Discussion on:
View:
Show:
It's a no-brainer for the Government and Defense to run Linux even just for the fact do you want your systems controlled by a single company when a solution exists that is open enough for you to make it as hardened or capable as you would like? Any surprise China and Russia are supposedly moving away from Windows for Government and Defense systems?
For that matter, it's probably going to be a long haul from military applications to the civilian side of the Dep't of Defense. The last product to migrate from DOD to a consumer product was the ever-practical Hummer, and I think we all know how that turned out.
The real ones don't have solid real axles. In the event of a zombie apocalypse there's no way I'm jumping into your Toyota Crammery as opposed to an up armored Hummer! Fortunately the way things stand today industrial strength Linux makes just as much sense on the desktop as it does on the battlefield. There are no practical limitations like higher energy and entry costs, or a larger footprint to impede it.
What surprised me, as the author himself points out, is that they even thought it feasible to run with Windows in the first place. The thought of running any critical system where lives are dependent on Windows makes me shudder.
much technical training or knew anything besides Windows.
Most certainly they did. They knew all about cash... particularly of the variety that greases palms and lubricates contracts. There's a lot of money spent by certain representatives of certain companies to ensure that certain people see things in certain ways. And there's an old adage that says, "It's hard to teach a man something that isn't in his best interest to understand."
Was someone checking their face book while maintaining the plane and decided to use the planes computer to do it?
So, what happens if Windows decided to auto update and restart? Does the plane crash?
Is it 64bit? Does the Navy have to get MS to approve all the driver software for the missile systems and such?
So, what happens if Windows decided to auto update and restart? Does the plane crash?
Is it 64bit? Does the Navy have to get MS to approve all the driver software for the missile systems and such?
AFAIR, from the original media coverage (the virus infection came public about 6 months ago), the infected OS in question isn't on the unmanned aircraft, but rather is located at a base some where, on a bank of machines centrally controlling the drone fleet... so it's not just one drone, it's a whole section of them.
As for how, it was probably a USB key.
As for how, it was probably a USB key.
Do they have the tools and expertise they need to _really_ examine them? All of them?
real secure stuff.... I wonder if they found pictures of some soldiers kids in the drone's system logs...
Hi Jack,
Nice article, but had to differ from it at some point. Claiming that MS Windows is fundamentally an insecure OS, and removing from the conversation the fact that Linux has its security issues isn???t proper when talking about this.
In the matter of security there are no absolutes when it comes to which OS IS secure, and which isn???t. But definitely, and especially at an enterprise level, a key point in this issue is how supported is the security side of the environment we???ll going to deploy. People often tend to say that MS Windows is an unsecured OS, or more unsecured that one of its counterparts. And due to the fact that the probability of a security flaw in MS Windows being public is bigger people just say it???s unsecured as a whole.
But that doesn???t mean other OS, in this case Linux isn???t. I???ve learned from experience at an enterprise level with both OS that things can go wrong in Windows, and on Linux. And hey, don???t get me wrong, Linux is a strong and robust environment, but when things go wrong at a security level (and they will at some point) it gets really, REALLY bad.
My point is that making such statement is a little bit bold. IT pros and writers should be ???open??? with people about these topics, especially when it comes to security. I think the readers of this site aren???t only power users, there???s also IT enthusiast, or just decision makers that aren???t necessarily tech savvies. And instead of saying, ???hey, this one isn???t secure at all; give it a try to this other one?????? explain that the probability of a security issue can, and will arise no matter the OS, but featuring key points on how well does the given OS can support a comeback from an incident will do a better effect on affecting the adoption of one OS or another.
Nice article, but had to differ from it at some point. Claiming that MS Windows is fundamentally an insecure OS, and removing from the conversation the fact that Linux has its security issues isn???t proper when talking about this.
