Password security

Gregory Woodbury redwolfe at gmail.com
Tue Mar 3 14:51:26 UTC 2015 

This is just the latest symptom that Fedora and RedHat are showing of
a disease I call "beating Microsoft at their own game."

The main symptom is removing choice and forcing admins and users to do
things the way the company wants you to do it. "Things will LOOK this
way!  Things will WORK that way!"
It is as if someone has decided that Fedora / RedHat will be as simple
to install and use as Windows and will look as much like it as
possible.

If I wanted a locked down (and bug-ridden) OS for my computer I would
just go ahead and use Microsoft.
I choose Linux because I want choice, power and flexibility, and the
advantages that open source supplies.

In either case, a computing mono-culture is not advantageous for
anyone except the corporation(s) controlling that mono-culture.

On Tue, Mar 3, 2015 at 8:14 AM, Robert Moskowitz <rgm at htt-consult.com> wrote:
>
> On 03/02/2015 05:16 PM, Mike Chambers wrote:
>>
>> Hey all,
>>
>> Obviously when installing F22 now, you have that new password security
>> level to make you jump through hoops to set a password during install.
>> I understand the reasoning for "secure" passwords, but there is one
>> catch.
>
>
> What will happen is that a single (or small subset) of passwords will be
> used for root during install (Fedora_Project works fine, you don't have to
> add the 123 at the end).  User ID setup will be done with admin rights and
> no password required.  Then after install is complete, passwd would be used
> to set up a 'regular' password for root and the user.
>
> Meanwhile the system is on the net with a known root password and maybe a
> knowable user ID for N minutes with SSH up and running and open.  What is
> the exposure.
>
> Besides SSH what other attack vector exists until the passwords are reset?
>
>>
>> *I* am the admin at my house hold, and *I* am the admin at my company
>> (scenario speaking), and *I* set how secure I want passwords set at
>> those locations, not *you*.  I will determine how tough I want my
>> systems, I don't need any hand holding, nor help.
>>
>> And in reality, we don't have a lot of kids, grandmas, grandpas,
>> careless operators, typical window users using these systems as normal
>> everyday workstations like window users, so they aren't going to
>> experience the same issues.
>>
>> Linux is not like windows, it doesn't have the same type system, so the
>> same type things won't hurt it.  Most stuff that will get hurt, stolen
>> from, hacked, whatever is online stuff such as banks, credit cards
>> stuff, etc..
>>
>> In other words, give us the tools to help get people in the right
>> direction, but don't try to turn the wrench as well.  That's up to use
>> to get it how tight we want.  Whether it falls apart or not, is on us.
>>
>>
>> Besides that, I changed that crap back to what I wanted in the first
>> place after the install.  So your security was breached off the bat.
>> Please get rid of it and set it back to like before.
>>
>> Thanks and have a good day,
>>
>>
>
> --
> test mailing list
> test at lists.fedoraproject.org
> To unsubscribe:
> https://admin.fedoraproject.org/mailman/listinfo/test



-- 
-- 
G.Wolfe Woodbury
redwolfe at gmail.com

More information about the test mailing list