he is talking about the desktop, so there is security of course not the most important thing, especialy if you are just rewriting the complete X stack over the last years. On the desktop site, as developer you maybe think how do create a desktop or a backend that in the end brings more people to the linux desktop... because a developer that only codes for him self, or a developer that audience shrinks in extreme case is very frustrating, and you will quit that job at some time.
Originally Posted by schmidtbag
Again its no networkstack security stuff, and I am not shure if the enterprise linux systems have this bugs, and in many cases you can depend on that the users you gave a useraccount and have access to your intranet, are not attacking you. As example I had a job interview on a university, ok they use ubuntu so worst case it seems, but there only have pre-doctors access you can basicly think that they are not attackers. they have better stuff to do, and even if, if they attack stuff when they logged in with their accounts it is probably easy to find out who did damage stuff.
So there is maybe a reason for distries like debian and enterprise linuxes, if you have to update all 2 months to a new distri in a production environment you should maybe not hope this distros are multiuser-secure... I mean they should be secure for single-user systems... thats what desktop is primary, at thats the main target for systems like ubuntu.
And maybe offices where the users are no hackers but "moorhuhn" gamers.
I heared even from admins that they use systems (windows as clients in this case) that all 24 hours completly format the harddisks of the clients and copy over a windows image. So it seems at least windows is not (much) better in this sphere, it shure has a reason that they do that. not just for fun...
Last edited by blackiwid; 05-24-2013 at 09:55 AM.
Where *do* trolls come from? Is it a genetic mutation? Or do you need to have trolls for parents?
Originally Posted by BO$$
Just imagine how many vulnerabilities microscrap has that are hidden and unknown to the general public. These published vulnerabilities can (and will) be *fixed*. Unpublished flaws in binary crap *can't*.
Good luck with your microscrap.
Not really. At least, not in the way MS sees it. To corporate closed-source software vendors, it's all about image and PR. That's why microsoft spends so much money on astroturfing and spreading FUD about open source. They keep quiet about their own vulnerabilities, because you see, they don't care about the actual security of either OS (theirs, or Linux), they care about the public impression. Out of sight, out of mind, sadly.
Originally Posted by DaVince
They even sue people to keep their own vulnerabilities out of the public eye. Its frightening dealing with that crap. They'll go after you with the reverse engineering clause of their license, which is why MS vulnerabilities are kept close by those who find them, and exploited by people in places where MS has no legal recourse.... like China. Even if you can win against MS, it isn't worth the fight because they have virtually unlimited resources and WILL bankrupt you in the process.
Originally Posted by dee.
What this does, is it creates a totally different hacker culture. The MS side is dark and goes for the attack/damage aspects of hacking, because you can't be public about it. The Linux hacker culture is a bright and sunny place, full of happy nerds who have never been laid, eager to get their *real* name onto the discovery and/or the fix, hoping (unreasonably) that some *girl* will see it, be impressed, and put out.
This situation couldn't be better for Linux, or worse for wondoze. Linux grows stronger and more secure BECAUSE of the hacker culture, BECAUSE the vulnerabilities are exposed in public!!! wondoze is a stagnant cesspool of vulnerabilities and failure, constantly under attack, and always failing to stand up to the attack.... and then who saves them? Not their coders for sure, the internet saves them, the internet that runs on Linux and can filter out the attacks. All they need to do is sue everybody between them and the source of the attack.
NVIDIA's drivers are great... The best drivers you can get on Linux for gaming/3D-stuff/rendering. Even Optimus support is comming "soon"... Yes, they are not open-source, but that's not a reason to call them bad. ATI/AMD's blob drivers are bad on Linux (FGLRX). I can't agree more on that.
Originally Posted by blackiwid
I did not even say that they are bad, I did not the opposite too ^^ I just said it would be like somebody would say linux is bad because there are problems with this drivers, and there are problems with this drivers, you can say you think that they are not that big, but thats just a oppinion... and there are people bitching around why linux is so bad and breaks abi and stuff... so they basicly say linux is bad because linux developlment model isnt good.
Originally Posted by Sverro2
Yesterday I watched a youtube linux vs windows video, where somebody said there are problems with closed source drivers so linux would have not so good driver support than windows or something like that... and the point is if you think that this driver problems with closed source drivers (installation... ) are problems... if you see that that way... you have to blame nvidia not linux.
If you say thats all wonderful go ahead... but dont blame linux for problems that are caused by closed source drivers.
how many patch days or better years would microsoft have needed to fix at least most of so much bugs? Its fast... Xorg has a bit the problem that there are many many lines of code but way less developers as example the kernel has. hopefully that will be better with wayland
Last edited by blackiwid; 05-24-2013 at 03:48 PM.
I'm not surprised - I've been reading Google Chrome security fixes, and they've been finding a ton of issues in their code with AddressSanitizer, plus have been paying out a lot of money for each release on security fixes. And these are top-notch Google coders, working on 1 program.
Originally Posted by schmidtbag
Originally Posted by Sverro2
wooohoo how i love being drunk - go nv \o/ /o\
Does Google actually have any top-notch coders?
Originally Posted by Vadi