In the matter of security there are no absolutes when it comes to which OS IS secure, and which isn???t. But definitely, and especially at an enterprise level, a key point in this issue is how supported is the security side of the environment we???ll going to deploy. People often tend to say that MS Windows is an unsecured OS, or more unsecured that one of its counterparts. And due to the fact that the probability of a security flaw in MS Windows being public is bigger people just say it???s unsecured as a whole.
But that doesn???t mean other OS, in this case Linux isn???t. I???ve learned from experience at an enterprise level with both OS that things can go wrong in Windows, and on Linux. And hey, don???t get me wrong, Linux is a strong and robust environment, but when things go wrong at a security level (and they will at some point) it gets really, REALLY bad.
My point is that making such statement is a little bit bold. IT pros and writers should be ???open??? with people about these topics, especially when it comes to security. I think the readers of this site aren???t only power users, there???s also IT enthusiast, or just decision makers that aren???t necessarily tech savvies. And instead of saying, ???hey, this one isn???t secure at all; give it a try to this other one?????? explain that the probability of a security issue can, and will arise no matter the OS, but featuring key points on how well does the given OS can support a comeback from an incident will do a better effect on affecting the adoption of one OS or another.
what the major security holes in Windows were. But for those who don't, here's a short non-tech summary of the three more significant ones:
1. Built in back-doors to allow other Microsoft applications a faster access to hardware resources via bypassing security gateways.
2. Inclusion of applications within the kernel security fence instead of outside of it. Such as the browser and the GUI.
3. Patching over found security holes instead of rewriting the base code to close them out.
On top of that, because Microsoft Windows is proprietary code it's all but impossible to cut it down to only HAVE what you need in it, thus the resource allocations and accesses for other hardware and connections which you can remove in Linux can't be removed in Windows with such ease.
Some years ago I spent a lot of time rebuilding servers for secure gateways, to lock-down and secure a Unix or Linux box took about half an hour, including the Solaris systems, but to lock-down and secure a Windows NT box took from four to six hours or more, depending on where it went in the gateway. The main reason being things on the other systems that came turned off by default were turned on by default in Windows. This was the hardening of the box I'm talking about, not the actual installation - which was another matter and where Windows took a lot longer to do as well.
1. Built in back-doors to allow other Microsoft applications a faster access to hardware resources via bypassing security gateways.
2. Inclusion of applications within the kernel security fence instead of outside of it. Such as the browser and the GUI.
3. Patching over found security holes instead of rewriting the base code to close them out.
On top of that, because Microsoft Windows is proprietary code it's all but impossible to cut it down to only HAVE what you need in it, thus the resource allocations and accesses for other hardware and connections which you can remove in Linux can't be removed in Windows with such ease.
Some years ago I spent a lot of time rebuilding servers for secure gateways, to lock-down and secure a Unix or Linux box took about half an hour, including the Solaris systems, but to lock-down and secure a Windows NT box took from four to six hours or more, depending on where it went in the gateway. The main reason being things on the other systems that came turned off by default were turned on by default in Windows. This was the hardening of the box I'm talking about, not the actual installation - which was another matter and where Windows took a lot longer to do as well.
1. Backdoors to allow the vendor's apps to run better? Funny, we've been hearing that about Apple's products as well, so to say it's only a Microsoft issue is a little deceptive. Not to mention that the "backdoors" are only for the forthcoming Windows RT (i.e. Windows XP/Vista/7 programs all use the same Windows APIs, whether or not the programs are written by Microsoft or not)... & Windows RT isn't even out yet.
2. I'll admit to being a little unfamiliar with this one, in the sense that I'm still trying to figure out whether you mean that it's "good" or "bad" for a program to be running "inside the kernel security fence".
