Getting to F18

Eddie G. O'Connor Jr. eoconnor25 at gmail.com
Mon Dec 17 00:19:13 UTC 2012 

On 12/16/2012 12:12 PM, Reindl Harald wrote:
>
> Am 16.12.2012 18:02, schrieb Bruno Wolff III:
>> On Sun, Dec 16, 2012 at 19:17:50 +1030,
>>    Tim <ignored_mailbox at yahoo.com.au> wrote:
>>> On Sat, 2012-12-15 at 11:18 -0600, Bruno Wolff III wrote:
>>>> Unless you think you have a chance of being singled out by a goverment
>>>> or if you don't trust some of the people/machines on your local
>>>> network, this isn't a significant risk.
>>> You don't think some malcontent might try to set up a bogus repo, or
>>> damage another one, just because they're an ass?
>> They have to get people to use such a repo, which is going to be hard. One could get away with it perhaps for a
>> little while by showing different data to users and to the mirror checker. And only a small fraction of people are
>> going to end up using such a mirror.
> nothing easier as to point you to another repo with /etc/hosts
> if something goes wrong on your machine - it is enough if you
> are ONE TIME ente your root-password in the wrong dialog and
> after pointing you to a modified repo you get a backdoor installed
> which you can not detect if it is done well by filter output of
> lsof, ps and whatever tools you think are helping you in such cased
>
> who makes you believe repos are always trustable for sure and no
> ssh-keys of maintainers are lost and misued? it happened not so long
> ago to the fedora infrastructure (google is your friend)
>
> the first and largest mistake in context security you can make
> is to think you are secure but not have the knowledge to make
> sure it is so - goodwill and hope is no base for security
>
>
>
But aren't there ways to protect myself?...I use ClamAV, I have NO IDEA 
how it works, and I'm trying like hell to get a grasp of the SELinux 
thing, but until I'm a "guru" in either of those categories, how would I 
prevent myself and my system from being compromised? I don't place too 
much faith in AV tools....only because coming from a "Windows World" the 
Symantecs.......McAfees......and various other so-called "protection 
services" did nothing to keep me safe. And mind you I was NEVER so 
ignorant as to think that just updating virus definition files would 
protect me......and that I could just click on anything I wanted! I was 
cautious! I didn't even visit certain sites I had heard got "hit"....so 
coming from that environment....and not being savvy enough to "hack" 
myself into a perfect state of hardened security....what's someone who's 
still in transition to do?...


EGO II
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20121216/c0d32922/attachment.html>

More information about the users mailing list