I was being 100% sarcastic about SELinux.<br><br><div class="gmail_quote">On Sun, Sep 2, 2012 at 1:41 AM, Tristan Santore <span dir="ltr"><<a href="mailto:tristan.santore@internexusconnect.net" target="_blank">tristan.santore@internexusconnect.net</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">On 02/09/12 09:33, Dan Mashal wrote:<br>
> I'm not just an ambassador. I'm a Sysadmin too.<br>
><br>
> Have you heard of suckit rootkit and rst?<br>
><br>
> Times have changed.<br>
><br>
> Had there been links to CVEs and other articles with hard evidence my<br>
> response would have been different.<br>
><br>
> Besides! We have SELinux now! :D<br>
><br>
> Dan<br>
><br>
> On Sun, Sep 2, 2012 at 1:31 AM, Tristan Santore<br>
> <<a href="mailto:tristan.santore@internexusconnect.net">tristan.santore@internexusconnect.net</a><br>
</div><div class="im">> <mailto:<a href="mailto:tristan.santore@internexusconnect.net">tristan.santore@internexusconnect.net</a>>> wrote:<br>
><br>
> On 02/09/12 09:20, Dan Mashal wrote:<br>
> > This is a bunch of BS.<br>
> ><br>
> > No direct links or hard evidence in the article. Even if there<br>
> was, this<br>
> > is a browser issue. Not an OS issue.<br>
> ><br>
> > Dan<br>
> ><br>
> > On Sun, Sep 2, 2012 at 1:19 AM, Tristan Santore<br>
> > <<a href="mailto:tristan.santore@internexusconnect.net">tristan.santore@internexusconnect.net</a><br>
> <mailto:<a href="mailto:tristan.santore@internexusconnect.net">tristan.santore@internexusconnect.net</a>><br>
</div>> > <mailto:<a href="mailto:tristan.santore@internexusconnect.net">tristan.santore@internexusconnect.net</a><br>
<div class="im">> <mailto:<a href="mailto:tristan.santore@internexusconnect.net">tristan.santore@internexusconnect.net</a>>>> wrote:<br>
> ><br>
> > On 02/09/12 03:04, Danishka Navin wrote:<br>
> > > Is this true? (for Linux)<br>
> > ><br>
> ><br>
> <a href="http://news.efytimes.com/e1/89929/New-Trojan-Threatens-Mac-OS-X-Linux-Machines" target="_blank">http://news.efytimes.com/e1/89929/New-Trojan-Threatens-Mac-OS-X-Linux-Machines</a><br>
> > ><br>
> > > Btw, I could not find any source other than this.<br>
> > ><br>
> > > Thanks,<br>
> > > --<br>
> > > Danishka Navin<br>
> > > <a href="http://danishkanavin.blogspot.com" target="_blank">http://danishkanavin.blogspot.com</a><br>
> > > <a href="http://twitter.com/danishkanavin" target="_blank">http://twitter.com/danishkanavin</a><br>
> > > <a href="http://www.flickr.com/photos/danishkanavin/" target="_blank">http://www.flickr.com/photos/danishkanavin/</a><br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > > --<br>
> > > ambassadors mailing list<br>
> > > <a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a><br>
> <mailto:<a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a>><br>
</div>> > <mailto:<a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a><br>
<div><div class="h5">> <mailto:<a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a>>><br>
> > > <a href="https://admin.fedoraproject.org/mailman/listinfo/ambassadors" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/ambassadors</a><br>
> > If it is, it just reinforces that you cannot rely on anything for<br>
> > security, because there is no such thing as a secure system,<br>
> as long as<br>
> > us filthy useless humans write code. Nobody in the linux<br>
> community ever<br>
> > made such promises any way.<br>
> ><br>
> > Just keep updated, install and run clamav every so often,<br>
> maybe install<br>
> > and configure tripwire/aide, do not download dodgy stuff,<br>
> follow and<br>
> > click random dodgy links. Same applies to any other operating<br>
> system<br>
> > really.<br>
> ><br>
> > Compared to many other systems, GNU operating systems can<br>
> still have<br>
> > issues, but far less, and if they do the issue is fixed much<br>
> quicker.<br>
> ><br>
> > Not much else to say really apart from Keep Calm and carry on!<br>
> ><br>
> ><br>
> > Regards,<br>
> ><br>
> > Tristan<br>
> ><br>
> > --<br>
> > Tristan Santore BSc MBCS<br>
> > TS4523-RIPE<br>
> > Network and Infrastructure Operations<br>
> > InterNexusConnect<br>
> > Mobile <a href="tel:%2B44-78-55069812" value="+447855069812">+44-78-55069812</a> <tel:%2B44-78-55069812><br>
> <tel:%2B44-78-55069812><br>
> > <a href="mailto:Tristan.Santore@internexusconnect.net">Tristan.Santore@internexusconnect.net</a><br>
> <mailto:<a href="mailto:Tristan.Santore@internexusconnect.net">Tristan.Santore@internexusconnect.net</a>><br>
</div></div>> > <mailto:<a href="mailto:Tristan.Santore@internexusconnect.net">Tristan.Santore@internexusconnect.net</a><br>
<div class="im">> <mailto:<a href="mailto:Tristan.Santore@internexusconnect.net">Tristan.Santore@internexusconnect.net</a>>><br>
> ><br>
> > Former Thawte Notary<br>
> > (Please note: Thawte has closed its WoT programme down,<br>
> > and I am therefore no longer able to accredit trust)<br>
> ><br>
> > For Fedora related issues, please email me at:<br>
> > <a href="mailto:TSantore@fedoraproject.org">TSantore@fedoraproject.org</a> <mailto:<a href="mailto:TSantore@fedoraproject.org">TSantore@fedoraproject.org</a>><br>
</div>> <mailto:<a href="mailto:TSantore@fedoraproject.org">TSantore@fedoraproject.org</a> <mailto:<a href="mailto:TSantore@fedoraproject.org">TSantore@fedoraproject.org</a>>><br>
<div class="im">> > --<br>
> > ambassadors mailing list<br>
> > <a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a><br>