On the other hand, if you're meaning that Linux "sandboxes" applications so that they can't affect the system kernel... then first off you probably need to specify which version is actually utilizing the
3. First off, there are no operating systems out there, including Linux & Mac OS X, that operate on the principle of "we re-release the entire operating system & all of the associated files when we fix bugs & security holes, rather than just worrying about the affected files". When you're talking about file sizes that total up into the gigabyte range, it's bad customer service to make your customers download every single file again instead of just the ones that need to be fixed. More importantly, if the security hole is because of a problem in file X50, but files X01-49 are unaffected by both the security hole or the updated code, there's no need to force your users to download all 50 files again. That's like taking your car in for a factory recall of the seatbelt, but when you pick it up the dealership's tacked on a charge to tear apart & reassemble the engine "just for inspection purposes", even though a) the engine was fine, b) there was no factory recall on the engine, and c) you never told them you wanted the engine checked. Or imagine taking said car into your local mechanic for an oil change. He replaces the oil & the filter... but he doesn't rebore all of the oil channels in the engine block, or replace the entire oil pan & oil pump, as part of a routine oil change.
As for cutting down Windows to "what you need"... that's not really that hard, although the "average" Windows user might need a bit of assistance getting to the right sections of the OS to do it. But as a longtime Windows "power user", it takes me very little time with a new PC to "customize" it the way that I want it. Enterprise users are usually in an even better situation, because most IT departments remotely image the PCs as they need to, rather than individually customizing every single desktop & server.
2. I'll admit to being a little unfamiliar with this one, in the sense that I'm still trying to figure out whether you mean that it's "good" or "bad" for a program to be running "inside the kernel security fence".
On the other hand, if you're meaning that Linux "sandboxes" applications so that they can't affect the system kernel... then first off you probably need to specify which version is actually utilizing the
seccompfeature. Note that this is completely separate from Google using it for their Chrome browser (i.e. a single app vs. the entire OS). And you would also have to admit that the User Access Control feature of Windows 7 (& even Vista) is a big improvement over prior versions.
3. First off, there are no operating systems out there, including Linux & Mac OS X, that operate on the principle of "we re-release the entire operating system & all of the associated files when we fix bugs & security holes, rather than just worrying about the affected files". When you're talking about file sizes that total up into the gigabyte range, it's bad customer service to make your customers download every single file again instead of just the ones that need to be fixed. More importantly, if the security hole is because of a problem in file X50, but files X01-49 are unaffected by both the security hole or the updated code, there's no need to force your users to download all 50 files again. That's like taking your car in for a factory recall of the seatbelt, but when you pick it up the dealership's tacked on a charge to tear apart & reassemble the engine "just for inspection purposes", even though a) the engine was fine, b) there was no factory recall on the engine, and c) you never told them you wanted the engine checked. Or imagine taking said car into your local mechanic for an oil change. He replaces the oil & the filter... but he doesn't rebore all of the oil channels in the engine block, or replace the entire oil pan & oil pump, as part of a routine oil change.
As for cutting down Windows to "what you need"... that's not really that hard, although the "average" Windows user might need a bit of assistance getting to the right sections of the OS to do it. But as a longtime Windows "power user", it takes me very little time with a new PC to "customize" it the way that I want it. Enterprise users are usually in an even better situation, because most IT departments remotely image the PCs as they need to, rather than individually customizing every single desktop & server.
1. I did NIT say it was only Microsoft, but I did say it was an issue with Microsoft. I don't know about Apple as I've not used their software or read much along that lines.
2. It's bad for ANY app to have a direct line in that bypasses the security checks. As to running inside the kernel itself, I think that's bad as it means the kernel now has only the same security as the app - which lowers the security.
3. Linux frequently release kernel upgrades where they've re-written the kernel code to fix a noticed or perceived problem, or added to the kernel to deal with the changes in the hardware. Outside the kernel is all the stuff to work the apps etc and you can pick and choose what you want, you don't get any stuffed in regardless of if you want it or not.
I like the car analogy as the Microsoft approach DOES require you yo return the car to fix a problem with the seat belt as everything is locked in place, while the Unix / Linux approach is to allow you to remove the seatbelt and send that in by itself.
