GNOME 3.4 released

Posted Apr 5, 2012 16:33 UTC (Thu) by khim (subscriber, #9252)
In reply to: GNOME 3.4 released by elanthis
Parent article: GNOME 3.4 released

That said, there's no FUD here.

Oh, but there is. Right here:

Windows is more secure in that it offers user-facing security features that Linux never has.

Security can not be measured by counting features. In fact often additional features make security worse, not better. Windows ACL model is quite powerful and convenient, but I'm not sure it offers better security. It's complexity is it's worst enemy. When I try to remove SYSTEM-owned file in FAR from Administrator account it explains to me that it can not be done. Unless I'll give permission agree to “try harder” - then it repeats with DEBUG permissions and file is gone. That's not security, that's snake oil.

That's entirely different than the _design_ of Windows being one focusing on desktop security.

Windows is designed for convenience, not for security. Sure, Windows NT was designed with some good security ideas in mind, but when it become obvious that they hurt performance and usability most of them were abandoned and subverted.

Only after huge outcry when totally insecure design of Windows XP (let's not even talk about Windows 9X, ok) created plethora of malware Microsoft started adding features which can provide real security on desktop. Some of them are genuinely useful, some are more of snake oil.

Linux has almost no solution here, besides adding SELinux (only even used on one major-ish distro) and some weak sand-boxing.

Actually seccomp sandboxing can be quite robust, but hard to use. There are interesting development in this direction under Linux which makes it more useful.

But hey, claim you know me, say that basic facts are "FUD," and then try to discredit me.

FUD education 101:
Basic fact: in Windows you can do X, Y and Z, in Linux it's impossible.
FUD: Windows is super-hyper (according to more than a few places), Linux is meh (according to more than a few places).

Where are your facts?

Here is an example of your “fact”:

On Linux, there's basically no way to be sure that the screen you're looking at is really your desktop or admin panel or whatever and not some other malware that injected itself via the a hole in the non-sandboxed Firefox processes Linux users are still primarily using as their Web browsers.

First of all it mixes the issues (Chrome uses pretty robust sandbox on Linux), then it includes true statement (yes, Windows's Ctrl-Alt-Del is pretty robust protection against some kinds of attacks) but omits an important detail (in Windows Vista and above you don't need to press Ctrl-Alt-Del before you'll be asked to enter Admin's password).

The sad truth is that Ctrl-Alt-Del was useful security feature in Windows NT 3.1, but over time Microsoft worked long and hard to make it less and less useful. Today Microsoft have trained users to enter password after screen “flash” instead of doing it after Ctrl-Alt-Del. Which turned Ctrl-Alt-Del from genuine protection to snake oil security.

This “fact” is FUD, plain and simple. Good, high-quality FUD (it includes genuinely true statements and lies mostly by omission), yes, but it does not make it less FUDish.