On Fri, October 10, 2014 1:07 pm, William Woods wrote: > Not at all, and please don’t tell me what I prefer, All I prefer is that > people try to be homiest, you are right all software has bugs, but to > imply in any way that > open source is better is a misnomer. > > I use open source, closed source, whatever tool fits the job, I don’t > belong > to any specific church re: software, nor am I a closed/open source zealot. > > I know its kinda hard for people to accept someone on a centos mailing > list would > use closed source, I am sorry some of you purists are offended. No, I'm happy and not offended at all. And it turns out we do pretty much the same thing. I do use closed source wherever it does the job, and for tasks that are not cover by open source. Some closed source software is great. But wherever I do want to save brain figuring out what to use for the task that has highest demands in security... you already know my answer. Valeri > > On Oct 10, 2014, at 1:01 PM, Valeri Galtsev <galtsev at kicp.uchicago.edu> > wrote: > >> >> On Fri, October 10, 2014 12:33 pm, William Woods wrote: >>> So claim made, nothing to back it up. Got it. >>> >>> all I need to say is BASH , OpenSSL .. >>> >> >> Nice examples. One-sided though. All software has bugs. You prefer >> security through obscurity (closed source, and you have to _trust_ the >> vendor of it). But there are numerous security issues with closed source >> M$ Windows system. Of course, you would prefer closed source example >> UNIX. >> Here it goes: SSH (as opposed to openSSH we all have thanks to OpenBSD >> project). There was an awful security hole in it about 13 years ago and >> as >> sshd daemon runs by user root, we were just waiting if stray root just >> will walk into our Solaris boxes. Waiting for parch from system vendor >> and >> simultaneously compiling openssh as a replacement. Those of us who had >> majority of boxes under Linux (hence with openssh that wasn't >> vulnerable) >> had less trouble... >> >> I guess, you go you to your church, and I will go to mine. I do not >> consider "security through obscurity" a security. I prefer not to wreck >> my >> brain thinking "to what extent can I trust this corporate vendor". I >> prefer the code put out into open so everybody can review it. I doesn't >> mean that open source code will be audited diligently. But the fact that >> it can be gives the best reassurance for me. I do join that clever >> person >> who said "security only can be in open source". >> >> Valeri >> >>> I am sure there are more. >>> >>> But really, if you are going to claim something, at least be willing to >>> back up what you claim is that asking to much ? >>> >>> On Oct 10, 2014, at 12:21 PM, Valeri Galtsev >>> <galtsev at kicp.uchicago.edu> >>> wrote: >>> >>>> >>>> On Fri, October 10, 2014 12:01 pm, William Woods wrote: >>>>> Really, you have some URL’s to back up the paranoia ? >>>> >>>> Well, that's the problem with closed source systems (Which MS Windows >>>> is >>>> and commercial antiviruses for it are). One can claim something and >>>> there >>>> is no way to prove it is right or it is wrong (or left? ;-) >>>> >>>> I remember some clever person said: "security can only be in open >>>> source". >>>> There are systems that are not [quite] open source, even though they >>>> are >>>> based on open source. I may be out of date but some time ago (last >>>> time >>>> I >>>> cared to check) Android was not (even though it is based on Linux >>>> kernel, >>>> there is fair chunk of closed code in its kernel). Everybody is free >>>> to >>>> imagine me with tin foil hat on, or with pointy hat on... >>>> >>>> Valeri >>>> >>>>> >>>>> On Oct 10, 2014, at 12:00 PM, Always Learning <centos at u62.u22.net> >>>>> wrote: >>>>> >>>>>> >>>>>> On Fri, 2014-10-10 at 12:19 -0400, James B. Byrne wrote: >>>>>> >>>>>>> On Thu, October 9, 2014 21:11, John R Pierce wrote: >>>>>>>> On 10/9/2014 6:07 PM, Valeri Galtsev wrote: >>>>>>>>> BTW, the whole idea of "antivirus" is flawed. It is based on >>>>>>>>> "enumerate >>>>>>>>> bad". You can't, as one never knows what will be invented in a >>>>>>>>> future. >>>>>>>> >>>>>>>> I agree, but I don't know what else you can put in the hands of >>>>>>>> the >>>>>>>> novice, unless its the iPhone world of corporate approved apps >>>>>>>> only >>>>>>>> purchased through a monopoly 'app store'. >>>>>>>> >>>>>>> >>>>>>> Which simply means: Only 'Government Approved' viruses allowed. >>>>>> >>>>>> Excellent point. Windows 95 was designed to be accessible by the USA >>>>>> authorities. USA anti-virus software "allows" access from the USA >>>>>> authorities. >>>>>> >>>> >>>> >>>> ++++++++++++++++++++++++++++++++++++++++ >>>> Valeri Galtsev >>>> Sr System Administrator >>>> Department of Astronomy and Astrophysics >>>> Kavli Institute for Cosmological Physics >>>> University of Chicago >>>> Phone: 773-702-4247 >>>> ++++++++++++++++++++++++++++++++++++++++ >>>> _______________________________________________ >>>> CentOS mailing list >>>> CentOS at centos.org >>>> http://lists.centos.org/mailman/listinfo/centos >>> >>> _______________________________________________ >>> CentOS mailing list >>> CentOS at centos.org >>> http://lists.centos.org/mailman/listinfo/centos >>> >> >> >> ++++++++++++++++++++++++++++++++++++++++ >> Valeri Galtsev >> Sr System Administrator >> Department of Astronomy and Astrophysics >> Kavli Institute for Cosmological Physics >> University of Chicago >> Phone: 773-702-4247 >> ++++++++++++++++++++++++++++++++++++++++ >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> http://lists.centos.org/mailman/listinfo/centos > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++