.........................
I've been using and customising Microsoft software since the days of DOS 2. I've worked extensively with every version of Windows since Win 3, as Win 1 and 2 weren't that available here in Australia, except Vista and Win 7 - only a little experience with them. However, customising and removing (cutting out) things are two different kettles of fish. I can customise my Windows XP to work with Fire Fox, but I can NOT remove the basic code from the Windows system to take out all the code of MSIE. I can customise my office software by using another product or only the ones that I want, but I can NOT cut out and remove the back-doors Microsoft have to allow the other MSO products to bypass the security checks. If there is something in the Windows kernel or system that I do NOT wish to sue I can sometimes turn them off, but I can NOT take them out and not have them on the system at all, but you can do that with Linux and Unix. The modular approach and keeping the core kernel relatively small and tight (compared to most others) makes it possible to remove what you don't need. For example:
O want an embedded OS to run a piece of equipment but I don't want it to have any network access at all, simple in Linux, I just ensure all the code relating to that is not included in the finished product, thus there is NO way that it can access a network. In Windows the best i can do is turn it off and hope someone doesn't turn it back on at a later date.
2. It's bad for ANY app to have a direct line in that bypasses the security checks. As to running inside the kernel itself, I think that's bad as it means the kernel now has only the same security as the app - which lowers the security.
3. Linux frequently release kernel upgrades where they've re-written the kernel code to fix a noticed or perceived problem, or added to the kernel to deal with the changes in the hardware. Outside the kernel is all the stuff to work the apps etc and you can pick and choose what you want, you don't get any stuffed in regardless of if you want it or not.
I like the car analogy as the Microsoft approach DOES require you yo return the car to fix a problem with the seat belt as everything is locked in place, while the Unix / Linux approach is to allow you to remove the seatbelt and send that in by itself.
.........................
I've been using and customising Microsoft software since the days of DOS 2. I've worked extensively with every version of Windows since Win 3, as Win 1 and 2 weren't that available here in Australia, except Vista and Win 7 - only a little experience with them. However, customising and removing (cutting out) things are two different kettles of fish. I can customise my Windows XP to work with Fire Fox, but I can NOT remove the basic code from the Windows system to take out all the code of MSIE. I can customise my office software by using another product or only the ones that I want, but I can NOT cut out and remove the back-doors Microsoft have to allow the other MSO products to bypass the security checks. If there is something in the Windows kernel or system that I do NOT wish to sue I can sometimes turn them off, but I can NOT take them out and not have them on the system at all, but you can do that with Linux and Unix. The modular approach and keeping the core kernel relatively small and tight (compared to most others) makes it possible to remove what you don't need. For example:
O want an embedded OS to run a piece of equipment but I don't want it to have any network access at all, simple in Linux, I just ensure all the code relating to that is not included in the finished product, thus there is NO way that it can access a network. In Windows the best i can do is turn it off and hope someone doesn't turn it back on at a later date.
We need documented verified proof of the back doors rather than any stated opinion of said back doors. If no proof is provided, then they do not exist.
Every time we've heard about a virus using a Microsoft application to springboard into the operating system it's due to the virus utilising the back-door created for that application. The records are full of dozens of such attacks, check the archives. Microsoft has previously admitted they create alternate ways past certain security features to enable their products to run faster on Windows.
If you have had any experience with Windows Server 2008 you'd know how easy it is to define roles and limit the installation of certain responsibilities. You can even install WS2008R2 without a GUI to limit the attack vector even more. Your point is well made, but old and not representative of where Windows is today.
how come it isn't used in secure gateways as a critical server. The last time I checked the Windows Server 2008 did not have a DoD compliance tag for use in high security areas.
The majority of the issues with security in Windows, especially the desktop version, which is what we're talking about, are still valid today as they were seven years ago when I last hardened a high security server.
The majority of the issues with security in Windows, especially the desktop version, which is what we're talking about, are still valid today as they were seven years ago when I last hardened a high security server.
