On Wed, Feb 28, 2007 at 20:00:26 -0500, Matthew Miller <mattdm@xxxxxxxxxx> wrote: > On Wed, Feb 28, 2007 at 06:51:23PM -0600, Bruno Wolff III wrote: > > > If you are connected to the internet in any way, your machine will get > > > hacked and you will become part of a botnet serving spam or worse. This is > > > pretty much an inevitability. > > It isn't that bad. If you block inbound connections by default and do your > > own updates of services that are accessible from the network, and don't > > have any untrusted local users, you are fairly safe. If you are only going > > to have a couple network services available, it might be enough less work > > to be worthwhile. > > You also have to not ever use network client software. For example, the > mozilla package in FC4, and everything linked against it, is high risk. Yes, I should have mentioned you need to watch your web browser, email and news clients. However, since people generally only use one client in each category this doesn't add a lot of work. > It may not happen immediately, and I'm sure we'll get a half-dozen anecdotes > of the "hasn't happen to me" variety, but overall, it's a near-certainty. I don't think the risk is that much different than getting updates from Fedora. The key packages are getting updated either way. > If you wanted Fedora to be something else, you should have worked on Fedora > Legacy. As it is, that's dead. So, if you want to not update frequently, use > a distribution that's designed with a long lifespan. That's good general advice. However, that doesn't mean there are exceptional cases where people could use Fedora out of support without a lot of effort and without a big difference in risk of getting their machine hacked.
