[CentOS] CentOS 7 docs, tutorials, etc...

Valeri Galtsev galtsev at kicp.uchicago.edu
Fri Oct 10 18:01:21 UTC 2014 

On Fri, October 10, 2014 12:33 pm, William Woods wrote:
> So claim made, nothing to back it up. Got it.
>
> all I need to say is
BASH , OpenSSL
..
>

Nice examples. One-sided though. All software has bugs. You prefer
security through obscurity (closed source, and you have to _trust_ the
vendor of it). But there are numerous security issues with closed source
M$ Windows system. Of course, you would prefer closed source example UNIX.
Here it goes: SSH (as opposed to openSSH we all have thanks to OpenBSD
project). There was an awful security hole in it about 13 years ago and as
sshd daemon runs by user root, we were just waiting if stray root just
will walk into our Solaris boxes. Waiting for parch from system vendor and
simultaneously compiling openssh as a replacement. Those of us who had
majority of boxes under Linux (hence with openssh that wasn't vulnerable)
had less trouble...

I guess, you go you to your church, and I will go to mine. I do not
consider "security through obscurity" a security. I prefer not to wreck my
brain thinking "to what extent can I trust this corporate vendor". I
prefer the code put out into open so everybody can review it. I doesn't
mean that open source code will be audited diligently. But the fact that
it can be gives the best reassurance for me. I do join that clever person
who said "security only can be in open source".

Valeri

> I am sure there are more.
>
> But really, if you are going to claim something, at least be willing to
> back up what you claim is that asking to much ?
>
> On Oct 10, 2014, at 12:21 PM, Valeri Galtsev <galtsev at kicp.uchicago.edu>
> wrote:
>
>>
>> On Fri, October 10, 2014 12:01 pm, William Woods wrote:
>>> Really, you have some URL’s to back up the paranoia ?
>>
>> Well, that's the problem with closed source systems (Which MS Windows is
>> and commercial antiviruses for it are). One can claim something and
>> there
>> is no way to prove it is right or it is wrong (or left? ;-)
>>
>> I remember some clever person said: "security can only be in open
>> source".
>> There are systems that are not [quite] open source, even though they are
>> based on open source. I may be out of date but some time ago (last time
>> I
>> cared to check) Android was not (even though it is based on Linux
>> kernel,
>> there is fair chunk of closed code in its kernel). Everybody is free to
>> imagine me with tin foil hat on, or with pointy hat on...
>>
>> Valeri
>>
>>>
>>> On Oct 10, 2014, at 12:00 PM, Always Learning <centos at u62.u22.net>
>>> wrote:
>>>
>>>>
>>>> On Fri, 2014-10-10 at 12:19 -0400, James B. Byrne wrote:
>>>>
>>>>> On Thu, October 9, 2014 21:11, John R Pierce wrote:
>>>>>> On 10/9/2014 6:07 PM, Valeri Galtsev wrote:
>>>>>>> BTW, the whole idea of "antivirus" is flawed. It is based on
>>>>>>> "enumerate
>>>>>>> bad". You can't, as one never knows what will be invented in a
>>>>>>> future.
>>>>>>
>>>>>> I agree, but I don't know what else you can put in the hands of the
>>>>>> novice, unless its the iPhone world of corporate approved apps only
>>>>>> purchased through a monopoly 'app store'.
>>>>>>
>>>>>
>>>>> Which simply means: Only 'Government Approved' viruses allowed.
>>>>
>>>> Excellent point. Windows 95 was designed to be accessible by the USA
>>>> authorities. USA anti-virus software "allows" access from the USA
>>>> authorities.
>>>>
>>
>>
>> ++++++++++++++++++++++++++++++++++++++++
>> Valeri Galtsev
>> Sr System Administrator
>> Department of Astronomy and Astrophysics
>> Kavli Institute for Cosmological Physics
>> University of Chicago
>> Phone: 773-702-4247
>> ++++++++++++++++++++++++++++++++++++++++
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>


++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++

More information about the CentOS mailing list