The notion is sound; IE, Windows Explorer and a couple of others may well allow back-doors for kernel level exploits, but the Server Core installs allow the system to run without these components. Its arguable that the drones in question don't (didn't) use the server OS, but personally, the notion that a pilotless aeroplane needs a full-blown desktop OS begs a few questions. Surely from the vehicle's point of view, it needs guidance, instrument control, navigation etc, but a full GUI driven OS??? Is the US military incapable of working without a GUI? I'm concerned that the world's dominant super power cannot manage its weapons with a mouse.
Second point. The author assumes that this one event will translate to all government systems and subsequently universities and home users migrating. Well, after considering the above re: "WTF, a GUI?", I'm left thinking these are wildly different audiences with a huge disparity in OS requirements. I very much doubt that there's a huge call for OS lockdown via GPO or similar in an environment where the primary end user is a drone airplane. On the other hand, government organizations, universities, businesses etc require the granular and flexible control over their devices to ensure the correct configuration ends up on the right machines. IF Linux of any flavour produces a control suite that can rival AD and GPOs, maybe enterprises will consider it. And yes, support for legacy applications are also of some limited concern.
I'm not rubbishing the notions being put forward, merely highlighting a portion of the mass of obstacles requiring addressing before that happens. And frankly, until they do happen, business will use Window. And until business starts switching to Linux for end users, home users will by and large remain ignorant of the options.
Second point. The author assumes that this one event will translate to all government systems and subsequently universities and home users migrating. Well, after considering the above re: "WTF, a GUI?", I'm left thinking these are wildly different audiences with a huge disparity in OS requirements. I very much doubt that there's a huge call for OS lockdown via GPO or similar in an environment where the primary end user is a drone airplane. On the other hand, government organizations, universities, businesses etc require the granular and flexible control over their devices to ensure the correct configuration ends up on the right machines. IF Linux of any flavour produces a control suite that can rival AD and GPOs, maybe enterprises will consider it. And yes, support for legacy applications are also of some limited concern.
I'm not rubbishing the notions being put forward, merely highlighting a portion of the mass of obstacles requiring addressing before that happens. And frankly, until they do happen, business will use Window. And until business starts switching to Linux for end users, home users will by and large remain ignorant of the options.
The reason why Linux or any *nix is fundamentally more secure than Windows is that they implement Privilege Separation at an architectural level. User programs can't see memory for kernel or Server Daemons.
Windows does not incorperate privilege separation at an architectural level and is much more susceptitle to viruses running as normal users. Windows Vista/7 has tried to fix this problem with UAC and has better security than before. But they will never be as secure as *nix box until they rewrite OS from the ground up. These comments about all OSes being just as susceptible are BS. History has proven MS OSes are not secure.
Windows does not incorperate privilege separation at an architectural level and is much more susceptitle to viruses running as normal users. Windows Vista/7 has tried to fix this problem with UAC and has better security than before. But they will never be as secure as *nix box until they rewrite OS from the ground up. These comments about all OSes being just as susceptible are BS. History has proven MS OSes are not secure.
Microsoft has the exact same concept, they just operate from an allow first standpoint. The minwin kernel was completely rewritten, and sans loading rootkit-like software, you can't observe the kernel's memory ops.
If linux wasn't susceptible to the same types of insecurity, you wouldn't need Bastille.
If linux wasn't susceptible to the same types of insecurity, you wouldn't need Bastille.
Isn't the "allow first" concept kind of like building a fence around your property, then not closing any of the gates?
What's the point?
What's the point?
The great majority of what Microsoft sells as an OS is the desktop version, and while I agree the drone doesn't need a desktop system there aren't all that many choices from Microsoft as it's basically Windows XP/Vista/Win 7 desktop or Windows Server 2003/2008 - I very much doubt they'd have put Windows server on the drones. I don't know what the prices are like where you are, but down here Windows Server is four times the price of the desktop premium version. Another aspect is I got the impression the software also includes the control software on the operator's console.
