No one believes it, and you're not making us think you have a big dick.
Also - not what I claimed. I claimed condoms break easily, and to be honest it doesn't really have much to do with the size - it's more about adequate lubrication for the full duration.
Oh so now you're not claiming you have a big dick but that you last forever. Your girlfriend must be impressed
whoa. hold on there.
you're saying we have crappy GUI webapps, and the reason they are so crappy is because a designer (ie a non-coder) created them and not a programmer.
No, I said "web sites and applications that don't work like they should". The applications in question may be visually stunning but if they don't work reliably then what they look like is a moot point.
If there's one thing I know, its this: Never let a programmer create any form of GUI.
Comes back to my point about using the correct tool for the job. Either way I find an application that reliably performs its intended task but has a horrible UI much more valuable than an application that doesn't perform it's intended task but has a beautiful UI.
In an ideal world, we'd have design separate from the code
Agreed. Not familiar with Flash and it's tools but definitely seen improvement in this realm from Microsoft with WPF/Silverlight/XAML and the Visual Studio/Expression tools. It's far from perfect but definitely a step in the right direction from Winforms
Wake me up when Microsoft comes up with a tool that allows non-coder graphic designers or animators to create entire apps in Silverlight with the same ease that you can with Flash.
The assumption that a non-coder can code an application (using any tool/language/whatever) is exactly why the web is littered with crappy web sites and applications that don't work like they should.
People have skills in particular areas and need to recognize that and know when to ask for help. For instance I have a knack for coding but not graphics/design. So when I'm coding up a new web application I go search for a template/designer/whatever I need to fill the gap in my skill set.
Have you ever seen a shell server compromised by a non-customer? You are talkling about your shitty little ISP experience, not some theoretical possibility, right?
Yes I have. Must be nice to live in a world where the only possibilities are the ones you believe.
Don't even try that shit. Your most prominent statement was the claim that you have observed that Linux servers were compromised more often than Windows server. You backed it with fallacies, spin and your experience that -- if it was true or relevant in the first place -- is in no way applicable for any comparison.
No my most prominent statement was "in my experience" and then I went on to convey that experience. Sorry my experience is that of the Linux/Windows servers I've had on the internet and the Linux servers being compromised more than my Windows servers. I know my personal real world experience is really upsetting you but I even gave very clear reasons as to why my experience was such. You want to ignore all that and pretend that I said "Windows is more secure than Linux" or "Windows is easier to maintain than Linux"
If you want to discuss your most idiotic (though less prominent) claim that one has to be "vigilant" to run Linux servers in a secure manner (as opposed to merely implementing well-known sane policies and apply updates when they are released), you are welcome to do it after renouncing your claims of having demonstrated it with your shitty experience running shell servers.
If you want to twist my words into something I didn't say then go right ahead. My point was that unless you are vigilant on security under ANY operating system then you will be less secure than someone else who is.
PS: "...to merely implementing well-known sane policies and apply updates when they are released..." is being vigilant about security. A home user that ignores updates is not being "vigilant" about security.
1. All compromises of a Linux shell servers ARE privilege elevation -- because every intruder starts from having a valid local an account on it.
Are you for real? A non-customer would not have a local account.
2. A privilege elevation on a Windows server would not even be an exploit because Windows server does not run untrusted content -- if you have an account on hosted Windows server that can install things, you are its administrator already, so there is nothing to exploit.
Why are you still arguing Linux vs. Windows? My post has never had anything specific to Windows vs. Linux and you'd know that if you bothered to read before responding.
3. Windows desktops suffer from privilege escalation exploits all the time. So would any system that would provide remotely accessible shell accounts on Windows server.
Sigh...
4. You are still pretending that anything you have observed has something to do with remote exploits, quality of maintenance, and other irrelevant and stupid statements that you made and I have ignored.
Again if you'd read my posts you'd know what my point is. I'll give you a hint, it has nothing to do with anything you wrote there.
I wonder why did you make such an omission. Perhaps to create an appearance of support for your completely invalid claims?
First I fail to see how my claim is invalid. It's popular belief that software X is more secure than software Y simply because it is less desirable for someone to attack.
So how do you compare exploits seen by a Linux shell provider with exploits you have seen being a Windows shell provider?
Ummm because my point was that machines with higher value (ie: ones customers use/have access to) are of more likely to be attacked...
And you conveniently did not mention that you counted exploits on a poorly run shell server vs. Windows "server" that never runs anything you didn't put on it (and they apparently still were copromised, just less often than your shell servers).
I mentioned my compromised MS-DOS machine more as a joke (I was probably 12, running a BBS gave the wrong person sysop...)
I think the Linux servers were maintained pretty well actually but what do I know? Oh and I clearly mentioned the difference between users having access to my Linux servers and not my Windows Servers.
If it's too hard for you guys to see my point because I mentioned Linux and Windows in the same post and got your panties in a bunch then think about this...
My console is connected to the internet. To an attacker it's a lower value target than say a PC on the same network that I do my online banking on. Just because my console is lower value to an attacker doesn't inherently doesn't make it any more or less secure than my PC.
Reference please? Which Linux servers? Red-hat? Debian? SELinux enabled?
Sounds like you know a lot about the subject..
This was between 1999 and 2003 when a partner and myself were running a small web hosting/shell company Mach Nine Internet Services, http://www.mach-nine.com/ (under construction now?), http://www.lomag.net/information/news.php
Always Redhat... started with 6 (which was the 2.2 kernel...) and think we ended at 7.1.
In any case this small period of time was the only time I've had Linux servers publicly available on the internet and two of three machines were rooted due to a (2.4?) kernel flaw that made it trivial to escalate privileges if you had a shell (which being a shell provider...). Since then I've had several Windows servers publicly servicing the internet but the difference is that they are for my personal use and not high profile (in relation to my old Linux servers) targets.
My statement was not one about the inherent security of one OS over the other. There is more I could have done to prevent the root attacks on the Linux machines and I don't deny that. I'm repeating myself here but my point was:
In general it's not the OS keeping you secure it's how valuable of a target you are and how vigilant you are at security.
It's not a PDF flaw, it's a flaw in Linux kernel. The malicious PDF file was just an example for an attack vector. You know, the same way it works in Windows. No system is immune to these kind of attacks, the only reason Linux and Macs see them less is because most of the users are on Windows (especially the "stupid" or casual ones). Not even the walled gardens like iPhone, where PDF attack was used to root and jailbreak the system just recently.
You got it spot on. Although in my personal experience I've had more Linux servers compromised than Windows ones. Could be the fact that in general my Linux servers are exposing services to the internet where as my Windows servers are not. Or it could be the fact that at times questionable users (ie: customers) have had access to my Linux boxes. Oh and then there was one time my MS-DOS server was compromised (lol).
In general it's not the OS keeping you secure it's how valuable of a target you are and how vigilant you are at security.
"Marriage is low down, but you spend the rest of your life paying for it." -- Baskins
