mac mini server update
in [UK Mac]
|
From: Ben Shimmin on 30 Mar 2010 07:42 chris <ithinkiam(a)gmail.com>: > On 29/03/10 20:18, Ben Shimmin wrote: >> chris<ithinkiam(a)gmail.com>: >>> On 29/03/10 15:25, Chris Ridd wrote: >>>> On 2010-03-29 13:45:30 +0100, chris said: >>>>> Where did you get that idea from? Unless you're installing malware, a >>>>> linux machine is as safe with default software as it is with extras >>>>> added. >>>>> >>>>> Installing 'stuff' from the Ubuntu repositories (which are signed) is >>>>> typically very safe. >>>> >>>> Signing is irrelevant, it just proves that it came from Ubuntu. >>> >>> It's not irrelevant. Which is safer; downloading stuff from random >>> websites or from a 'known' repository? >> >> <URL:http://www.debian.org/security/2008/dsa-1571> >> >> b. --just sayin' > > I know. That was a very public and rare exception for which debian was > rightly criticised. Now, as a comparison, how many security > vulnerabilities are there in software from random websites? Or even not > so random ones: Adobe, Realplayer, etc. > > It's all relative, as someone once said ;) Well, I can only repeat what Chris Ridd said: signing is irrelevant. The Debian signing process was obviously screwed up, which was embarrassing for them, but it has no real bearing on the security of the software they were signing: whether it had security holes in it. The more you expose of your server -- the more services you are running on it -- the more likely you are to expose a vulnerability. It's just common sense, innit. I missed the start of this thread, which was probably about serving iTunes on a local network or something, in which case this is all totally irrelevant! b. -- <bas(a)bas.me.uk> <URL:http://bas.me.uk/> `Zombies are defined by behavior and can be "explained" by many handy shortcuts: the supernatural, radiation, a virus, space visitors, secret weapons, a Harvard education and so on.' -- Roger Ebert
From: T i m on 30 Mar 2010 07:53
On Tue, 30 Mar 2010 12:41:16 +0100, usenet(a)alienrat.co.uk (Woody) wrote: <snip> > >It is very unlikely that T i m is going to be a target of a hacking >attack but that is only just by statisttcs. He is no less likely to be >attacked than anyone else. It is just security by obscurity, which is >just a numbers game. All nicely put (and what I was trying to say in my own clumsy way) and as 'broadband' and machines get faster one assumes automated / brute force / drive-by type 'bot-hits' are likely more often? Anyroadup, if we are aware / bothered about such things (and I know we all should be but I expect the majority aren't) then we do what we can and keep our fingers crossed. Cheers, T i m |