Unix and Linux have better options that the Microsoft options available and they've been around for many years, the only trouble is Microsoft goes to great efforts to make sure they do NOT work well with the Microsoft systems with ease. Also, a lot of the people in the upper management have been Microsoft only people for years and don't what is really available outside of Microsoft Windows - thus the issue with the DoD project I mentioned in my other post. However, many organisations still use the Unix and Linux servers for reliability and security reasons.
However, whatever way you try to slice this, it's a loot easier to specialise a custom system with Unix or Linux than it is with Windows, that's why so many embedded systems for manufacturing systems and white good run on special build Linux operating systems and the government hardware can be made the same way with just as much ease.
Unix and Linux have better options that the Microsoft options available and they've been around for many years, the only trouble is Microsoft goes to great efforts to make sure they do NOT work well with the Microsoft systems with ease. Also, a lot of the people in the upper management have been Microsoft only people for years and don't what is really available outside of Microsoft Windows - thus the issue with the DoD project I mentioned in my other post. However, many organisations still use the Unix and Linux servers for reliability and security reasons.
However, whatever way you try to slice this, it's a loot easier to specialise a custom system with Unix or Linux than it is with Windows, that's why so many embedded systems for manufacturing systems and white good run on special build Linux operating systems and the government hardware can be made the same way with just as much ease.
Since you can customize and streamline the setup of Windows Server, that is precisely what they should have used for their control systems. The drones themselves likely are more advanced versions of any remote controlled aircraft but with layers of encryption. They probably also have considerably higher powered telemetry most likely operating in the near infrared frequency ranges. I doubt you are going to find those drivers on Windows Update ... lol
Speaking of the price, stop for a second and think about who we are talking about here; Ok, did that come to you? Yes, exactly they do not care about the price! After all, it is not their own money they are spending!
Speaking of the price, stop for a second and think about who we are talking about here; Ok, did that come to you? Yes, exactly they do not care about the price! After all, it is not their own money they are spending!
I agree that if you MUST go with Windows server would be better than the desktop version, however, a much smaller and easier to slice up Linux / Unix set up would be much faster and better than anything you can do with Windows.
After all, if you're spending too much for the system, you can't buy as many as you want.
And it is their money; I've no doubt everybody involved in the project is a U.S citizen and taxpayer.
And it is their money; I've no doubt everybody involved in the project is a U.S citizen and taxpayer.
Probably someone had re-used an USB-key not knowing it was contaminated. Could have been a deliberate effort of course, but wouldn't have to be, with autorun and all that.
I shudder to think that they would not know to disable the autorun feature. But, it would not surprise me.
Odds are that they'll get burned a couple of times before they get it.
If this was an autorun exploit that makes two publicly known burns... so, one or two more times will probably be required for the lesson to make it through.
If this was an autorun exploit that makes two publicly known burns... so, one or two more times will probably be required for the lesson to make it through.
Obviously the drone itself does not need an entire OS. The drone would run code that runs in real-time for speed and reliability, like any aircraft. However, the drones are remote controlled by military gamers. Most likely they do not like working without a mouse for their war games. Only a fool would load up a critical system with all that bloated code and expect microsecond response time and telemetry security.
You do realize that these drones are piloted by humans on the ground, right? They have their nice recliners with joystick watching the screen to see what the camera feeds as well as other instrumentation are showing them on their COMPUTER MONITOR in front of them. Does that explain their use of the GUI?
programs that can by initiated once they're ion their area of operations, and to get to their area of operations, so the operator doesn't have to sit glued to the screen all the time.
Also, the GUI does NOT have to be a full blown Windows GUI, just what's needed for the job - that is something that displays the info from the sensors and the cameras, which could just as easily be an app running on DOS or similar - like they used to in the pre Windows days for games.
