From owner-freebsd-questions@FreeBSD.ORG Thu Jun 12 20:28:55 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0015C1065677 for ; Thu, 12 Jun 2008 20:28:54 +0000 (UTC) (envelope-from naylor.b.david@gmail.com) Received: from ag-out-0708.google.com (ag-out-0708.google.com [72.14.246.250]) by mx1.freebsd.org (Postfix) with ESMTP id A2FE68FC0A for ; Thu, 12 Jun 2008 20:28:54 +0000 (UTC) (envelope-from naylor.b.david@gmail.com) Received: by ag-out-0708.google.com with SMTP id 8so6835397agc.3 for ; Thu, 12 Jun 2008 13:28:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:organization:to:subject :date:user-agent:references:in-reply-to:cc:mime-version:content-type :content-transfer-encoding:message-id; bh=QicAxIDnGCUUegW07nKFtx11xHwyfLIoLS7rvEJKwTQ=; b=FXn1P2YkkE5h4pmBxFZbzwFW2eBmulj2fEgCEGmw+TgnzjMZp+i3sAk4iMu7FPu0Tp 0qSzb1Yzsu4xwRs9H+bltqaviCB43obwBBWuf/ZqWUvlIb5T5DQdXXFaOn+Al5Q/5IDn 96wUFOgSDmg+sqDBhjvwNWOqcO9MTPCg1drHg= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:organization:to:subject:date:user-agent:references:in-reply-to :cc:mime-version:content-type:content-transfer-encoding:message-id; b=S88RbrChkt0BUwrBwrEpGYTtjuswT002i341KNUFxBfzw2GotVzQKzqqAmDv5Ibwt/ 5Ms3SQcpUT3VT/hPP1YatLI7MbrG6PLqo8RILkEPlfcXzt+1g5y8akelTEslddNW8B3K G1KXrQyEe5DmCB4i64D7LK/NdUHFAXOynjzn8= Received: by 10.150.84.41 with SMTP id h41mr2939614ybb.215.1213302532463; Thu, 12 Jun 2008 13:28:52 -0700 (PDT) Received: from ?0.0.0.0? ( [196.34.241.123]) by mx.google.com with ESMTPS id f78sm7811619pyh.34.2008.06.12.13.28.42 (version=TLSv1/SSLv3 cipher=RC4-MD5); Thu, 12 Jun 2008 13:28:49 -0700 (PDT) From: David Naylor Organization: Private To: Jeffrey Goldberg Date: Thu, 12 Jun 2008 22:24:13 +0200 User-Agent: KMail/1.9.7 References: <200806112225.36221.naylor.b.david@gmail.com> <200806121519.12820.naylor.b.david@gmail.com> <62860DF8-423D-48B3-9757-CC3D24732CF0@goldmark.org> In-Reply-To: <62860DF8-423D-48B3-9757-CC3D24732CF0@goldmark.org> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart6191335.KVvtVEzS8j"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200806122224.19147.naylor.b.david@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD and User Security X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jun 2008 20:28:55 -0000 --nextPart6191335.KVvtVEzS8j Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Thursday 12 June 2008 18:43:40 you wrote: > On Jun 12, 2008, at 8:19 AM, David Naylor wrote: > > I think this argument is rather mute, just because there are no > > programs > > exploiting security vulnerabilities does not been there are not > > vulnerabilities, > > But it is far from moot if you are interested in the actual threat > against your system. In a sense, using a less popular OS is a form of > "security by obscurity" which is not to be heavily relied on, but > still it does make a real, practical, difference in the case that you > described. Very true, however having a large scale usage of FreeBSD (for example, if a= =20 government were to adopt it) would bring pressure to bare. For anything bu= t=20 such a large scale adoption in the medium to long term then it is a=20 valuable 'asset'. =20 > > and a determined cracker would create his own program. > > You have not articulated what you are trying to defend against. Do > you anticipate determined crackers going after your particular system > and what resources will such attackers have? We can't talk about a > system being "secure" in general, but the question needs to be framed > in terms of "secure against what". This is a general enquiry. What had sparked my interest in this subject is= =20 the above mentioned article. In this case it is a workstation used to acce= ss=20 and manage account and cash flows. The threat would be anyone gaining acce= ss=20 to 'divert' funds to incorrect accounts, for obvious personal gains. =20 Specifically, the two threats would be remote attach (such as spyware being= =20 deployed, or gaining remote access) or physical access (in which case keepi= ng=20 the username and password safe will be the only option? Assuming their is = no=20 compromise on the human side) > > That said I hope there are, actually, no vulnerabilities. > > That is demanding too much. What you need to hope for is a > combination of "no known unpatched vulnerabilities at the moment" and > more importantly "procedures and practices to keep things that way". > As Bruce Schneier likes to say, "Security is not a product but a > process". The vast majority of actual system compromises involve > failure of system administrators to keep systems patched and follow > good security practices. Good point! Thank goodness for automatic signed incremental updates (that= =20 actually work) Leason: always keep your system up-to-date! (With security patches) > One reason that I switched from Linux to FreeBSD is that I find it > much easier to maintain FreeBSD, particularly in terms of security > updates. I have been responsible for Linux machines that did get > rooted because I was having problems keeping them up-to-date for a > variety of reasons. > > > [Security through obscurity is just an illusion] > > In your post you mentioned concern about spyware. It is not an > illusion that FreeBSD has not been targeted by spyware writers while > Windows has. Even if some of that is the consequence of security by > obscurity, it is no illusion. Of course we need to understand that > those security benefits from obscurity are fragile, but we shouldn't > dismiss it entirely. Point taken. =20 > Again, what sorts of benefits such things may add (or subtract) > depends on the nature of the attacker. Thank you for your feedback David --nextPart6191335.KVvtVEzS8j Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQBIUYXyUaaFgP9pFrIRAhgfAJ40fvuzNTjhYSz50Fq0JidYrWyIiQCfSVES 3W08V64vEIiCONwsa61Hg+0= =2DPo -----END PGP SIGNATURE----- --nextPart6191335.KVvtVEzS8j--