that way? Even goddamn Vista is safer at the moment. That's kind of a shame.