Also, the GUI does NOT have to be a full blown Windows GUI, just what's needed for the job - that is something that displays the info from the sensors and the cameras, which could just as easily be an app running on DOS or similar - like they used to in the pre Windows days for games.
In fact, Windows Server 2008 R2 has achieved Common Criteria Evaluation Assurance Level 4 with augmentation (EAL4+). Common Criteria certification is an international standard for helping to ensure that IT products conform to stringent security requirements and is a mandatory procurement requirement for U.S. defense and national security customers.
short of what's needed for high security.
re "but featuring key points on how well does the given OS can support a comeback from an incident will do a better effect on affecting the adoption of one OS or another."
Exactly how could any OS "comeback from an incident" that unleashed a host of armed drones that take out a presidential palace or a hospital ?
Exactly how could any OS "comeback from an incident" that unleashed a host of armed drones that take out a presidential palace or a hospital ?
While there is no question this is a wonderful news, I strongly believe this is the wrong reason. At this time it is possible, and actually not so difficult, to make a windows based system just as hard to break in as a linux system.
The main reason why Windows is plagued by viruses and not MacOS or Linux or other OSes is a pure cost/benefit balance. Not design (anymore).
Market shares make it so that for the same effort at exploiting a flaw your return will be much better if you target Windows than if you target linux. Apple's success made that change and we've recently seen the first successful malware for MacOS, showing that some believe that with the same effort a good enough return can be gained if MacOS is targetted.
Linux is supposed to be inherently safe by design, well probably (although the openbsd crew might want to comment on that), then why so much trouble on linux-based android ?
In this day and age computer (server, desktop, tablet, embedded system) security is much more a matter of configuration than design. Making sure that the configuration is right while being functional is O so tedious, O so much time consuming, O so not perceived as "productive".
The main reason why Windows is plagued by viruses and not MacOS or Linux or other OSes is a pure cost/benefit balance. Not design (anymore).
Market shares make it so that for the same effort at exploiting a flaw your return will be much better if you target Windows than if you target linux. Apple's success made that change and we've recently seen the first successful malware for MacOS, showing that some believe that with the same effort a good enough return can be gained if MacOS is targetted.
Linux is supposed to be inherently safe by design, well probably (although the openbsd crew might want to comment on that), then why so much trouble on linux-based android ?
In this day and age computer (server, desktop, tablet, embedded system) security is much more a matter of configuration than design. Making sure that the configuration is right while being functional is O so tedious, O so much time consuming, O so not perceived as "productive".
See my previous post on why MAC OS, Linux and Unixes are more secure.
Next point. Android is not Linux. Android uses a heavily modified Linux Kernel and most of the software on top of that is Google's Code and not from Linux.
Next point. Android is not Linux. Android uses a heavily modified Linux Kernel and most of the software on top of that is Google's Code and not from Linux.
Then I guess I'm not running Linux either, even though I run Debian GNU/Linux. Because the kernel code only comprises about 0.002% of my binaries, and the kernel source is heavily modified by my distribution maintainers too.
Maybe Android is Linux too? Perhaps you've a personal axe to grind with Android though. I can see no better reason why you'd use such absurd logic to claim that Android isn't Linux. Or are you just stupid?
Maybe Android is Linux too? Perhaps you've a personal axe to grind with Android though. I can see no better reason why you'd use such absurd logic to claim that Android isn't Linux. Or are you just stupid?
Was the last sentence really necessary?
You made your point without it.
You made your point without it.
Then go find a priest or health care worker. If you're looking for one here I have to question your priorities. This whole site is a joke. But I like a good joke just as much as the next guy.
The only web site I take seriously is weather.com Even it is a bit iffy when it comes to forecasting. I love the weather in motion button though!
I should put a shout out for these guys too:
http://www.wunderground.com/ -- a serious website that might in fact cover events that will directly impact you! The crap here, no.
