On Thu, 2007-04-19 at 15:53 -0500, Bruno Wolff III wrote: > On Thu, Apr 19, 2007 at 18:13:28 +0200, > Tomas Larsson <tomas@xxxxxxx> wrote: > > > > I'm not saying that Windows by any means are safer than other OS, but its > > not more un-safe either. > > I disagree. While it isn't really the OS's fault, Microsoft encourages > applications to be written to do dangerous things rather than inconvenience > the user. > > > What I'm saying that any-one that runs an unprotected computer despite all > > media coverage is stupid, he or she cannot blame the OS if he or she opens a > > virusinfected mail. > > No they ought to blame their crappy email client that executes foreign code. > > > Obviously there must be flaws in any OS/SW even Linux, as an example my > > FC4-server was rooted, due to a flaw in php/MySQL. > > PHP is known for making mistakes easy. Especially if you set it to not run in safe mode so badly written PHP programs can run. 'Tis better to run in safe mode and fix the bad code. Yes, I've been down that road with our clients. My answer: "It runs in safe mode. Fix your code." > > I ended up with a complete re-install, if it was a windows-system, first of > > all, it wouldn't probably happen, since my AW would have taken care of it, > > plus the fact that I would have managed to remove it without re-installing, > > Only if you like living dangerously. If a machine is compromised, there are > two relatively safe options. Reinstall from known good media or boot off of > known good media and remove all trojan software. Often it is easier to > reinstall than trying to sort out good from bad files. Which is why things such as tripwire were invented. > The same is true for > Windows. You can hope that no human looked at your machine and your antitrojan > cleanup software gets everything, but you have know way of knowing for sure, if > you don't do a complete check. The inherent incestuousness of Windows makes any exploit VERY dangerous. ---------------------------------------------------------------------- - Rick Stevens, Principal Engineer rstevens@xxxxxxxxxxxx - - VitalStream, Inc. http://www.vitalstream.com - - - - Diplomacy: The art of saying "Nice doggy!" until you can find a - - big enough rock. - ----------------------------------------------------------------------