> <mailto:<a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a>><br>
</div>> > <mailto:<a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a><br>
<div class="im">> <mailto:<a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a>>><br>
> > <a href="https://admin.fedoraproject.org/mailman/listinfo/ambassadors" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/ambassadors</a><br>
> ><br>
> ><br>
> ><br>
> ><br>
> > --<br>
> > ambassadors mailing list<br>
> > <a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a><br>
</div>> <mailto:<a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a>><br>
<div><div class="h5">> > <a href="https://admin.fedoraproject.org/mailman/listinfo/ambassadors" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/ambassadors</a><br>
> As ambassador you should know better to make such definitive statements.<br>
> fact is we do not know any facts yet, so please do not make such views<br>
> public, especially as ambassador. People with less experience will look<br>
> for your guidance. So, provide them with facts, not fiction or innuendo.<br>
><br>
> The fact is, there have been viruses and the like, affecting GNU linux<br>
> based systems before, however, thanks to the way GNU linux systems work,<br>
> such as privilege separation and a "secure" source of software, issues<br>
> are far reduced.<br>
><br>
> I believe there were no more than a few hand full of viruses affecting<br>
> GNU operating systems, however I never found any research document<br>
> stating factual relevant numbers.<br>
> The main issue are remotely exploitable loopholes, found in pretty much<br>
> any software that has a listening port open to the outside world.<br>
> Browsers of course are included in this as they go around to unverified<br>
> locations. So, this might be the most likely source of catching a cold,<br>
> so to speak. However, as we now all use Instant Messaging and silly<br>
> (anti)social-networking, email hosted by third-parties, etc.. you<br>
> sometimes get emails/instant messages from "friends", saying click here<br>
> or download this file, and it was not sent by your friend, even though<br>
> it came from his account. And there you go, you caught a cold.<br>
><br>
> So, by all means, do not assume stuff, because in most cases you will be<br>
> wrong.<br>
><br>
> It best to be vigilant and distrust everything, especially your own code<br>
> you are writing ;-p.<br>
><br>
> Regards,<br>
> Tristan<br>
><br>
> --<br>
> Tristan Santore BSc MBCS<br>
> TS4523-RIPE<br>
> Network and Infrastructure Operations<br>
> InterNexusConnect<br>
> Mobile <a href="tel:%2B44-78-55069812" value="+447855069812">+44-78-55069812</a> <tel:%2B44-78-55069812><br>
> <a href="mailto:Tristan.Santore@internexusconnect.net">Tristan.Santore@internexusconnect.net</a><br>
> <mailto:<a href="mailto:Tristan.Santore@internexusconnect.net">Tristan.Santore@internexusconnect.net</a>><br>
><br>
> Former Thawte Notary<br>
> (Please note: Thawte has closed its WoT programme down,<br>
> and I am therefore no longer able to accredit trust)<br>
><br>
> For Fedora related issues, please email me at:<br>
> <a href="mailto:TSantore@fedoraproject.org">TSantore@fedoraproject.org</a> <mailto:<a href="mailto:TSantore@fedoraproject.org">TSantore@fedoraproject.org</a>><br>
> --<br>
> ambassadors mailing list<br>
> <a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a><br>
> <mailto:<a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a>><br>
> <a href="https://admin.fedoraproject.org/mailman/listinfo/ambassadors" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/ambassadors</a><br>
><br>
><br>
><br>
><br>
> --<br>
> ambassadors mailing list<br>
> <a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a><br>
> <a href="https://admin.fedoraproject.org/mailman/listinfo/ambassadors" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/ambassadors</a><br>
</div></div>If you believe selinux prevents exploits, then you also factually<br>
incorrect. Selinux contains exploits and limits impact. Again, you are<br>
making assumptions. Please do not do that! Also, the fact that there are<br>
"kits with exploits" is quite irrelevant. What is relevant is, that no<br>
software is 100% secure, if anything the notion back in the day that<br>
image/video formats could not be exploited, also proved incorrect.<br>
<br>
So you see, nothing is secure, nothing will probably ever be 100%<br>
secure. Because we are human, we make errors and as such machines make<br>
them too.<br>
<div class="HOEnZb"><div class="h5"><br>
Regards,<br>
<br>
Tristan<br>
<br>
--<br>
Tristan Santore BSc MBCS<br>
TS4523-RIPE<br>
Network and Infrastructure Operations<br>
InterNexusConnect<br>
Mobile <a href="tel:%2B44-78-55069812" value="+447855069812">+44-78-55069812</a><br>
<a href="mailto:Tristan.Santore@internexusconnect.net">Tristan.Santore@internexusconnect.net</a><br>
<br>
Former Thawte Notary<br>
(Please note: Thawte has closed its WoT programme down,<br>
and I am therefore no longer able to accredit trust)<br>
<br>
For Fedora related issues, please email me at:<br>
<a href="mailto:TSantore@fedoraproject.org">TSantore@fedoraproject.org</a><br>
--<br>
ambassadors mailing list<br>
<a href="mailto:ambassadors@lists.fedoraproject.org">ambassadors@lists.fedoraproject.org</a><br>
<a href="https://admin.fedoraproject.org/mailman/listinfo/ambassadors" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/ambassadors</a></div></div></blockquote></div><br>