The only web site I take seriously is weather.com Even it is a bit iffy when it comes to forecasting. I love the weather in motion button though!
I should put a shout out for these guys too:
http://www.wunderground.com/ -- a serious website that might in fact cover events that will directly impact you! The crap here, no.
You sure seem to be putting a fair amount of time into this "not serious" discussion - 29 posts by my count (which I could've miscounted slightly, it's not outside the realm of possibility)...
If this forum is so beneath your "conversational sensibilities," why are you putting so much effort into it?
I'm just sayin'...
If this forum is so beneath your "conversational sensibilities," why are you putting so much effort into it?
I'm just sayin'...
You may just be saying but perhaps you are not thinking. I may just enjoy light entertainment.
http://www.youtube.com/watch?v=wdoGVgj1MtY
http://www.youtube.com/watch?v=wdoGVgj1MtY
Any computer system is only as safe as the competence level of its user. Since about 90% of people are inept at their jobs, you can understand the problems with security. Yes, it is entirely possible to lock down a Windows system just as securely as a Linux, or Unix, box. However, this need for having the computer itself run everything on the CPU is a very bad method of achieving that security.
Any secure system needs to move critical systems like firewalls and routing off of the CPU entirely. IT consultants know that the more work the CPU does, for sound, video and other "control" type of systems, the less stable the OS is as you introduce a chain scenario. If everything hangs in a long string on a single chain that system is heading for a major catastrophe. Many consumer level PCs are designed this way to save costs. More reliable systems will diversify and break up that load and let the CPU organize and control the flow of data instead of trying to do all the work itself. That is what separates a real workstation or server from a regular personal computer. Just like any other human system, be it a city, a company, or any set of networked control systems, each part of the system needs to have hardened error checking and recovery routines, and a level of autonomy to "breathe" and deal with timing issues and errors. If you pin everything into one person, chip, or module, you only have to have one failure or lock up and you lose everything. I know the government is above that from their experience with submarine and missile control systems. I can assure everyone that the story of a drone running Windows is merely amusing media spin, and not accurate at all.
Any secure system needs to move critical systems like firewalls and routing off of the CPU entirely. IT consultants know that the more work the CPU does, for sound, video and other "control" type of systems, the less stable the OS is as you introduce a chain scenario. If everything hangs in a long string on a single chain that system is heading for a major catastrophe. Many consumer level PCs are designed this way to save costs. More reliable systems will diversify and break up that load and let the CPU organize and control the flow of data instead of trying to do all the work itself. That is what separates a real workstation or server from a regular personal computer. Just like any other human system, be it a city, a company, or any set of networked control systems, each part of the system needs to have hardened error checking and recovery routines, and a level of autonomy to "breathe" and deal with timing issues and errors. If you pin everything into one person, chip, or module, you only have to have one failure or lock up and you lose everything. I know the government is above that from their experience with submarine and missile control systems. I can assure everyone that the story of a drone running Windows is merely amusing media spin, and not accurate at all.
Every time I see that word, it reminds me of Animal House. The parade scene with Kevin Bacon in uniform screaming "All is Well. "
It doesn't matter how much you say it means nothing, the fact that the controlling system got a virus and the fact that it was running Windows of any kind does matter.
It shows how vulnerable running Windows makes you. I'm not claiming 100% safety running iOS, Ubuntu, Red Hat, Fedora, BSD, Solaris or even a roll your own Linux. However, I am claiming a much better chance at it.
All is not well. Using an OS built with security in mind helps to get one step closer.
It doesn't matter how much you say it means nothing, the fact that the controlling system got a virus and the fact that it was running Windows of any kind does matter.
It shows how vulnerable running Windows makes you. I'm not claiming 100% safety running iOS, Ubuntu, Red Hat, Fedora, BSD, Solaris or even a roll your own Linux. However, I am claiming a much better chance at it.
All is not well. Using an OS built with security in mind helps to get one step closer.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
